Feature-rich Office docs are ideal targets for phishing and pentest campaigns. Here we show how a Microsoft Word (subDoc) feature can be abused.

An engine to make Tor network your default gateway - htrgouvea/nipe

At the end of January 2018, the FortiGuard Labs team discovered a remote kernel crash vulnerability in Microsoft Windows and reported it to Microsoft by following Fortinet’s responsible disclosure …

The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA...

Attackers can use these techniques to bypass Firewall collect and forward sensitive information from your network or to attack or spam other networks.

Axis Communications AB, a Swedish manufacturer of network cameras for physical security and video surveillance, has patched seven security flaws across nearly 400 security camera models.

…or why you should ensure all Windows machines are domain joined.

ZeroFont manipulation is inserting hidden words in font size zero—invisible to recipients—in order to fool Microsoft's natural language processing security.

The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - tanprathan/MobileApp-Pentest-Chea...

Tokenvator: A Tool to Elevate Privilege using Windows Tokens – It works by impersonating or altering authentication tokens in processes that the executing process has the appropriate level of permissions to.

Hackers may have sought ability to disrupt consumer and business communications.