CVE-2020–35717 — RCE through XSS in zonote Electron App

Collection about PoC for sql injection on Joomla. Contribute to HoangKien1020/Joomla-SQLinjection development by creating an account on GitHub.

Introduction This blog post details the exploitation process for the vulnerability CVE 2020-15999 in Google Chrome 86.0.4222.0 on Linux. While CVE 2020-15999 is a heap-based buffer overflow in the font-loading library Freetype rather than Chrome proper, its…

Collection of Beacon Object Files. Contribute to ajpc500/BOFs development by creating an account on GitHub.

TA505+ Adversary Simulation. Contribute to fozavci/ta505plus development by creating an account on GitHub.

According to its official documentation, “twitter-server” is a Twitter OSS project used to provide a template from which servers at Twitter are built. It provides common application components such as an administrative HTTP server, tracing, stats, and more…

Utilizing Cobalt Strike’s in-memory C capabilities to inject a Beacon implant into a remote process without spawning a remote thread on 64-bit systems.

Buying cheap routers to find vulnerabilities in them

29 files

Let's have a look at a recent kernel local privilege escalation exploit!

Exploit Source: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/
Kernel Developer Walkthrough: https://www.youtube.com/watch?v=LORxdO1XUjY

Syscalls, Kernel vs. User Mode and Linux Kernel…

CVE-2020-36179~82 Jackson-databind SSRF&RCE. Contribute to Al1ex/CVE-2020-36179 development by creating an account on GitHub.

This is part 1  of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other p...

Microsoft replied that this is out of scope of their security program as well as not deemed this as a security vulnerability at all, so I…