An insight into the exploits of documented Chrome vulnerabilities.

A swiss army knife for pentesting networks. Contribute to byt3bl33d3r/CrackMapExec development by creating an account on GitHub.

Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects - ergrelet/cpplumber

Erbium Stealer Malware Report Executive Summary The Erbium malware is an information-stealer/ info stealer, which is distributed as Malware-as- a-Service...

In this post, we’ll walk through how to harden your Android device utilizing leading industry security best practices like CIS benchmarks…

Another Windows Local Privilege Escalation from Service Account to System - GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System

EDR hooking has become a major part of an adversary’s ability to successfully compromise an endpoint system. Hooking is a technique that alters the behavior of an application, allowing EDR tools to monitor the execution flow that occurs in a process, gather…

Attacking Web Apps Admin Panels The Right Way

Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. - Ne0nd0g/merlin

TL;DR The Reolink RLC-520A PoE camera obfuscates its HTTP communication by encrypting the POST body data. This level of security does defend against opportunistic attackers but falls short when defending against persistent attackers. Introduction Different…

Malware Persistence within ESXi Hypervisors. Learn how attackers use vSphere Installation Bundles ('VIBs") to install backdoors across ESXi hypervisors.

Circa the beginning of August 2022, while doing security monitoring & incident response services, GTSC SOC team discovered that a critical infrastructure

HackerOne report #1672388 by yvvdwf on 2022-08-17, assigned to @nmalcolm:...

A tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects in the domain. - Dec0ne/ShadowSpray

In this post, you will learn how to obtain wifi credentials for a TTLS-PAP enterprise network, connect to the network, and access LAN resources.