Mirror for http://a3dninefan3vhkhkw36cgesk4hlfzwkbj3done4iscp3na7jckrcypid.onion - vagabondworkstation/hedron

Container escape exercise tutorial from C8 Labs with working exploit leveraging vulnerabilities CVE-2017-18344 and CVE-2017-1000112.

Google’s Nearby Connections API enables any Android (and Android Things) application to provide proximity-based services to its users, regardless of their network connectivity. The API uses Bluetooth BR/EDR, Bluetooth LE and Wi-Fi to let “nearby” …

Devcon says it’s found several polyglots.

0 votes and 0 comments so far on Reddit

Key relay attacks against keyless entry vehicles are well known. Many 3rd party car alarm vendors market themselves as solutions to this. We have shown that

WebTech is a tool and a Burp extension capable of analyzing web pages and report used web technologies, frameworks and versions.

A look into the "state" of the .gov.uk namespace. Contribute to tg12/MappingGovUKDomains development by creating an account on GitHub.

Product Vendor Cantemo AB Product Denoscription Cantemo AB is a software systems and technology vendor for major media outlets. The Cantemo Portal application is a high-performance media asset management tool. The latest version at the time of this research…

Russian hackers are way ahead of the next-fastest state-sponsored hackers, North Korea, who themselves are nearly twice as fast as Chinese groups, according to a new report by US cybersecurity firm Crowdstrike.

Introduction Hey guys today Ethereal retired and here is my write-up about it. And as the difficulty says , It’s insane ! The most annoying part about this box is that it was very hard to enumerate because we only get a blind RCE and the firewall rules made…

NMAP TL;DR
It's a tool used for portscanning and this post will explore some of the common
and useful flags that can be used while scanning to pick up usful information
about targets.

What Is NMAP?
Nmap or Network mapper is an open source tool for network…

Let’s write some shellcode, shall we?

SharPyShell - tiny and obfuscated ASP.NET webshell for C# web applications - antonioCoco/SharPyShell

Thanks to multiple combined vulnerabilities we are able to insert arbitrary files into anyone's Google Earth Studio Projects Archive.

MouseJack was publicly disclosed in 2016 & an exploit was later released named JackIt. Part 2 explains how to use SILENTTRINTIY + JackIt to bypass Defender.

sec4dev – the security Conference & Bootcamp for developers. Let's make security a first-class citizen in software development!
The sec4dev Conference & Bootcamp is a Vienna-based security event which targets one very specific group: people involved in software…

Last year you may have heard the news that I would soon become the world’s first trillionaire. I was being modest at the time because I…