Adversary Tactics - PowerShell Training. Contribute to specterops/at-ps development by creating an account on GitHub.

Domain user enumeration tool. Contribute to sensepost/UserEnum development by creating an account on GitHub.

Sudo’s pwfeedback option can be used to provide visual feedback when the user is inputting their password. For each key press, an asterisk is printed. This option was added in response to user confusion over how the standard Password: prompt disables the…

Azure Security Kit  aka AzSK is a framework that is used internally by Microsoft to control & govern their Azure Subscriptions. While some features are overlapping with Azure Security Center, I…

This blog post illustrates a vulnerability we discovered in the F-Secure Internet Gatekeeper application. It shows how a simple mistake can lead to an exploitable unauthenticated remote code execution vulnerability.

this blog post is about Exploiting Insecure Firebase Databases, due to Improper set security rules one can write data to the database in certain conditions here’s a Short POC tutorial of the issue.

Waitfor is a Microsoft binary which is typically used to synchronize computers across a network by sending signals. This communication mechanism can be used in a red team operation in order to down…

This post is going to outline how I simply applied my methodology and managed to find multiple vulnerabilities leaking airline passenger…

Monitor activity of any driver. Contribute to zodiacon/DriverMon development by creating an account on GitHub.

In this sequel, wvu recounts the R&D (in all its imperfect glory) behind creating a Metasploit module for the DOUBLEPULSAR implant's lesser-known RDP variant. If you're unfamiliar with the more common SMB variant, you can read our blog post detailing how…

Several months have passed by without any new security publications. Hoping to unveil my current research at this time labelled “The…

Automatically brute force all services running on a target. - 1N3/BruteX