This is the story of how I was able to get remote code execution on Hubspot 's servers by exploiting a vulnerability in  HubL expression la...

This post is about an bug that i found on Facebook which used to verify any new Gmail and G-Suite account with minimal Victim’s…

Archived security papers and articles in various languages.

一个包含php,java,python,C#等各种语言版本的XXE漏洞Demo. Contribute to c0ny1/xxe-lab development by creating an account on GitHub.

By @breenmachine What? The most underrated, underhyped vulnerability of 2015 has recently come to my attention, and I’m about to bring it to yours. No one gave it a fancy name, there were no …

Resolute just retired on Hackthebox, it’s a medium difficulty Windows box. Still being a bit new to the Windows environment the enumeration process got a bit long and tedious for me at some point bu

Top Ten Web Hacking Techniques List. Contribute to irsdl/top10webseclist development by creating an account on GitHub.

Welcome to the bourne again f4d3.io

PoC 2019-2215 exploit for S8/S8 active with DAC + SELinux + Knox/RKP bypass - chompie1337/s8_2019_2215_poc

APT 与 HW

This post is Part III in a series about my experiences attacking FreeIPA. In Part I of this series, we reviewed some of the background and…

A curated list of awesome reversing resources. Contribute to tylerha97/awesome-reversing development by creating an account on GitHub.

#DOCX #XXE #LFI #RCE #pwn #BOF #ROP #ret2libc