Summary NFC beaming of applications between devices using Android OS bypasses some security controls (the “install unknown application” prompt). A rogue device like a payment terminal c…

This is North Korea's malware used in the attack on India's nuclear power plant. They had infiltrated the South Korean military's internal network in 2016 and stole classified information. And they once destroyed South Korean broadcasting stations and banking…

Look at you go with your badass hacker self, just hackity-hack-hackin’ away. As the quote from Sun Tzu’s Art of War suggests, however, if you can defeat your opponent without a fight or little-to-no…

CVE-2019–18653 & CVE-2019–18654: The story when Reflected XSS was triggering from SSID Name (It also affected AVG AntiVirus since basically

scan for NTLM directories. Contribute to nyxgeek/ntlmscan development by creating an account on GitHub.

Getting snagged by AV using regsvr32 /i:http(s)? Signatures are based on utilizing http within command. Don't use http or chain multiple commands together for same effect. https://t.co/ZbnYL00may

Code Injection

WebARX is a web application firewall where you can protect your website from malicious attacks. As you can see it was mentioned in TheHackerNews as well and has good ratings if you do some Googling…

Recently i discovered a semi responded SSRF on Vimeo with code execution possibility. This blog post explains how i found & exploited it…

Next.js is a quite popular (>13k stars on GitHub) framework for server-rendered React applications. It includes a NodeJS server which allows to render HTML pages dynamically. While digging into…

▶ Enter the awesome iMyFone Halloween giveaway contest and get your iPhone 11 for FREE at this link*: http://bit.ly/2BKlKJI In this video, we're discussing @...

A detailed paper on Jenkins Pre-Auth RCE . Contribute to SpiderMate/Paper-on-Jenkins-Rce development by creating an account on GitHub.

Tests for race conditions in web applications. Includes a RESTful API to integrate into a continuous integration pipeline. - GitHub - TheHackerDev/race-the-web: Tests for race conditions in web app...