Introduction CVE-2024-25065 is a vulnerability that exists in Apache OFBiz before version 18.12.12. It is a path traversal vulnerability that allows authentication bypass through the contextPath...

While reversing a device, we stumbled across an interesting binary named unicorn . The binary appeared to be a developer utility potentially related to the Augentix SoC SDK. The unicorn binary is only executed when the device is set to developer mode. Fortunately…

This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.

FileSystem Monitor (fsmon) allows you to monitor file system events at runtime on Linux, OSX, iOS and Android systems. Useful for bug bounty hunters, malware analyst

Custom Hashcat Module for Apache Shiro 1 SHA-512

Discover the latest insights from the Cleafy Threat Intelligence team on new fraud campaigns involving the Medusa (TangleBot) banking trojan. Learn about Medusa's sophisticated capabilities, recent updates, and shifts in distribution strategies targeting…

elttam is a globally recognised, independent information security company, renowned for our advanced technical security assessments.

Explore how eBPF technology works by reverse engineering eBPF-based programs. Learn about its internals, benefits, and applications in modern computing

Qiling is an emulation framework that builds upon the Unicorn emulator by providing higher level functionality such as support for dynamic library loading, syscall interception and more. In this Labs post, we look into Qiling and how it can be used to emulate…

In the early hours of a day in a month in 2024, watchTowr Labs was sent a chat log:



13:37 -!- dav1d_bl41ne [def_not_phalanx@kernel.org] has joined #!hack (irc.efnet.nl)
13:37 -!- dav1d_bl41ne changed the topic of #!hack to: mag1c sh0w

Why write this?

This blog post details an application denial-of-service (DoS) vulnerability in WebRTC media servers handling DTLS-SRTP. Exploitation, detection and mitigation.

A critical, pre-authentication XML entity injection issue in Magento / Adobe Commerce (CVE-2024-34102), which Adobe rated as CVSS 9.8.

Can an attacker execute arbitrary commands on a remote server just by sending JSON? Yes, if the running code contains unsafe deserialization vulnerabilities. But how is that possible? In this blog post, we’ll describe how unsafe deserialization vulnerabilities…

Access cards – those little plastic rectangles that grant us entry to buildings, parking lots, and secure areas. But what if I told you that these cards can be cloned, and even emulated? Enter the Proxmark3, a powerful tool that opens doors (literally) to…

Our research discovers that almost 18% of secrets might be overlooked and some cannot be discovered by current scanning tools.

Fuzzing applications needs no introduction, and I have written about some interesting problems related to fuzzing in the past [0][1][2][3]. At scale, fuzzing has traditionally focused on compiled binaries and detecting crashes and other memory corruption…