Posted by seyyid_ - 5 votes and 0 comments

TL;DR: Basically, if a target website is protected by a WAF using the OWASP Core Rule Set or Comodo Rule Set or Atomicorp Rule Set, you can send the string ORA-1234 or OracleDrive or ASL-CONFIG-FILE in a comment, product review, registration form, e-commerce…

Microsoft Threat Intelligence has observed Storm-1811 misusing the client management tool Quick Assist to target users in social engineering attacks that lead to malware like Qakbot followed by Black Basta ransomware deployment.

Testing CVE-2024-3400 against a live non-production instance using Palo Alto NGFW AWS Marketplace AMI.

Our research reveals that personal repositories often expose sensitive corporate data, leading to severe security breaches

CSTC is a Burp Suite extension that allows request/response modification using a GUI analogous to CyberChef - GitHub - usdAG/cstc: CSTC is a Burp Suite extension that allows request/response modif...

Sasori is a dynamic web crawler powered by Puppeteer, designed for lightning-fast endpoint discovery. - karthikuj/sasori

Master these Alert Tuning best practices for your SOC to minimize alert fatigue from low quality false positive alerts and improve detection accuracy.

Infosec is, at it’s heart, all about that data. Obtaining access to it (or disrupting access to it) is in every ransomware gang and APT group’s top-10 to-do-list items, and so it makes sense that our research voyage would, at some point, cross paths with…

WiFi Penetration Testing & Auditing Tool. Contribute to FLOCK4H/Freeway development by creating an account on GitHub.

In this article I will introduce how to generate GDB Python code to trace a program being analyzed in Ghidra.

RomHack is a format made by the non-profit association Cyber Saiyan and composed by a Conference a Training session and a Hacker Camp.

NOTE: This article is based off the following and should be followed first:

CVE-2023-34992 Fortinet FortiSIEM Command Injection Deep-Dive and Indicators of Compromise. This blog details a command injection vulnerability which allows an unauthenticated attacker to access the FortiSIEM server as root to execute arbitrary commands.

A vulnerability in PDF.js found by Codean Labs. PDF.js is a JavaScript-based PDF viewer maintained by Mozilla. This bug allows an attacker to execute arbitrary JavaScript code as soon as a malicious PDF file is opened. This affects all Firefox users (

Team82 found multiple vulnerabilities in the EpicMo protocol implementation within Honeywell ControlEdge Virtual UOC instances. These vulnerabilities are exploitable and can lead to unauthenticated remote code execution.

CISA and the FBI have issued a warning.