On September 20th, 2023 a member of the huntr community reported an issue in Triton where a file traversal vulnerability lead to the ability to overwrite any file on the server when Triton is run using a non-default configuration option. 

Notes about attacking Jenkins servers. Contribute to gquere/pwn_jenkins development by creating an account on GitHub.

Decrypt AsyncRAT configurations effortlessly using CyberChef with our step-by-step guide. Dive into the recipe and enhance your malware analysis skills.

Playing Chess is one of the many hobbies I like to do in my spare time, apart from tinkering around with technology. However, I'm not very good at it, and after losing many games, I decided to see if I could do something I'm much better at; hacking the system!

A step by step blog on how to build a password cracker for professional cracking.

A tool that allows you to convert NMAP results to html, csv, json, markdown, graphviz (dot) or sqlite. Simply put it's nmap converter. - GitHub - vdjagilev/nmap-formatter: A tool that allow...

Execute shellcode files with rundll32. Contribute to florylsk/ExecIT development by creating an account on GitHub.

TyphoonCon conference and training focus on highly technical offensive security topics.
The event is organized by SSD Secure Disclosure.

By Oleg Zaytsev, Nati Tal (Guardio Labs)

Key Takeaways In late December 2022, we observed threat actors exploiting a publicly exposed Remote Desktop Protocol (RDP) host, leading to data exfiltration and the deployment of Trigona ransomwar…

The Orca Research Pod has discovered a risk in Google Kubernetes Engine (GKE) that would allow an attacker with any Google account to take over a Kubernetes cluster. Learn about this risk dubbed Sys:All and the recommended actions to take.

This webinar will focus on strategies for remediating leaked keys, managing key rotation, and handling platform-specific processes for the leading SaaS providers.

Posted by Vsimpro - 3 votes and 1 comment

Import Device Tree Information onto your Ghidra memory map - antoniovazquezblanco/GhidraDeviceTreeBlob

A Comprehensive Review of secureCodeBox — an Open-Source Platform for Continuous Security Utilizing Popular Testing Tools. Presenting…

Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications - The-Z-Labs/bof-launcher

Learn how to enhance the security of your SAP Cloud Connector (SAP CC) deployment on Windows. Discover essential role management strategies, mitigate security risks, and gain insights into securing your SAP infrastructure. Explore best practices to protect…

Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.