PayPal CSP Bypass <script type="application/x-component" data-component=paypal-checkout> alert(document.domain) </script> <script src="//www.paypalobjects.com/api/checkout.4.0.75.js"> </script>

Preface
(日本語版も公開されています。)
Cloudflare, which runs cdnjs, is running a “Vulnerability Disclosure Program” on HackerOne, which allows hackers to perform vulnerability assessments.
This article describes vulnerabilities reported through this program and published…

After investigating Impacket, the Checkmarx Security Research Team discovered a Path Traversal vulnerability, which could allow an attacker to write malicious files to any path on the target and achieve Remote Code Execution (RCE).

Pure Nim implementation for exploiting CVE-2021-36934, the SeriousSAM local privilege escalation - HuskyHacks/ShadowSteal

EarlyBird process hollowing technique (BOF) - Spawns a process in a suspended state, inject shellcode, hijack main thread with APC, and execute shellcode - boku7/HOLLOW

Blog: CVE-2021-31956 - Exploiting the Windows Kernel via NTFS with WNF – Part 1 by @alexjplaskett - research.nccgroup.com/2021/07/15/cve…

I was recently on an engagement where we phished in and ran into UAC which gave me more trouble than I expected. When a user logs onto Windows, a logon session is created and the credentials are ti…

Example of simple dll injection

The ultimate WinRM shell for hacking/pentesting. Contribute to Hackplayers/evil-winrm development by creating an account on GitHub.

These techniques still hold their own in modern networks.

C# Lsass parser. Contribute to cube0x0/MiniDump development by creating an account on GitHub.

By creating the key "telnet.exe" in the "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths" registry and setting the "Default" key to any executable. We can call it by running the command: rundll32.exe url.dll,TelnetProtocolHandler

Decided to put to paper my #OSINT methodology for investigating IP Addresses that includes the common points of exploitation I look for to see what data I can squeeze out of them. Keep in mind not all targets will contain all data points.

🚨RCE on a backend IIS server via file upload with an atypical file extension. 📋More community curated payloads can be found at github.com/swisskyrepo/Pa… #tipstoknow

Threat Actors Infrastructure (VT Analysis).

Victims include telecommunications, government and financial institutions.

As part of Microsoft Exchange April and May 2021 patch, several important vulnerabilities were fixed which could lead to code execution or e-mail hijacking. Any outdated and exposed Exchange server...

Ruby on Railsで使われているDeserializeとその危険性について調べたものをまとめました。