toolkit for python reverse engineering. Contribute to Fadi002/de4py development by creating an account on GitHub.

In a recent investigation a zero-day vulnerability surfaced within the popular Opera web browser family. This flaw, allows attackers RCE on Windows or MacOS systems through specially crafted third-party browser extension.

Very shit

TL;DR both ModSecurity v2 and v3 share a similar bug that can result in a really simple WAF bypass. The bug in the v3 branch has been fixed in version 3.0.12 and has been assigned the CVE number CVE-2024-1019. However, the bug in the v2 line remains

VulnCheck faces a horde of honeypots while assessing the potential impact of Atlassian Confluence's CVE-2023-22527. This blog delves into Shodan queries to filter out honeypots and uncover the actual on-premise Confluence install base.

Deluder is a tool for intercepting traffic of proxy unaware applications. Currently, Deluder supports OpenSSL, GnuTLS, SChannel, WinSock and Linux Sockets out of the box. ⚡ - GitHub - Warxim/delu...

Join the world's most widely adopted, AI-powered developer platform where millions of developers, businesses, and the largest open source community build software that advances humanity.

How I reverse engineered an ESP32-based smart home device to gain remote control access and integrate it with Home Assistant.

When the Windows Operating system is installed via a clean installation or via an upgrade, the Windows Setup binary is executed. The Windows setup allows custom noscripts to be executed such as the S…

A technical and root cause analysis of CISA’s Known Exploited Vulnerabilities from 2023.

We guard your domain, so you have peace of mind. Threat Visibility Platform.

Scapy's comprehensive set of features enables the creation of customized network traffic, making it an ideal tool for fuzzing.

Contribute to ad0nis/ntlm_relay_gat development by creating an account on GitHub.

apk.sh makes reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh

How would you feel if an attacker could read your AWS resource tags? Turns out they can! Find out how and test your environment with our tool.

Unpack RedLine stealer to extract config using pe-sieve. pe-sieve dumps then unpacked files from memory. Then, extract the config from the dumped file.

ShmooCon 2024by Shmoo Group, various presentersThe videos in this collection are from ShmooCon 2024, which occurred on 12 - 14 January 2024, at the Washington...

Everyone in InfoSec knows Metasploit and the importance this tool has had on many professionals and in the field itself, either be it for awareness purposes, education, CTFs or actual live penetration tests, odds are the reader has encountered and used Metasploit…

Summary A vulnerability in TOTOLINK LR1200GB allows remote unauthenticated attackers to become authenticated due to a stack overflow vulnerability in the web interface. Additional post-auth vulnerabilities in the product allow for command injection and their…