Researcher Alex Birsan came up with a method to breach 35 big tech companies and earned $130,000 in bug bounties.

Resources hosted on Azure App Service are at the forefront as attackers are constantly on the lookout for vulnerabilities in web applications. Dormant domains are a permanent resident on the checkl...

Palo Alto Networks next-generation firewall (NGFW) is one of the leading enterprise firewalls used by companies around the world to protect against various cyber-attacks. It runs on its own operating system «PAN-OS». In this article, we will analyze the vulnerabilities…

Fully cloud/browser-based Advanced Red Team Training course by MDSec's ActiveBreach team of CCSAS / CBEST accredited pentesters.

by Ruben Santamarta The booming IoT ecosystem has meant massive growth in the embedded systems market due to the high demand for connecte...

Recorded and edited by the UMBC IEEE Branch.
Website: https://www.umbc.edu/ieee/
Email: ieee-student-org@umbc.edu

TrickBot's stealthy BazarBackdoor malware has been rewritten in the Nim programming language, likely to evade detection by security software.

Guess what might not be running in safe mode? An AV/EDR. Also, attackers do NOT need to be physically in front of the machine to run in…

Evasion, Credential Dumping

SharpRelay is based on the WinDivert driver. WinDivert is a kernel driver that allows for user-mode packet interception and modification

C2/post-exploitation framework. Contribute to loseys/BlackMamba development by creating an account on GitHub.

This release comes with a whole heap of bugfixes.
Big thanks to everyone who submitted PRs and fixes (@cnotin @jtothef @nheineger @Scoubi)

C2/post-exploitation framework. Contribute to loseys/BlackMamba development by creating an account on GitHub.

fw extraction to rce

Digital Forensics and Threat Hunting for Artifacts In Obscure Windows Event Logs