Microsoft released its monthly security update today, disclosing a variety of vulnerabilities in several of its products. The latest Patch Tuesday covers 49 vulnerabilities, seven of which are rated “critical,” 40 that are considered “important” and one that…

Imagine that you have a business in partnership with someone. At some point, you have an internal conflict. What will you do as a main…

Zscaler Security Research technically analyzed Mjag dropper and Punisher RAT. Mjag dropper is compiled in the Microsoft .NET framework, and its original binary is obfuscated using SmartAssembly. Read more..

Introduction Greetings, Everyone!  It has been several months since I’ve blogged, so it seems fitting to start the New Year off with a post about two topics that I thoroughly enjoy exploring: …

I’ve been aware of bug bounties for a few years now but never really felt I was capable of participating.

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. - trimstray/the-book-of-secret-knowledge

DEPRECATED, wifipumpkin3 -> https://github.com/P0cL4bs/wifipumpkin3 - P0cL4bs/WiFi-Pumpkin-deprecated

Convenient commands for your pentesting / red-teaming engagements, OSCP and CTFs.

Collection of misc IT Security related whitepapers, presentations, slides - hacking, bug bounty, web application security, XSS, CSRF, SQLi - bl4de/security_whitepapers

Homework meltdown is not uncommon among students at any academic level, college, high school, or even middle school. To many students, homework can feel like a

🐶 A curated list of Web Security materials and resources. - qazbnm456/awesome-web-security

A malicious Windows shortcut file posing as a movie via The Pirate Bay torrent tracker can trigger a chain of mischievous activities on your computer, like injecting content from the attacker into high-profile web sites such as Wikipedia, Google and Yandex Search or…

A fully configurable and extendable Bash obfuscation framework. This tool is intended to help both red team and blue team. - Bashfuscator/Bashfuscator

Watch the threat landscape long enough, and you’ll see that some things are cyclical. Threat types and attack methods fall in and out of fashion. As the use of one...

…or Level 1 Credential Management API extension for Public Key Credentials, and the untold stories of managing credentials in the browser…