At a Senate Judiciary Committee, lawmakers reiterated demands that technology firms build "back doors" into their encrypted applications.

My write-up / walkthrough for Smasher2 from Hack The Box.

🔭 Lightweight URL fuzzer and spider: Discover a web server's undisclosed files, directories and VHOSTs - liamg/scout

Microsoft in order to resolve the problem with legacy applications that are no compatible with newer Windows operating systems released the application compatibility toolkit (ACT). This software en…

Demos of and walkthroughs on in-browser fuzzing using WebAssembly - jonathanmetzman/wasm-fuzzing-demo

A Buffer Overflow is a bug class in a program typically written in a memory unsafe language like C or C++. Buffer Overflow
bugs from user-input can often allow someone to overwrite some data in memory they weren't supposed to. Before we dive into
how to exploit…

A repository of my completed writeups, along with the samples themselves. - itsKindred/malware-analysis-writeups

Parents of three Tennessee children learned today that a hacker had remotely broke into there Ring smart camera. The hacker spoke to the children and monitored them just four days after the purchase of the device. This sets a dangerous precedent when so many…

From combining emoji marks and astral planes, Unicode is under appreciated and poorly understood. One lesser known attack vector is Unicode Case Mapping Collisions— an edge case that many of the best devs don't understand— even at Github.

“The s in IoT stands for security” is a joke as old as the shared code base used in your IoT web-camera. Usually we mock IoT for having little or bad security, but the real issue is perhaps that IoT can't have good security.

Posted in r/netsec by u/pimterry • 1 point and 0 comments

The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop. Moreover, the user will not be able to return to thegroup and all the data that was written and shared in the group is now gone for good. The…

Hacking Live Stream | Playing CTFs for fun!

Telerik UI for ASP.NET AJAX insecurely deserializes JSON objects resulting in arbitrary RCE. Learn how to patch and securely configure this software.

Contribute to canarytail/standard development by creating an account on GitHub.

Blockchain intelligence firm CipherTrace claims banks unknowingly process $2 billion in crypto funds every year, opening themselves up to potential risks.

To check if they're vulnerable or not. Here's a new tool that scans the RDP of your system to explore BlueKeep's vulnerability.