7 votes and 0 comments so far on Reddit

7 votes and 3 comments so far on Reddit

Hidden directories and files left accidentally on the web server might be a very valuable source of sensitive information. There can be a…

One of the more common vulnerabilities on ASP.NET applications is local file disclosure. If you've never developed or worked with this technology, exploiting LFD can be confusing and often unfruitful. In the following write up I describe approaching an application…

Contribute to p4wsec/hackthebox development by creating an account on GitHub.

Everything you should know about certificates and public key infrastructure (PKI) but are too afraid to ask.

A kernelspace syscall interceptor and randomized faulter - trailofbits/krf

Introduction

KringleCon is a virtual conference for security-minded people and hackers from around the world, hosted by Santa and his team at the North Pole mid-December, 2018. Santa's goal for KringleCon is to help improve the state of cyber security world-wide, protecting…

Facebook is having to yet again apologise for another flaw which affects millions of their users - this time exposing unpublished, private photos...

We analyzed samples of EMOTET, URSNIF, DRIDEX and BitPaymer and found similar payload loaders and internal data structures, possibly implying that these different groups are familiar with and are working closely together.

# Happy 16shop hunting ## What is 16shop? 16shop is an infamous phishing kit targets Apple users.

Windows Sandbox is a new lightweight desktop environment tailored for safely running applications in isolation.   How many times have you downloaded an executable file, but were afraid to run it? Have you ever been in a situation which required a clean installation…

Discover our new RDP man-in-the-middle tool. It features clipboard and file stealing, as well as the ability to see connections live or after the fact.

Microservices written in Golang versions earlier than 1.10.6 and 1.11.3 using mutual TLS authentication are vulnerable to CPU denial of service (DoS) attack

keybase-redirector is a setuid root binary. keybase-redirector calls the fusermount binary using a relative path and the application trusts the value of $PATH. This allows a local, unprivileged...

Introduction So first of all I know that there are many tutorials published about buffer overflow and binary exploitation but I decided to write this article because most of these tutorials and articles don’t really talk about the basic fundmentals needed…