Address Space Layout Randomization (ASLR) is a security technique used in operating systems to protect against certain types of cyber attacks, particularly buffer overflow attacks. Here’s an overview of ASLR:
What is ASLR? ASLR is a feature implement...

NucleiScanner is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications - 0xKayala/NucleiScanner

The altSecurityIdentities attribute of Active Directory (AD) computers and users allows you to specify explicit certificate mappings. An…

In this article, you will learn how to prevent broken connections when a Pod starts up or shuts down. You will also learn how to shut down long-running tasks gracefully.

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. - Sh3lldon/FullBypass

Okta Verify and Okta FastPass Abuse Tool. Contribute to CCob/okta-terrify development by creating an account on GitHub.

Jon DiMaggio will explore how RansomedVC has redefined the boundaries of cybercrime by combining propaganda, influence campaigns, and misinformation.

Contribute to ad0nis/ntlm_relay_gat development by creating an account on GitHub.

There have been some interesting new developments recently to abuse Kerberos in Active Directory, and after my dive into Kerberos across trusts a few months ago, this post is about a relatively unknown (from attackers perspective), but dangerous feature:…

Advanced Time-based Blind SQL Injection fuzzer for HTTP Headers - danialhalo/SqliSniper

PoC for using MS Windows printers for persistence / command and control via Internet Printing - Diverto/IPPrintC2

PingRAT secretly passes C2 traffic through firewalls using ICMP payloads. - umutcamliyurt/PingRAT

Last week, the FBI and CISA released a #StopRansomware alert for the Black Basta ransomware group…

Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited…

A widespread malvertising campaign is actively targeting individuals searching for popular utilities like WinSCP and PuTTY

CVE-2023-34992 Fortinet FortiSIEM Command Injection Deep-Dive and Indicators of Compromise. This blog details a command injection vulnerability which allows an unauthenticated attacker to access the FortiSIEM server as root to execute arbitrary commands.