Avast JavaScript Interactive Shell . Contribute to taviso/avscript development by creating an account on GitHub.

🐛 A list of writeups from the Google VRP Bug Bounty program - xdavidhu/awesome-google-vrp-writeups

Automatically brute force all services running on a target. - 1N3/BruteX

XSS stands for Cross Site Scripting, it’s basically when input is not properly sanitized somewhere and a malicious actor can inject unintended javascript somewhere. That javascript will be executed by some unsuspecting user’s browser and then bad stuff can…

[CVE-2020-10111] Citrix Gateway 11.1 / 12.0 / 12.1 Cache Bypass [Proof Of Concept] $ curl --include --url https://$NSGATEWAYHOST/logon/incremental.php --data "value=22" https://t.co/qSZ5pgUhpe

Introduction

This repository was created and developed by Ammar Amer @cry__pto Only. Updates to this repository will continue to arrive until the number of links reaches 10000 links & 10000 pdf files .L...

Tales of a binary encoded life...

Windows active user credential phishing tool. Contribute to hlldz/pickl3 development by creating an account on GitHub.

It was found that the Ledger Nano S bootloader can be tricked into flashing and executing untrusted firmware.

Research Site: https://wallet.fail/
Twitter: https://twitter.com/walletfail
Thomas Roth: https://twitter.com/stacksmashing
original wallet.fail…

Introduction

In this research, we outline how to enable the execution of 64-bit shellcode via Excel 4.0 macros and previous research on 32-bit shellcode.

How a packet moves through network

:cloud: Collaborative Malware Analysis Platform at Scale - GitHub - saferwall/saferwall: :cloud: Collaborative Malware Analysis Platform at Scale