Import Device Tree Information onto your Ghidra memory map - antoniovazquezblanco/GhidraDeviceTreeBlob

A Comprehensive Review of secureCodeBox — an Open-Source Platform for Continuous Security Utilizing Popular Testing Tools. Presenting…

Beacon Object File (BOF) launcher - library for executing BOF files in C/C++/Zig applications - The-Z-Labs/bof-launcher

Learn how to enhance the security of your SAP Cloud Connector (SAP CC) deployment on Windows. Discover essential role management strategies, mitigate security risks, and gain insights into securing your SAP infrastructure. Explore best practices to protect…

Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.

Identify binaries with Authenticode digital signatures signed to an internal CA/domain - mlcsec/SigFinder

Vulnerability disclosure about Zyxel's personal cloud storage device, under CVE-2023-5372

This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

CVE-2023-51467 is an authentication bypass recently disclosed by SonicWall in Ofbiz—an Enterprise Resource Planning (ERP) system solution for automating applications and business management. ...

Prelude In the start of the year, I started keeping myself a list of technologies I don’t understand and want to learn about. The first candidate I immediately thought about was WebSockets. I kept seeing them popping up in websites and CTFs, but they always…

Faction is an open-source solution that enables pentesting report generation and assessment collaboration.

<span style="font-size: 11pt;"><span style="line-height: 107%;"><span style="font-family: Calibri,sans-serif;"><span style="font-family: "Arial",sans-serif;">Denoscription:</span></span></span></span>
<span style="font-size: 11pt;"><span style="line-height:…

Abstract The Play ransomware group is one of the most successful ransomware syndicates today. All it takes is a quick peek with a disassembler to know why this group has become infamous. This is...

In part nine of Claroty Team82's OPC UA Deep Dive Series, we describe remote code execution (RCE) attacks against OPC UA integration servers. We uncovered five new vulnerabilities during our research of the Softing Secure Integration Server, which we were…

Snyk Security Labs Team has identified four container breakout vulnerabilities in core container infrastructure components including Docker and runc, which also impacts Kubernetes.

Front matter In a previous post, Casey talked about our Cloned Website Canarytoken and how it fares against modern phishing attacks. Today, we are releasing two new versions of the token which aler…

A rapid HTTP downgrade smuggling scanner written in Go. - Moopinger/smugglefuzz