The Mobile App Pentest cheat sheet was created to provide concise collection of high value information on specific mobile application penetration testing topics. - tanprathan/MobileApp-Pentest-Chea...

This week, CYBER speaks to Shane Huntley, the Director of Google's Threat Analysis Group (TAG), essentially Google's hacker hunting team.

XSS, cross site scripting, javascript injection, clientside, RCE, 0day, 1day

I wrote a module for patator to brute-force AD credentials via Microsoft RD Gateway

Original text Introduction The last post discussed some of the problems when writing a payload for process injection. The purpose of this post is to discuss deploying the payload into the memo…

CMS Detection and Exploitation suite - Scan WordPress, Joomla, Drupal and over 180 other CMSs - Tuhinshubhra/CMSeeK

Notes taken from Google Machine Learning Course provided to public for practice & correction. - AntonioErdeljac/Google-Machine-Learning-Course-Notes

(CVE-2018-8495) Chaining small bugs together to achieve RCE

Exploitation from WAN to LAN

Read writing from Diddy Doodat on Medium. Security Researcher. Every day, Diddy Doodat and thousands of other voices read, write, and share important stories on Medium.

Golang for Security Professionals. Contribute to parsiya/Hacking-with-Go development by creating an account on GitHub.

Being a bug bounty hunter, I face a lot of competition. Lots of companies are willing to issue rewards for vulnerabilities in their…

Research by: Nadav Grossman Introduction In this article, we tell the story of how we found a logical bug using the WinAFL fuzzer and exploited it in WinRAR to gain full control over a victim’s computer. The exploit works by just extracting an archive, and…

Today I’ll be telling you about the tool which combines the advantages of many tools for Cyber Threat Intelligence and Open Source…