4 votes and 0 comments so far on Reddit

Enumerating registered BlackHat attendees with the BCard API

Howdy Folks, The last few months have been some VERY exciting times in the world of identity and security standards. Due to the efforts of a broad set of experts across the industry, we’ve made incredible progress in finalizing a broad set of new and improved…

In this write-up, Ryan Hanson describes his process for identifying and exploiting CVE-2018-0952, an arbitrary file creation vulnerability in the Windows Diagnostics Hub Standard Collector service, allowing for elevation of privileges.

Inception - Provides In-memory compilation and reflective loading of C# apps for AV evasion.

Powershell-SSHTools - A bunch of useful SSH tools for powershell

Over the past two weeks, Ryuk, a targeted and well-planned Ransomware, has attacked various organizations worldwide. So far the campaign has targeted several enterprises, while encrypting hundreds of PC, storage and data centers in each infected company.…

The summer of 2017 culminated the substantial research and development effort of a generic solution to CSRF that could be easily applied…

The patch was issued in APSB18–12:

The patch has been released, please upgrade your MAU to 18081201

Semmle security researcher Man Yue Mo explains how he used Semmle QL's Data Flow library to discover multiple RCE vulnerabilities (CVE-2018-11776) in Apache Struts.

A vulnerability affects all versions of the OpenSSH client released in the past two decades, ever since the application was released in 1999.

An open-source post-exploitation framework for students, researchers and developers. - GitHub - malwaredllc/byob: An open-source post-exploitation framework for students, researchers and developers.

If you're planning on implementing the W3C and FIDO Alliance's new WebAuthn standard for hardware security token support, skip ECDAA for now.

Scrounger is a modular tool designed to perform the routine tasks required during a mobile application security assessment.  Scrounger conveniently brings together both major mobile operating syste…

Sup guys, Today I would like to share with you an interesting bug that I found in facebook group through their BugBounty program, so let’s…

Burp Suite 2.0 beta is now available to Professional users. This is a major upgrade, with a host of new features, including: A new crawler, able to automatically handle sessions, detect changes in app

1 vote and 0 comments so far on Reddit

Hundreds (at least) of kernel bugs are fixed every month. Given the
kernel's privileged position within the system, a relatively large portion
of those bugs have security implications. Many bugs are relatively easily
noticed once they are triggered; that…

POC for CVE-2018-15685