Demos of and walkthroughs on in-browser fuzzing using WebAssembly - jonathanmetzman/wasm-fuzzing-demo

Qualys Research Labs discovered a local privilege escalation vulnerability in OpenBSD’s dynamic loader. The vulnerability could allow local users or malicious software to gain full root privileges.

The idea ? :Using Telegram for Penetration Testing and Cyber Security

Mass scan IPs for vulnerable services. Contribute to s0md3v/Silver development by creating an account on GitHub.

The bug will crash the app and it will continue to crash even after we reopen WhatsApp, resulting in a crash loop. Moreover, the user will not be able to return to thegroup and all the data that was written and shared in the group is now gone for good. The…

Learn how to perform manual SQL injection effectively on live sites with techniques showcased in this informative article.

Bee box is a great VM to learn and exploit web application vulnerabilities specially OWASP top 10’s. It’s usual that tester will try to…

This tool was created during our research at Checkpoint Software Technologies on Whatsapp Protocol (This repository will be updated after BlackHat 2019) - romanzaikin/BurpExtension-WhatsApp-Decrypt...

Contribute to nidem/kerberoast development by creating an account on GitHub.

Hello all, I’m Surendiran and it's my 1st write-up.

Since December rolled around, I have been working on pwnables related to VMware breakouts as part of my advent calendar for 2019. Advent calendars are a fun way to get motivated to get familiar with a target you’re always putting off, and I had a lot of success…

Aon’s Cyber Solutions recently discovered a security vulnerability in all versions of Drupal 8 below 8.7.11 / 8.8.1.

With some luck and a couple of XSS bugs I was able to break the new Edge

Image credit: Powershell Magazine
Introduction
This time I’ll be taking a look at the Windows Powershell, and how it can be used during the exploitation and post exploitation phases of a penetration test. I’ll also be looking at the relationship b...

A repository of my completed writeups, along with the samples themselves. - itsKindred/malware-analysis-writeups

PoC for CVE-2019-19844(https://www.djangoproject.com/weblog/2019/dec/18/security-releases/) - ryu22e/django_cve_2019_19844_poc

Resources about network security, including: Proxy/GFW/ReverseProxy/Tunnel/VPN/Tor/I2P, and MiTM/PortKnocking/NetworkSniff/NetworkAnalysis/etc。More than 1700 open source tools for now. Post incomin...