This most recent Patch Tuesday, Microsoft released an Important-rated patch to address a remote code execution bug in Microsoft Exchange Server. This vulnerability was reported to us by an anonymous researcher and affects all supported versions of Microsoft…

SkySafe Miscellaneous Reverse Engineering Blog. Contribute to skysafe/reblog development by creating an account on GitHub.

Written by Cedric Halbronn On Saturday 15th February, I gave a talk titled “How CVE-2018-8611 Can be Exploited to Achieve Privilege Escalation on Windows 10 1809 (RS5) and Earlier”. Thi…

Jenkins offers a credentials store where we can keep our secrets. Of someone stole your source code and dumped your databases, you might think it's game over, but that's not always true...

  Bug Bounty Tips Over the past years we have shared a lot of  tips to help our readers in one way or another. Thinking outside the box or trying a different approach could be the defining factor in...

While I prefer more to write/talk about far-going topics instead of just one vulnerability write-up, I decided to make an exception for…

During the latest years Web Security has become a very important topic in the IT Security field. The advantages the web offers resulted in very critical services being developed as web applications. The business requirements for their web applications security…

Java is known for its backward-compatibility and modern projects use a wide range of old libraries. However, such libraries are often left unsupported by maintainers for a long time and highly insecure.

Hello everyone, I would like to share a riveting issue regarding XSS (Cross-Site Scripting ) I endured a few months ago. Cross-site scripting (XSS) is a type of security vulnerability typically fou…

Home of Nikhil SamratAshok Mittal. Posts about Red Teaming, Offensive PowerShell, Active Directory and Pen Testing.