nodejsscan is a static security code scanner for Node.js applications. - ajinabraham/nodejsscan

How you can use NodeJsScan for SAST.NodeJsScan is a static code scanner which is used to find security flaws specifically in Node.js applications.

i've been invited in some private bugbounty program on bugcrowd platform and the scope is limited, i mean no wildcard subdomain allowed for submission report but if found something-something good, " Just reach out to support@bugcrowd.com " - Policy Okay !…

Although this vulnerability doesn’t directly result in a full elevation of privileges with code execution as NT AUTHORITY\SYSTEM, it is still quite interesting because of the exploitation “tricks” involved. Diagnostic Tracking Service (a.k.a. Connected User…

Microsoft replied that this is out of scope of their security program as well as not deemed this as a security vulnerability at all, so I…

Pen-testing android apps require different methodologies than web applications. The difference is that you have to figure out by different methods.

Maryam: Open-source Intelligence(OSINT) Framework. Contribute to saeeddhqan/Maryam development by creating an account on GitHub.

What do you get when you cross security consultants and playing games at lunch? XSS bypasses and a pot of really good coffee.

Early last year Gareth Heyes unveiled a fascinating new technique for attacking web applications by exploiting path-relative stylesheet imports, and dubbed it ‘Relative Path Overwrite’. This attack tr

بسم الله الرحمن الرحيم

Bypass Technique Description

The Cobalt Strike Blog. Read new featured content, get updates on the latest patches, and insights into the future of red teaming tools.

[POC] Asynchronous reverse shell using the HTTP protocol. - onSec-fr/Http-Asynchronous-Reverse-Shell

Interactive malware hunting service. Live testing of most type of threats in any environments. No installation and no waiting necessary.

Tales of a preoccupied developer

In this video we go over what deeplinks are and ways they can be exploited. PoC examples and example reports are also reviewed.