Interactive Cybersecurity Training. HackEDU offers comprehensive online Secure Development Training for your developers, engineers, and IT personnel to assist your organization in laying a foundation of security and application vulnerability prevention, assessment…

Jumping down the rabbit hole that is SCP

Mysterium VPN is the client application of Mysterium Network, a Network focused on providing security and privacy to web 3 and beyond.

1 vote and 0 comments so far on Reddit

Unprivileged users with UID > INT_MAX can execute any systemctl command due pkttyagent aborting with an assertion at https://github.com/freedesktop/polkit/blob/8c1bc8a/src/programs/pkttyagent.c#L156. systemd version the issue has been se...

tl;dr https://sites.google.com suffered from a Billion Laugh Attack vulnerability that made the containerized environment to crash with a si...

linikatz is a tool to attack AD on UNIX. Contribute to portcullislabs/linikatz development by creating an account on GitHub.

I'm excited to announce a new tool: Uberducky , a wireless USB Rubber Ducky that can be triggered via BLE. If you have an Ubertooth One I ...

André Baptista - Reverse engineer, exploitation researcher and bug bounty hunter.

27 votes and 3 comments so far on Reddit

The exploit samples database is a repository for **RCE** (remote code execution) exploits and Proof-of-Concepts for **WINDOWS**, the samples are uploaded for education purposes for red and blue tea...

PrestaShop (1.6.x <= 1.6.1.23 or 1.7.x <= 1.7.4.4.) Back Office Remote Code Execution (CVE-2018-19126) - farisv/PrestaShop-CVE-2018-19126

I haven’t been writing for a long time, so I finally decided to write about a cool (old) story with JBoss.

In cryptography, trust is mathematically provable. Everything else is just faith.

Mobile devices are subject to numerous security discussions. We at Hacken decided to address the OWASP Mobile TOP 10 methodology in order to demonstrate the process of conducting vulnerability analysis for mobile applications.

Automating Data Flow Diagram Management with Terraform

Introduction:
This is a vulnerability I found while participating in a bug-bounty program earlier this year. It affects Prince, a software that converts “HTML, XHTML, or one of the many XML-based document formats” to PDF.

PoC for CVE-2018-1002105. Contribute to evict/poc_CVE-2018-1002105 development by creating an account on GitHub.

Foreign propagandists are getting a strong foothold in France, and the traditional media can’t fight it

Active Directory ACL exploitation with BloodHound. Contribute to fox-it/aclpwn.py development by creating an account on GitHub.

3 votes and 1 comment so far on Reddit