Latest: 4/02/24 version: 0.9.9 First published 10/26/23. Shiny new things Inverting DNN models with a framework A threat intelligence update to the ML Pipeline Attacks on Ray Updates to repeated tok…

One interesting thing about the contrast between infrastructure and security is the expectation of open-source software. When a common problem arises we all experience, a company will launch a product to solve this problem. In infrastructure, typically the…

Personal blog of Julien (jvoisin) Voisin

At HackerOne, we are combining human intelligence with artificial intelligence at scale to improve the efficiency of people and unlock entirely new capabilities.

NetSupport Manager is one of the oldest third-party remote access tools still currently on the market with over 33 years of history. This is the first time we will report on a NetSupport RAT intrus…

Specter Insight ACHIEVE YOUR OBJECTIVES SpecterInsight is a cross-platform, post-exploitation command and control framework based on .NET for red team engagements, threat emulation, and training. F…

Red Teaming, one of the best ways to accurately determine your organization's cyber resiliency. But at what cost?

Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. The amount of effort that went into creating the framework is truly remarkable, and its disclosure was…

Disclaimer All projects mentioned in this blog post have been contacted, and I confirmed that the behavior described in this article is either working as intended, already fixed, or will not be fixed.
TL;DR The browser loads elements in the HTML from top…

Ever wanted to hack your Wi-Fi network, but your internal adapter doesn’t support monitor mode and you don’t have external adapter? Without switching your Wi-Fi adapter in to monitor mode, WPS attacks allows you to perform various attacks on wireless access…

Convert little-endian to big-endian and vice-versa - r0075h3ll/Endomorph

Discover John the Ripper's password-cracking prowess. Crack Windows 10, 8, and 7 passwords and extract hashes with ease.

Throughout our extensive OPC UA Deep Dive Series, we researched the OPC UA protocol and its different functions and importance within operational technology (OT) environments. The centerpiece tool of our work is an advanced OPC UA Exploit Framework we built…

WolfPack combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale. - GitHub - RoseSecurity-Research/WolfPack: WolfPack combines the ca...

Data-Bouncing - The art of indirect exfiltration. Using & Abusing Trusted Domains as a 2nd Order Transport.

Discover John the Ripper's password-cracking prowess. Crack Windows 10, 8, and 7 passwords and extract hashes with ease.

Introduction