KrbRelayUp - a universal no-fix local privilege escalation in windows domain environments where LDAP signing is not enforced (the default settings). - Dec0ne/KrbRelayUp

Google hacking, sometimes, referred to as Google Dorking, is an information-gathering technique used by an attacker leveraging advanced…

CryptoZombies is The Most Popular, Interactive Solidity Tutorial That Will Help You Learn Blockchain Programming by Building Your Own Fun Game with Zombies — Master Blockchain Development with Web3, Infura, Metamask & Ethereum Smart Contracts and Become a…

This tutorial details how to run a Python and Selenium-based web scraper in parallel with Selenium Grid and Docker Swarm.

Pre-Built Vulnerable Environments Based on Docker-Compose - vulhub/vulhub

A while ago I was browsing the Python bug tracker, and I stumbled upon this bug - “memoryview to freed memory can cause segfault”. It was created in 2012, originally present in Python 2.7, but remains open to this day, 10 years later. This piqued my interest…

Portable exploit for Use-After-Free in every version of Python 3 - kn32/python-buffered-reader-exploit

NTLM relay is a well-known technique that has been with us for many years and never seems to go away.

A webshell application and interactive shell for pentesting Apache Tomcat servers. - p0dalirius/Tomcat-webshell-application

In this blog post, we’ll dive into a recently patched Active Directory Domain Privilege Escalation vulnerability that I reported through…

Microsoft’s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC (Remote Procedure Call) runtime:
CVE-2022-24492 and CVE-2022-24528…

We review recent activity from the Emotet malware family, covering changes in Emotet operations since its revival in November 2021.

Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…