"XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persistent XSS. Customize request headers, cookies, proxie...

Nozomi Networks Labs recently conducted firmware analysis on a DJI Mavic 3 Series drone. Learn more about their findings.

A OWASP Based Checklist With 500+ Test Cases. Contribute to Hari-prasaanth/Web-App-Pentest-Checklist development by creating an account on GitHub.

A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any ty...

The official gpt4free repository | various collection of powerful language models | opus 4.6 gpt 5.3 kimi 2.5 deepseek v3.2 gemini 3 - xtekky/gpt4free

Akamai researchers explore a new critical vulnerability in Windows that could lead to a bypass of CVE-2023-23397’s mitigation.

Go shellcode loader that combines multiple evasion techniques - f1zm0/hades

Edit :

PEASS - Privilege Escalation Awesome Scripts SUITE (with colors) - peass-ng/PEASS-ng

Preface

In this blog, we explore how to leverage the implementation of the Hyper-V virtualization technology to exploit and attack Windows systems and learn what measures should be taken to mitigate this vulnerability. Join us as we explore the world of Windows hacking…

And today I’m sharing the report describing the vulnerability (CVE-2023-1586) in Avast file restore functionality and exploitation of this vulnerability to execute arbitrary code in the “NT AUTHORITY\SYSTEM” context

Multiple vulnerabilities have been identified in the Kiddoware Kids Place Parental Control Android App. Users of the parent's web dashboard can be attacked via cross site scripting or cross site request forgery vulnerabilities, or attackers may upload arbitrary…