This is official OpenSMTPD Portable repository. Forks, pull requests and other contributions are welcome! - OpenSMTPD/OpenSMTPD

Recently, I was willingly forwarded a phishing email (for science!) which contained a ZIP attachment, requesting the recipient to update…

Doyensec's Blog :: Doyensec is an independent security research and development company focused on vulnerability discovery and remediation.

CLR Hooking for Persistence via Config Files

First off all the goal off this blog is not to steal internet or clone modems !!! We are working on a way where cert’s will only be used…

OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving…

Parent PID Spoofing is often used by red teams to evade detection from EDR (Endpoint Detection and Response) solutions that are capable to discover anomalies in the relationship of parent/child processes in order to identify malicious processes.

The video…

SkySafe Miscellaneous Reverse Engineering Blog. Contribute to skysafe/reblog development by creating an account on GitHub.

Dr Silvio Cesare @silviocesare   Summary In this blog post I’ll discuss how to exploit the Linux kernel via a stack smashin...

Posted in r/netsec by u/hanwint • 5 points and 0 comments

Introduction

TL;DR We have found malicious Office documents containing VBA source code only, and no compiled code. Documents like these are more likely to evade anti-virus detection due to a technique we dubbed…

GWT is a Java web framework and GWTUpload is a library extending it with easier file upload.
We found a vulnerability allowing to abuse the upload process and cause a denial-of-service of a web application.

Generic Signature Format for SIEM Systems. Contribute to Neo23x0/sigma development by creating an account on GitHub.

Posted in r/netsec by u/mrmeeseeks2014 • 0 points and 0 comments

This most recent Patch Tuesday, Microsoft released an Important-rated patch to address a remote code execution bug in Microsoft Exchange Server. This vulnerability was reported to us by an anonymous researcher and affects all supported versions of Microsoft…

Reversing, exploiting, pentesting, ctf writeups... && ++hacking

This post focuses on silver ticket and golden ticket. What are they, how are they used, what can be done with them, we will uncover everything there is to know.