Introducing a novel technique for e-mail spoofing

Malware Analysis and Threat Intelligence Research

As seen in most security blog posts today, binary diffing tools are essential for reverse engineering, vulnerability research, and malware analysis. Patch diffing is a technique widely used to identify changes across versions of binaries as related to security…

Bug Bounty Tutorial

Review our latest Fortinet analysis that breaks encryption on firmware images, leading to improved detection, fingerprinting, and exploit development.

In this talk, we delve into the captivating realm of TCP/IP stack fuzzing. As the backbone of internet communication, the TCP/IP stack is...

Recently, I have been studying Android penetration testing, and I came across a new topic called ‘Deep Links’. Since it is a new topic to…

What is Flutter?

During my preparation for eMAPT, I came across Mobile Hacking Lab  — and their free hacking labs which I felt would help me for practice…

The maintainers of the AFLplusplus open-source project show crazy new ways to (ab)use QEMU to explore difficult, binary-only targets thro...

The HAFNIUM threat actor is using an unconventional method to tamper scheduled tasks in order to establish persistence via modification of registry keys in their malware called Tarrask. The benefit…

Ending 2023 with good note, I came up with another misconfiguration due to a parameter that leads to exposure of AWS credentials and access…

SSH-Snake is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery. - MegaManSec/SSH-Snake

Maximizing Subdomain Discovery with SecurityTrails

Hello hackers, I’m Mo’men Osama(0xMatrix) a bug hunter

An overview of SnakeYAML deserialization vulnerabilities (CVE-2022-1471) - how it works, why it works, and what it affects