This is the story of how I was able to get remote code execution on Hubspot 's servers by exploiting a vulnerability in  HubL expression la...

2 votes and 0 comments so far on Reddit

Contribute to LinusHenze/WebKit-RegEx-Exploit development by creating an account on GitHub.

1 vote and 0 comments so far on Reddit

This Repository contains the stuff related to windows Active directory environment exploitation - incredibleindishell/Windows-AD-environment-related

   3   3SharesIn this article we are benchmarking several auditing tools. The smart contract security audit is a critical phase in the development of smart contracts. The DAO hack was just one trip in the odyssey to secure Ethereum smart contracts and compatible…

Today we will explore an exciting method to remotely execute code even if an administrator set disable_functions in the PHP configuration…

So I  was checking a website and tried to test it for flaws just a general thing nothing new. I targeted the login mechanism. I saw while clicking on it. It was generating javanoscript events.  …

Earlier this week a major vulnerability in Kubernetes was made public by its maintainers. It was originally caught as a bug by Darren Shepherd and was later marked as a critical vulnerability and assigned CVE-2018-1002105. Its implications were clearly laid…

Researcher: Ori Karliner (@oriHCX) Following our blog from last month, this blog will cover the technical details of our findings. If you suspect that any of your devices are affected by these vulnerabilities and want our assessment, contact us at freert…

Last night I did try to automate simple overflow with windbg but there were some problems with the exception handling .so I want to choose a more programmable debugger but this time I need a more d…

3 votes and 0 comments so far on Reddit

Study finds five in 17 Certificate Authorities vulnerable to IP fragmentation attack

Third topic of the campaign 'Practica els hàbits cibersaludables'

tl;dr I found an  XSRF in the OAuth implementation of Redhat Keycloak Gatekeeper . This would be a bit worse for people using Gatekeeper t...

IT security is a really huge topic and until you find your first bug you can’t be sure that you...

This talk was presented at bugSWAT. Slide is at https://speakerdeck.com/shhnjk/logically-bypassing-browser-security-boundaries

Talk features:
Password manager issue with iframe/CSP sandbox
https://crbug.com/825258, https://bugzilla.mozilla.org/show_bug.cgi?id=1426767…

Equifax report megathread while I'm on lunch! https://t.co/vkjj2QfxOm

Google+ has suffered another large data breach, affecting 52.5 million users. Leading to the acceleration of the closure for Google's social platform.