Hi, This is Yogesh Tantak a Security Researcher from India. Today I am writing about a critical bug that I found in Google’s new Product…

generate CobaltStrike's cross-platform payload. Contribute to gloxec/CrossC2 development by creating an account on GitHub.

Weblogic RCE with IIOP. Contribute to jas502n/CVE-2020-2551 development by creating an account on GitHub.

bootstrap K3s over SSH in < 60s 🚀. Contribute to alexellis/k3sup development by creating an account on GitHub.

Posts about Write-ups written by Omar

A collection of inspiring lists, manuals, cheatsheets, blogs, hacks, one-liners, cli/web tools and more. - trimstray/the-book-of-secret-knowledge

the fastest and most powerful android decompiler(native tool working without Java VM) for the APK, DEX, ODEX, OAT, JAR, AAR, and CLASS file. which supports malicious behavior detection, privacy lea...

Netbios Name Service (NBT-NS) is used in Windows networks for communication between hosts. Systems will use this service when resolving names over LHOSTS and DNS fail. Abusing this service to perfo…

collect for learning cases. Contribute to sailay1996/awesome_windows_logical_bugs development by creating an account on GitHub.

Hooking, Credential Stealing

The arsenal of lateral movement techniques was expanded with new methods that abuse the DCOM functionality of Windows applications.

MSBuild is a trusted Windows binary that is part of Microsoft .NET framework and can be utilized to build applications in environments where Visual Studio is not installed. From the perspective of …

pwndrop - The new fast & fun way to set up an HTTP/WebDAV server for your payloads is coming! python -m SimpleHTTPServer may soon be retiring. Stay tuned! Here is a quick sneak peek: https://t.co/bzVV6E9oyT

More and more companies are moving to the cloud. Subscribing cloud services means less hardware maintenance, more comfort, and an “always-on” feeling. As an administrator, you have to g…

This blog walks through how to quickly identify SQL Server instances used by 3rd party applications that are configured with default passwords using PowerUpSQL.

Ops is hard. What have learned so far?

Website with an API to get information on IP addresses, and of course an anime girl to read you it - GitHub - luxunator/weebmyip: Website with an API to get information on IP addresses, and of cour...