Metasploitable3 is an updated version of Metasploitable2, developed to provide a more realistic environment for practicing advanced penetration testing techniques. This version introduces new...

Misconfigured Argo Workflows may result in a massive supply chain attack

A short overview of frequently overlooked vulnerability with real world examples

Explore what Port 80 revealed about the internet in Project Resonance (Wave 12) and the insights gained from this key web traffic gateway.

Information Security Services. Offensive Security, Penetration Testing, Mobile and Application, Purple Team, Red Team

Cyberbro is an open-source application that extracts IoCs from garbage input and checks their reputation using multiple services.

After the excitement of our .MOBI research, we were left twiddling our thumbs. As you may recall, in 2024, we demonstrated the impact of an unregistered domain when we subverted the TLS/SSL CA process for verifying domain ownership to give ourselves the ability…

Subnoscription websites now like to use magic email links for login. They are extremely annoying.

Nominations are now open for the top 10 new web hacking techniques of 2024! Every year, security researchers from all over the world share their latest findings via blog posts, presentations, PoCs, an

Time-based blind SQL injection : Découvrez comment cette faille se distingue par sa capacité à exfiltrer des données sans activer d'alerte.

📌 This is a cross-post from DEVCORE. The research was first published at Black Hat Europe 2024. Personally, I would like to thank splitline, the co-author of this research & article, whose help

Did you have a good break? Have you had a chance to breathe? Wake up.

It’s 2025, and the chaos continues.

Haha, see what we did? We wrote the exact same thing in 2024 because 2024 was exactly the same.

As an industry, we are on GroundHog day -

The Assistant Prefill feature available in many LLMs can open up models to jailbreaking, including the possibility of persistent prefills to bypass LLM safety alignments.

With the iPhone 15 & iPhone 15 Pro, Apple switched their iPhone to USB-C and introduced a new USB-C controller: The ACE3, a powerful, ver...

Overview


Countless noscript kiddies, dreaming of getting rich, rush into the DDoS black-market industry armed with Mirai source code, imagining they can make a fortune with botnets. Reality, however, is harsh—these individuals arrive full of ambition but…

How 1 youtube video turned out to be a part of a million dollar scam scheme