experts in offensive technologies

Posted by James Forshaw, Project Zero In my previous blog I discussed a technique which combined numerous issues I’ve previously repor...

Blog about anti-virus software vulnerabilities.

If you follow me on Twitter, you probably know that I developed my own Windows privilege escalation enumeration script - PrivescCheck - which is a sort of updated and extended version of the famous PowerUp. If you have ever run this script on Windows 7 or…

Suricata rules for the new critical vulnerabilities - sudohyak/suricata-rules

The NTLM relay feature of Impacket’s ntlmrelayx.py used to offer only two servers, HTTP and SMB, for incoming NTLM authenticated connections using those two ...

SubFinder | dnsx | naabu | httpx | nuclei https://t.co/UsjdJ4pkhN

Jailbreaks Never Die: Exploiting iOS 13.7 (slides) https://t.co/LCqBNPSVzE

Slack is a widely used communication platform relied on by many companies. During past red team engagements our team found ourselves…

My biggest contribution to github ever made: byp4xx, a simple bash script to bypass 403 forbidden error using methods mentioned in #bugbountytips: https://t.co/SIqr61piiu

AMSI Bypass Via the Heap. Contribute to rmdavy/HeapsOfFun development by creating an account on GitHub.

​GeForce Experience is the companion application to your GeForce GTX graphics card. It keeps your drivers up to date, automatically optimizes your game settings, and gives you the easiest way to...

Citrix Endpoint Management, aka XenMobile, is used for managing employee mobile devices and mobile applications. Usually it is deployed on the network perimeter and has access to the internal network due to Active Directory integration. This makes XenMobile…

"Use ImageMagick® to create, edit, compose, or convert bitmap images. It can read and write images in a variety of formats (over 200) includ...

Burpsuite Extension to bypass 403 restricted directory - sting8k/BurpSuite_403Bypasser

TL;DR