As you might have heard, we recently got our paper on padding oracle attacks accepted to the USENIX Security Conference. In this paper, we ...

In the last two years, we changed the TLS-Attacker Project quite a lot but kept silent about most changes we implemented. Since we do not h...

One year ago, we received a contract as a PDF file. It was digitally signed. We looked at the document - ignoring the "certificate is not tr...

We found out that reusing a key pair across different versions and modes of IPsec IKE can lead to cross-protocol authentication bypasses, e...

We found out that in contrast to public knowledge, the Pre-Shared Key (PSK) authentication method in main mode of IKEv1 is susceptible to o...

Hunting for bugs doesn’t have to be complex. This is a quick but informative story of how we found a vulnerability under 5 minutes on a…

Clustering of Application Security tooling refers to the use of multiple tools and techniques to improve the security of an application…

I have come across many agent based distributed systems like OEM, AV solutions and Splunk which need to communicate with a centralized server. This communication is often sensitive, carrying data…

“ Robots are not going to replace humans, they are going to make their jobs much more humane. Difficult, demeaning, demanding, dangerous…

Hey folks!!, Rajdip here, and I’ve got an exciting write-up for you today. We’ll be delving into the intriguing world of cybersecurity…

Hosted application security tools offer several advantages:

Welcome back and how do you do fellow hackers? I’m Hachiko, and that little guy next to me is my trusty hacker-cat, Babycat.

An overview of some vulnerabilities found in ML Libraries

With Chat GPT+, unlock the next phase of bug bounty hunting. Explore the cutting-edge field of AI-driven cybersecurity as we look at how…

Myth is a powerful tool to find vulnerabilities in smart contracts, learn how to use it.

To solve the lab, execute the whoami command to determine the name of the current user | Karthikeyan Nagaraj

In the realm of cybersecurity, uncovering vulnerabilities is a vital step in fortifying digital landscapes. My journey led me to the…

Subject: Important Security Notice

In today’s digital age, cybersecurity has never been more critical. As technology evolves, so do the threats that target it. Bug bounty…

InfoSecSherpa: Your Guide Up a Mountain of Information!