Azure mindmap for penetration tests. Contribute to synacktiv/Mindmaps development by creating an account on GitHub.

File name: 6558073e997da5ca440b5a4b.exe

Microsoft has uncovered a supply chain attack by Diamond Sleet involving a malicious variant of an application developed by CyberLink Corp.

Think your password is strong? Ever trusted a password strength tool online (or maybe you don't trust anything)? You might be surprised to see how far off the mark some of the most popular password strength tools are.

CVE-2023-46604 discloses a Remote Code Execution (RCE) flaw within Apache ActiveMQ. This vulnerability is trivial to exploit and its leveraged by threat actors.

Hide 🕵️‍♂️ your files of any type inside a image of your choice using steganography - GitHub - JoshuaKasa/van-gonography: Hide 🕵️‍♂️ your files of any type inside a image of your choice using ste...

Comprehensive guide on how to convert your RCE vulnerability into a fully functional metasploit module, that will spawn any payload. We use CVE-2023-32781 as our example.

Pen Test Report Generation and Assessment Collaboration - factionsecurity/faction

Azure Active Directory (Entra ID) stands as one of the most popular and widely-used cloud-based identity and access management services provided by Microsoft. It serves as a comprehensive solution for managing user identities and controlling access to a diverse…

A Slack bot phishing framework for Red Teaming exercises - GitHub - Drew-Sec/EvilSlackbot: A Slack bot phishing framework for Red Teaming exercises

LostTrust Ransomware malware technical analysis and research

A fast domain and typosquatting discovery tool

“The attack surface is the vulnerability. […]

Information Rights Management extends far beyond traditional data security measures. It is the solution that allows organizations to maintain the integrity of their data, protecting it from unauthorized access and potential breaches. It secures critical information…

Protecting your user's personal medical information is vital in healthcare apps. Here's how to make sure you're doing everything to keep that data safe -

TL;DR An overview of a fuzzing project targeting the Hyper-V VSPs using Intel Processor Trace (IPT) for code coverage guided fuzzing, built upon WinAFL, winipt, HAFL1, and Microsoft’s IPT.sys....

Analyze HTTP and DNS requests and create custom DNS records for your subdomain.

Breaking and fixing the Bluetooth standard. One More Time.
Paper Slides Toolkit CVE-2023-24023 BT SIG note

Security experts

Unmasking the Dark Art of Vectored Exception Handling: Bypassing XDR and EDR in the Evolving Cyber Threat Landscape - Download as a PDF or view online for free