Welcome to Bugcrowd University – GitHub Recon and Sensitive Data
Exposure! This guide will help you to locate a targeted company’s
GitHub repositories and identify any sensitive data that may be
exposed within.

We’ve seen some pretty poor security in dating apps over recent years; breaches of personal data, leaking users locations and more. But this one really takes the biscuit: probably the worst security for any dating app we’ve ever seen And it’s used for arranging…

先知社区，先知安全技术社区

As the pace of life accelerates, we spend less time waiting or in downtime.  Kubernetes offers something similar for our life with technology. It is a container orchestration platform that offers an easy, automated way...

Tactics, Techniques and Procedures for Attacking Active Directory BlackHat USA 2019 30-35 minutes total Link to this deck: https://bit.ly/2ZQIfGY

Mobile Security Penetration Testing List for All-in-one Mobile Security Frameworks including Android and iOS Application Penetration Testing.   Mobile Application Security Testing Distributions Appie -...

Browser-based subdomain bruteforcing using DNS over HTTP(s) (DoH) - run.js

Introduction This is a quick post in response to a method of injection described by James Forshaw in Bypassing CIG Through KnownDlls. The first example of poisoning the KnownDlls cache on Windows c…

Gaining code execution using a malicious SQLite database Research By: Omer Gull tl;dr SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been examined through the lens of WebSQL and browser exploitation.…

This is 🍊 speaking

DEFCON 27 workshop - Modern Debugging with WinDbg Preview - hugsy/defcon_27_windbg_workshop

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. - GitHub - trimstray/the-book-of-secret-knowledge: A collection of inspiring lists, manuals,...