CVE-2021-42287/CVE-2021-42278 Scanner & Exploiter. - cube0x0/noPac

Application Security for the AI Era | Veracode

Part 1 of the x86_64 assembly crash course for people looking to learn how to reverse engineer, read assembly, and understand how exploits work.

Overview I’m excited to finally discuss and share the Proof-of-Concept code for an implant framework I wrote called Shlyuz (шлюз). Shlyuz takes a number of design queues from the Assassin Implant developed by the Central Intelligence Agency as described in…

Simple (relatively) things allowing you to dig a bit deeper than usual. - gtworek/PSBits

This story begins with a series of fails, but why? That is because of my special relationship with the Microsoft Exchange codebase…

Citrix ShareFile Storage Zones Controller uses a fork of the third party library NeatUpload. Versions before 5.11.20 are affected by a rela...

The post go through a QUIC (HTTP/3) implementation bug in the H2O webserver. The bug is interesting as it affected Fastly, a well-known…

EmbedExeLnk - Embedding an EXE inside a LNK with automatic execution x86matthew.com/view_post?id=e…

Published a new Repo Today, first one on gitlab ;) combining more than more tech to bypass av products: u can check it here: #bypassav #shellcode #payload gitlab.com/ORCA666/3in1

Nearly tweetable exploit (BYOShellcode) for Cisco Anyconnect VPN unauth RCE (rwx stack ftw) 🔥 patched last week. Presented at @offensive_con by @FlashbackPwn

Apparently if you swear at JavaScript you still get an alert(1): #!@*% alert(1)

Company Sensitive Data in Internet Web Archive@3nc0d3dGuY cat subdomains.txt | waybackurls | tee waybackurls.txt | grep -E "\\.xls|\\.xlsx|\\.json|\\.pdf|\\.sql|\\.doc|\\.docx|\\.pptx" #cybersecurity #bugbounty #bugbountytips

Decoding Cobalt Strike: Understanding Payloads decoded.avast.io/threatintel/de…

DiceCTF Memory Hole: how to break V8 heap sandbox mem2019.github.io/jekyll/update/…

Using Burp to test for IDOR #bugbounty #bugbountytips #cybersecuritytips portswigger.net/support/using-…

This is also me one of the most amazing references for attacking active directory that I’ve seen. Attacking Active Directory: 0 to 0.9 | zer1t0 zer1t0.gitlab.io/posts/attackin…