ida_ipython - An IDA Pro Plugin for embedding an IPython Kernel

Back in April, I wrote about how it was possible to modify a router to encrypt DNS queries over TLS using Cloudflare's 1.1.1.1 DNS Resolver and a GL.iNet router; the folks at GL.iNet read that blog post and decided to bake DNS-Over-TLS support into their…

Hamburglar -- collect useful information from urls, directories, and files - needmorecowbell/Hamburglar

A Desolate Den of Depravity, Darkness, Drugs and Child Abuse

On July 13, 2018,  the U.S. Justice Department handed down a 29-page indictment against 12 intelligence officers of the GRU, Russia's military intelligence agen...

Learn how to create a 'digital fortress' to maintain your online privacy using a search engine and a VPN with security researcher Christian Stewart.

Exploiting a SAML Implementation During a recent web application test, I discovered a bug in a Security Assertion Markup Language (SAML) implementation. This bug involved an insecure implementation of a SAML feature combined with a custom authentication mechanism…

TLDR; Download the wirehshark profile now or read on.. Wireshark Even if you’re an avid user of some of the premium packet analysis tools out there, such as Savvius’ excellent Omnipeek, every so often most people will be opening up the free Wireshark to look…

keyfinder - Tool for analyzing private (and public) key files, including support for Android APK files.

Prestashop 1.6.1.19 sessions can be read and written by an attacker, resulting in a range of vulnerabilities including privilege escalation and remote code execution.

In the first of a two part series, Paul Bottomley and Wietze Beukema explore our Tanium Signal development and testing, using one particular threat group, APT32 (also known as Ocean Lotus).

Hey folks, just wanted to share this story. Yes, I could have been better prepared for what happend, I know. :)

Overview IDAPython is a powerful tool that can be used to automate tedious or complicated reverse engineering tasks. While much has been written about using IDAPython to simplify basic reversing tasks, little has been written about using IDAPython to assist…

Medical laboratory testing firm LabCorp. is investigating a weekend cyberattack on its IT network, which was resulted in the company taking certain of its syste

0 votes and 3 comments so far on Reddit

Second order SQL Injection Explained with Example, 2nd order SQL injection example, 2nd order injection web application, webapp second order sql injection

Schedule, talks and talk submissions for BSidesLisbon2018

By Angelina Liparteliani, Marketing Assistant for PixelPin Ltd

Meet the hackers who flip seized Instagram handles and cryptocurrency in a shady, buzzing underground market for stolen accounts and usernames. Their victims' weakness? Phone numbers.

Dangling markup is a technique to steal the contents of the page without noscript by using resources such as images to send the data to a remote location that an attacker controls. It is useful when ref