Official repository vuls Scan: 15000+PoCs; 23 kinds of application password crack; 7000+Web fingerprints; 146 protocols and 90000+ rules Port scanning; Fuzz, HW, awesome BugBounty( ͡° ͜ʖ ͡°)... - ...

Contribute to CronUp/Vulnerabilidades development by creating an account on GitHub.

MSTIC observed activity related to a single activity group in August 2022 that achieved initial access and compromised Exchange servers by chaining CVE-2022-41040 and CVE-2022-41082 in a small number of targeted attacks.

Microsoft has shared mitigations for two new Microsoft Exchange zero-day vulnerabilities tracked as CVE-2022-41040 and CVE-2022-41082, but researchers warn that the mitigation for on-premise servers is far from enough.

Security chapter of the 2022 Web Almanac covering Transport Layer Security, content inclusion (CSP, Feature Policy, SRI), web defense mechanisms (tackling XSS, XS-Leaks), and drivers of security mechanism adoptions.

In this report we focus on tactics, techniques, and procedures (TTPs) of the DeftTorero (aka Lebanese Cedar or Volatile Cedar) threat actor, which targets Middle East countries.

Providing security research and red team techniques

Kaspersky researchers detected OnionPoison campaign: malicious Tor Browser installer spreading through a popular YouTube channel and targeting Chinese users.

Aftermath is a free macOS IR framework. Contribute to jamf/aftermath development by creating an account on GitHub.

卡巴斯基的安全研究员近期发现，有大量恶意 Tor 浏览器安装程序的受害者在中国出现。

漏洞管理对于企业安全管理是非常重要的一环，如何度量漏洞管理的好坏也是企业管理者、业务团队、技术团队共同需要思考的。

输出控制符%s、%d、%x、%f,spicy(三)compiling analyzers,zkg相关记录