This blog provides information on how to enumerate the attack surface of userland applications that are deployed on the Windows operating system.

Wraps github api for openly available information about an organization, user, or repo - needmorecowbell/giggity

1 vote and 1 comment so far on Reddit

1 vote and 0 comments so far on Reddit

With more than 100,000,000 downloads ES File Explorer is one of the most famous #Android file manager.The surprise is: if you opened the app at least once, anyone connected to the same local network can remotely get a file from your phone https://t.co/Uv2ttQpUcN

ES File Explorer Open Port Vulnerability. Contribute to fs0c131y/ESFileExplorerOpenPortVuln development by creating an account on GitHub.

A malicious Windows shortcut file posing as a movie via The Pirate Bay torrent tracker can trigger a chain of mischievous activities on your computer, like injecting content from the attacker into high-profile web sites such as Wikipedia, Google and Yandex Search or…

A malicious Windows shortcut file posing as a movie via The Pirate Bay torrent tracker can trigger a chain of mischievous activities on your computer, like injecting content from the attacker into high-profile web sites such as Wikipedia, Google and Yandex Search or…

Research by: Alon Boxiner, Eran Vaknin and Oded Vanunu, January 16th, 2018 Played in a virtual world, players of ‘Fortnite’, the massively popular game from game developer Epic Games, are tasked with testing their endurance as they battle for tools and weapons…

This is 🍊 speaking

Microsoft Windows keeps the Authenticode signature valid after appending any content to the end of Windows Installer (.MSI) files signed by ...

IDAPython tool for creating automatic C++ virtual tables in IDA Pro - 0xgalz/Virtuailor

ESnet Security’s github.io Site

In this tutorial, you'll learn how to connect your Arduino MKR WiFi 1010 (or MKR 1000) board securely to AWS IoT Core.

We looked into Magecart's latest online skimming activity: injecting malicious code to the JavaScript library of a third-party advertising network.

Many people will land on this page after learning that their email address has appeared in a data breach I've called "Collection #1". Most of them won't have a tech background or be familiar with the concept of credential stuffing so I'm going to write this…

Hardened alpine linux baseimage for Docker. Contribute to HazCod/hardened-alpine development by creating an account on GitHub.

…or Level 1 Credential Management API extension for Public Key Credentials, and the untold stories of managing credentials in the browser…

Personal blog of Christian Haschek

Here, I’ll be talking about an interesting vulnerability that I have found in NASA Jira (An Atlassian task tracking systems/project management software etc.).