A collection of free,  tools focused on security and convenience, including SSL validation, Base64 encoding, and more.

I recently came across an article detailing a campaign using browser cache smuggling and ClickFix to deliver malware to a system. I found…

Cyops Consulting provides trusted cybersecurity advisory services in Australia, leveraging over 25 years of experience in federal government and defence. Our expert team is dedicated to transforming organisational risk into resilience, ensuring your security…

As it turns out they don't actually want you to do this (and have some interesting ways to stop you)

Check my other posts & tools MeetC2 & AWS XRayC2..

Complete evidence package documenting Google Gemini AI autonomously initiating a 911 emergency call despite explicit user refusal on October 12,...

Overview The Common Vulnerabilities and Exposures system recently identified an alarming flaw with the ID CVE-2025-8941, affecting the Pluggable Authentication Modules (PAM) in Linux operating systems. This vulnerability has significant implications, particularly…

DefenderWrite tool that helps find programs whitelisted by Antivirus and exploits these programs to write arbitrary files into the Antivirus's folder

Impacted by the F5 data breach? You may be ennoscriptd to legal compensation. My Data Breach Attorney can help protect your rights.

Overview

An undocumented parameter of the "web-auth" command could allow an authenticated attacker to execute commands remotely due to improper input sanitization, potentially resulting in full device compromise.

A vulnerability in the zysh-cgi component of the USG/ATP Series allows a low-privileged, semi-authenticated attacker to access the device’s configuration, bypassing authorization controls. This issue arises due to missing authorization checks and an incomplete…

This is research on detecting attacks on Kerberos using traffic analysis.

Our security agent found a business logic flaw in how Netty handled one of the internet's oldest and most trusted protocols. To understand the vulnerability, we need to take a quick journey back to the humble beginnings of email.

Magento is still one of the most popular e-commerce solutions in use on the internet, estimated to be running on more than 130,000 websites. It is also offered as an enterprise offering by Adobe under the name Adobe Commerce, which receives automatic patching.…

I was recently flying between HKG & LHR via British Airways. I’d done the same flight back in 2023, and remember relying on the in-flight entertainment for the 14 hour journey. However, this time on my way to London, they had an interesting offer: Free WiFi…

ZeroPath's AI-based static analyzer uncovered 170 verified issues in curl, from C footguns to logic and RFC compliance bugs across HTTP/3, SMTP, IMAP, TFTP, Telnet, and SSH/SFTP, with curl maintainer Daniel Stenberg praising the quality -- proof that AI source…