From a security analytics and Threat Intelligence perspective pastebin is a treasure trove of information. All content that is uploaded to pastebin and not explicitly set to private (which requires an account) is listed and can be viewed by anyone. tl;dr…

This is the first part of a series of posts I am going to do about Windows kernel exploitation, via vulnerable drivers. The project I will be using for the exploit is HackSys Extreme Vulnerable Driver, which is a really cool little vulnerable windows driver…

This was a fun challenge, a lot of mistakes were made and a lot of things were learnt! Shout out to 0x4a47 my team mate for the RHME3 CTF aswell. As a good exploit challenge starts, we begin by running file on the binary to see what we learn about

A look at how expired domain names can be turned into a lucrative malicious traffic redirection tool.

Malware Analysis - VBA noscripts used to download TrickBot banking trojan

9 points and 0 comments so far on reddit

Last month, Ethan Heilman, Tadge Dryja, Madars Virza, and I took a look at IOTA, currently the 8th largest cryptocurrency with a $1.9B…

Meet Broadpwn, a vulnerability in Broadcom's Wi-Fi chipsets which affects millions of Android and iOS devices, and can be triggered remotely, without user interaction. The Broadcom BCM43xx family of Wi-Fi chips is found in an extraordinarily wide range of…

Data leaks have become so commonplace that it’s incredibly easy to become numb to them, but credit reporting service Equifax announced a doozy today that when all is said and done could involve…

As hackers increase attacks, more people are needed to fight back. GoodCall analysts compiled a list of the Best Cities for Cybersecurity Professionals.

PandwaRF is a portable RF analysis tool available in several versions. We often get asked which version to choose, and […]

RemoteSSH - Starts an ngrok TCP tunnel and notifies you of the URL. Perfect for automated remote SSH connections.

a 3 step guide to a 57 day journey

api - Vulners Python API wrapper

At AppSec Europe Sebastian Lekies, Krzysztof Kotowicz and Eduardo Vela Nava showed how to use JavaScript frameworks to bypass XSS mitigation...