_meta is a reserved key that contains the basic information of the scan.

7-Zip through 21.07 on Windows allows privilege escalation and command execution when a file with the .7z extension is dragged to the Help>Contents area.

vaf is a cross-platform web fuzzer with a lot of features. Some of its features include:

CVE-2022-29464 is critical vulnerability on WSO2 discovered by Orange Tsai. the vulnerability is an unauthenticated unrestricted arbitrary file

The Research List is a github repository by pen4uin

An exploit tool repository is not regularly updated for details of the corresponding vulnerabilities

A collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

🔸 Jul 29 2021 -  APT trends report Q2 2021🔸 Apr 27 2021 -  APT trends report Q1 2021🔸 Nov 04 2020 -  APT trends report Q3

If you just have access to an AD environment but you don't have any credentials/sessions you could: Pentest the network: Scan the network, find machines and

This playbook will help you introduce effective DevSecOps practices in your company, regardless of size. We provide explicit guidance and actionable steps to

Hello! On my Twitter account @cyb_detective I post different services, techniques, tricks and notes about OSINT and more. I collect all the links

Maltego - one of most famous graphical analyze tool for OSINT. There is list of tools that handle different data and make it usable in Maltego:

PoC + vulnerability details for CVE-2022-25262 | JetBrains Hub single-click SAML response takeover

This list contains anything that can help with your Microsoft Azure architecture and quickly get you up and running when designing, planning, and implementing