w3af: web application attack and audit framework, the open source web vulnerability scanner. - andresriancho/w3af

How I Hacked Into Your Corporate Network Using Your Own Antivirus Agent by Angelo Ruwantha Recently I was busy with …

Antonio shares findings and tips from his research on socket-based fuzzing. Let’s start with the audit of three widely-used FTP servers, with details on interesting CVEs found along the way.

Is jailbreaking an Apple TV worth it? If you are working in the forensics, it definitely is. When connected to the user's Apple account with full iCloud access, the Apple TV synchronizes a lot of data. That data may contain important evidence, and sometimes…

Security Weekly is a security podcast network for information security professionals, by information security professionals. We produce free podcasts!

mssqlproxy is a toolkit aimed to perform lateral movement in restricted environments through a compromised Microsoft SQL Server via socket reuse - blackarrowsec/mssqlproxy

A small proof of concept Windows shellcode injector using syscalls.

By James Forshaw, Project Zero In my previous blog post I discussed an issue with the Windows Kernel’s handling of Restricted Tokens wh...

TL;DR Following the wrong link could allow remote attackers to control your WiFi router, Google Home, Roku, Sonos speakers, home…

DNS rebinding attacks have been known for quite a long time. For example, Stanford Web Security Research Team posted a whitepaper about DNS rebinding attacks in 2007. But even if it's a well-known type of attacks, nowadays you still can find software systems…

Broken phishing accidentally exploiting Outlook zero-day, Author: Jan Kopriva

What is DNS Rebinding? Imagine you are a comuter :D People give you URLs and you load them
Of course you won’t load url that points to your internal network… That would be stupid right?
Because of this some clever developer wrote code like this to prevent…

dns rebind tool with custom scripts. Contribute to h43z/dns-rebinding-tool development by creating an account on GitHub.

Hey Fellas! I hope you all are doing good and safe. Thank you so much for showing your interest in my previous blogs.