In part 2 of this two-part series, Akamai researchers detail methods and attack imitations within DHCP to spoof DNS — and introduce a new tool for your toolkit.

As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerability research, and malware analysis. Patch diffing is a technique widely used to identify changes across versions of binaries as related to security…

Summary

Summary

Umpteenth time that you will see a lateral movement based on DCOM. This time it's Visual Studio.

A reconnaissance tool for capturing and displaying SSIDs from device's Preferred Network List. - AleksaMCode/Preferred-Network-List-Sniffer

ngrok Collaborator Link — yet another Burp Collaborator alternative for free with ngrok. - dwisiswant0/ngocok

The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.

Active Directory and Internal Pentest Cheatsheets

Today, even despite attempts to alert Google over a month ago that there is an ongoing 0-day being exploited by Infostealer groups.

The perfect butler for pentesters, bug-bounty hunters and security researchers - groundsec/secbutler

Recent iPhone models have additional hardware-based security protection for sensitive regions of the kernel memory. We discovered that to bypass this hardware-based security protection, the attackers used another hardware feature of Apple-designed SoCs.

Parsing MSDN to discover potentially abusable APIs

A fast and comprehensive tool for organizational network scanning - pptx704/domainim

Posted by rythmiclizard - No votes and 6 comments

In 2014 Google researchers discovered strange interference between memory locations in DDR3, DDR4, and DDR5 Random Access Memory (RAM.) On…

Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.

Lumma Infostealer’s cookie restoration method operates by leveraging a key from restore files, allowing the revival of expired Google cookies

514K subscribers in the netsec community. /r/netsec is a community-curated aggregator of technical information security content. Our mission is to…

Automatic authorization enforcement detection extension for burp suite written in Jython developed by Barak Tawily in order to ease application security people work and allow them perform an automa...

This tool allows you to perform OSINT and reconnaissance on an organisation or an individual. It allows one to search 1.4 Billion clear text credentials which was dumped as part of...