Had a job to test an application few days back. Its an application using java applet. Hurm..when I heard its an application via java applet...

Course content, lab setup instructions and documentation of our very popular Breaking and Pwning Apps and Servers on AWS and Azure hands on training! - appsecco/breaking-and-pwning-apps-and-servers...

This was found in a private bug bounty. The scope is limited to a few of features that available to the public. Based on the previous repor...

### Summary

This vulnerability allows attacker to send arbitrary requests to local network which hosts GitLab and read the response. This is possible due to flawed DNS rebinding protection.

The...

Update Faker (updatefaker.com) is a harmless website to prank your friends, family or colleagues when they leave their computer unattended! It doesn't matter if they use Microsoft Windows, Apple OSX, or an older operating system, we've got you covered!

We have all heard about VLAN double tagging attacks for a long time now. There have been many references and even a single packet proof of concept for VLAN double tagging attack but none of them

Simple CLI tool for the generation of bind and reverse shells in multiple languages - ShutdownRepo/shellerator

After publishing my blog post Unauthorized Google Maps API Key Usage Cases, and Why You Need to Care and scanner script for it, I got…

Hello everyone i hope you guys are doing great in this quarantine i decided to write small blog post about my months older bug please have…

Hey all,

Securify provides reality checks to lower security risks and build up resilience against threats. Agile Security, Pentesting (scenario-based) and Red Teaming.

Posted by hugeh0ge, Ricerca Security NOTE: We have decided to make our PoC exclusively available to our customers to avoid abuse by scr...

Contribute to james0x40/chrome-webrtc-pocs development by creating an account on GitHub.

How I Hacked Into Your Corporate Network Using Your Own Antivirus Agent by Angelo Ruwantha Recently I was busy with …

JWT Attack to change the algorithm RS256 to HS256. Contribute to 3v4Si0N/RS256-2-HS256 development by creating an account on GitHub.