Apache Superset is a popular open source data exploration and visualization tool. In a previous post, we disclosed a vulnerability, CVE-2023-27524, affecting thousands of Superset servers on the Internet, that enables unauthorized attackers to gain admin…

In this video, part of a 3 video series, we'll look at what a basic structure is, discuss how it uses memory and use a sample program to create a compiled binary for reverse engineering. We'll then use IDA Pro to analyze the code and identify signs of structure…

How did I locate a traveler from a picture taken at the beach?

Satellites play an indispensable role in modern life, providing essential services such as telecommunications, global navigation, and earth observation. In recent years, we've seen an explosive growth in the number of satellites, primarily in the Low Earth…

This article presents the internals of Windows Container.

An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session. - AzeemIdrisi/PhoneSploit-Pro

Boost this channel to enable it to post stories.

Quickly find differences and similarities in disassembled code - google/bindiff

Microsoft SharePoint Server Elevation of Privilege Vulnerability - Chocapikk/CVE-2023-29357

A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy. - hmgle/graftcp

Exploit for CVE-2023-29360 targeting MSKSSRV.SYS driver - Nero22k/cve-2023-29360

Contribute to 1N73LL1G3NC3x/Nightmangle development by creating an account on GitHub.

Contribute to hackvens/CoercedPotato development by creating an account on GitHub.

CVE-2023-22515: Confluence Broken Access Control Exploit - Chocapikk/CVE-2023-22515

A repository of telemetry domains and URLs used by mobile location tracking, user profiling, targeted marketing and aggressive ads libraries. - craiu/mobiletrackers

In this post I describe a somewhat unique Android kernel exploit, which utilizes the TrustZone in order to compromise the kernel.