Ever wanted to encrypt messages with Enigma and decode them with the Bombe? Give our new features in #CyberChef a try! https://t.co/OxLcQQbePa

Default installations of Helm on Kubernetes can make it trivial for attackers to escalate to cluster admin. In this post I’ll demonstrate how.

Sysmon is an incredibly powerful tool to aide in data collection beyond Windows’ standard event logging capabilities. It presents a…

Quick walkthrough of pivot techniques including ssh, meterpreter, ncat, and netcat.

JWT Fuzzer for BurpSuite. Adds an Intruder hook for on-the-fly JWT fuzzing. - pinnace/burp-jwt-fuzzhelper-extension

Contribute to ianxtianxt/bypass360mimikatz_x64 development by creating an account on GitHub.

Knocking the door to Server-side Template Injection. Part 1 by Mohamed Habib Jawadi # Hands on guide on Server-Side Template …

Live Every Tuesday, Saturday and Sunday on Twitch: https://twitch.tv/nahamsec Signup for HackerOne: https://nahamsec.stream/HackerOne Signup for Hacker101: h...

Miku Fan and Program Abalysis

Win32k Exploit by Grant Willcox. Contribute to exodusintel/CVE-2019-0808 development by creating an account on GitHub.

Nowadays, cybercriminals have a thousand and one ways of creating and spreading ransomware. However, those fighting ransomware are not standing still either. In fact, we have two pieces of good news to share with you.

Nmap NSE Script to Detect vBulletin pre-auth 5.x RCE CVE-2019-16759 - r00tpgp/http-vuln-CVE-2019-16759