This is a recap of a complete NetHunter Hacker series where I covered various aspects of Kali NetHunter providing detailed insights, tutorials, and practical examples to help you harness its capabilities to its fullest potential. Quick video introduction…

UDRLs and prepended loaders aren’t the only way to execute a raw payload and get a direct hooking in place. In the case of Cobalt Strike, a generic PE loader can be tweaked to execute an UDRL-less Beacon and get direct hooking for an easier prototyping of…

A more fitting noscript for this post could have been “$10 for an XSS” ;), but to summarize, I discovered a Cross-Site Scripting (XSS) vulnerability on the US website of the well-known ele…

Okay, if you’re reading this, you probably know what fuzzing is. As an incredibly reductive summary: fuzzing is an automated, random testing process which tries to explore the state space (e.g., different interpretations of the input or behaviour) of a program…

This blog aims to explore the “Cloud Secrets Management Stores” sub-technique (T1555.006) of the MITRE ATT&CK Cloud Matrix for Enterprise. This sub-technique is part of the broader Credentials from Password Stores technique (T1555), which focuses on how adversaries…

Intro Hi everyone! Oftentimes, when programming things that are supposed to be secure, we hear stuff about only using Cryptographically Secure PRNGs (CSPRNGs), and not just any old random-number generating function such as Python’s random module or PHP’s…

When running the diversity of applications required today to power our many tools and platforms, the need for more granular application-level visibility, has become critical for many engineering teams.

By chaining various messaging APIs in browsers and browser extensions, I demonstrate how we can jump from web pages to “universal code execution”, breaking both Same Origin Policy and the browser sandbox. I provide two new vulnerability disclosures affecting…

Burp extension to evade TLS fingerprinting. Bypass WAF, spoof any browser. - sleeyax/burp-awesome-tls

Want the deep dive, full story with technical walkthrough for the Pytorch (TorchServe) ShellTorch vulnerabilities CVE-2023-43654 (CVSS: 9.8) and CVE-2022-1471 (CVSS: 9.9)? You’re in the right place

What Are Cookies When you hear “cookies,” you may initially think of the delicious chocolate chip ones. However, web cookies function quite differently than their crumbly-baked counterparts....

My experiences using angr for real-world use cases in 2024, and extending it to diagnose problems / show what it’s doing

Lets analyze a privilege escalation which I found targeting progress whatsup gold, this is the story of CVE-2024-5009

Using a path traversal vulnerability to achieve remote code execution, this is the story of CVE-2024-4883 a pre-auth RCE against progress whatsup gold

I discovered an unauthenticated path traversal against the latest version of progress whatsup gold and turned it into a pre-auth RCE, following is how I did it, this is the story of CVE-2024-4885

North Korean hackers are using a new tactic to target software developers. They create fake copies of legitimate packages to steal cryptocurrency and other sensitive data. See Phylum Research...

Made with Softr, the easiest way to turn your data into portals and internal tools.