| 2024-08-20 |
Binary Metadata Diff |
gist.github.com 0 |
|
| 2024-08-20 |
GitHub - DosX-dev/WebSafeCompiler: NodeJS utility for compiling static websites for optimization or intellectual property protection purposes |
github.com 0 |
|
| 2024-08-20 |
GitHub - joeavanzato/RetrievIR: PowerShell script designed to help Incident Responders collect forensic evidence from local and remote Windows devices... |
github.com 0 |
|
| 2024-08-20 |
Crafting Chaos: A deep dive into developing Shellcode Loaders! |
infosecwriteups.com 0 |
|
| 2024-08-20 |
Spip Preauth RCE 2024: Part 1, The Feather |
thinkloveshare.com 0 |
|
| 2024-08-20 |
GitHub - BeichenDream/SharpToken: Windows Token Stealing Expert |
github.com 0 |
|
| 2024-08-20 |
Do you Like Donuts? Here is a Donut Shellcode Delivered Through PowerShell/Python |
isc.sans.edu 0 |
|
| 2024-08-20 |
GitHub - compsec-snu/tiktag |
github.com 0 |
|
| 2024-08-20 |
LayeredSyscall – Abusing VEH to Bypass EDRs |
whiteknightlabs.com 0 |
|
| 2024-08-19 |
Windows TCP/IP Vulnerability CVE-2024-38063: Researchers Hold Back Exploit Details Due to High Risk |
securityonline.info 0 |
|
| 2024-08-19 |
gotestwaf: test different web application firewalls (WAF) for detection logic and bypasses |
meterpreter.org 0 |
|
| 2024-08-19 |
Zero Day Initiative — CVE-2024-38213: Copy2Pwn Exploit Evades Windows Web Protections |
www.zerodayinitiative.com 0 |
|
| 2024-08-19 |
Cisco SSM On-Prem; Account Takeover (CVE-2024-20419) |
www.0xpolar.com 0 |
|
| 2024-08-19 |
How Hackers Extracted the ‘Keys to the Kingdom’ to Clone HID Keycards |
www.wired.com 0 |
|
| 2024-08-19 |
GitHub - synacktiv/SCCMSecrets: SCCMSecrets.py aims at exploiting SCCM policies distribution for credentials harvesting, initial access and lateral mo... |
github.com 0 |
|
| 2024-08-19 |
Researchers hack electronic shifters with a few hundred dollars of hardware |
arstechnica.com 0 |
|
| 2024-08-19 |
The Hidden Treasures of Crash Reports |
objective-see.org 0 |
|
| 2024-08-15 |
Project Zero: ‘It Will Take All of Us to End The Era of Zero Days’ |
duo.com 0 |
|
| 2024-08-15 |
identYwaf: Blind WAF identification tool |
meterpreter.org 0 |
|
| 2024-08-15 |
BYOVDLL - A New Exploit That Is Bypassing LSASS Protection |
gbhackers.com 0 |
|
| 2024-08-15 |
Linux Kernel Vulnerabilities Expose Systems to Privilege Escalation: Flaws Detailed and Exploit Code Released |
securityonline.info 0 |
|
| 2024-08-15 |
ArtiPACKED: A New GitHub Actions Vulnerability Exposes Critical Credentials |
securityonline.info 0 |
|
| 2024-08-15 |
sysdig-inspect: powerful opensource interface for container troubleshooting and security investigation |
meterpreter.org 0 |
|
| 2024-08-15 |
CVE-2024-38856 - Apache OFBiz Pre-Authentication RCE vulnerability |
www.broadcom.com 0 |
|
| 2024-08-15 |
GitHub - infobyte/draytek-arsenal: Reverse Engineering and Observability toolkit for Draytek firewalls |
github.com 0 |
|
| 2024-08-14 |
Project Wycheproof |
github.com 0 |
|
| 2024-08-14 |
SSD Advisory – Google Chrome RCE |
ssd-disclosure.com 0 |
|
| 2024-08-14 |
FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability |
thehackernews.com 0 |
|
| 2024-08-14 |
Backdoor.Win32.Nightmare.25 MVID-2024-0687 Code Execution |
packetstormsecurity.com 0 |
|
| 2024-08-14 |
Gentoo Linux Security Advisory 202408-24 |
packetstormsecurity.com 0 |
|
| 2024-08-14 |
cispa/GhostWrite: Proof-of-concept for the GhostWrite CPU bug. |
github.com 0 |
|
| 2024-08-14 |
Living off the land with Bluetooth PAN |
Pen Test Partners 0 |
|
| 2024-08-14 |
Harnessing LLMs for Automating BOLA Detection |
unit42.paloaltonetworks.com 0 |
|
| 2024-08-14 |
google/buzzer |
github.com 0 |
|
| 2024-08-12 |
Microsoft Reveals Four OpenVPN Flaws Leading to Potential RCE and LPE |
thehackernews.com 0 |
|
| 2024-08-12 |
Filesystems timing attacks |
www.slideshare.net 0 |
|
| 2024-08-12 |
English Version |
DEVCORE 戴夫寇爾 0 |
|
| 2024-08-12 |
Quark Engine: automating analysis of suspicious Android application |
meterpreter.org 0 |
|
| 2024-08-12 |
New Flaws in Sonos Smart Speakers Allow Hackers to Eavesdrop on Users |
thehackernews.com 0 |
|
| 2024-08-12 |
Bucket Monopoly: Breaching AWS Accounts Through Shadow Resources |
www.aquasec.com 0 |
|
| 2024-08-12 |
Downgrade Attacks Using Windows Updates |
www.safebreach.com 0 |
|
| 2024-08-12 |
Researchers Demonstrate How Hackers Can Exploit Microsoft Copilot |
cybersecuritynews.com 0 |
|
| 2024-08-12 |
Researchers Uncover 10 Flaws in Google's File Transfer Tool Quick Share |
thehackernews.com 0 |
|
| 2024-08-09 |
0.0.0.0 Day: Exploiting Localhost APIs From the Browser | Oligo Security |
www.oligo.security 0 |
|
| 2024-08-09 |
国内在线车联网平台(道路运输车辆卫星定位系统)安全威胁分析报告 |
灯塔实验室 0 |
|
| 2024-08-09 |
Windows Zero-day Flaw Let Hackers Downgrade Fully Updated Systems to Old Vulnerabilities |
cybersecuritynews.com 0 |
|
| 2024-08-09 |
A deep dive into CVE-2023-2163: How we found and fixed an eBPF Linux Kernel Vulnerability |
bughunters.google.com 0 |
|
| 2024-08-09 |
oss-security - KL-001-2024-005: Open WebUI Stored Cross-Site Scripting |
openwall.com 0 |
|
| 2024-08-09 |
是谁在LINUX内核中开了这个大洞? |
mp.weixin.qq.com 0 |
|
| 2024-08-09 |
GitHub - MaLDAPtive/Invoke-Maldaptive: MaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection. |
github.com 0 |
|
| 2024-08-07 |
Django CVE-2024-41989, CVE-2024-41990, CVE-2024-41991, and CVE-2024-42005 |
Open Source Security 0 |
|
| 2024-08-07 |
MITMing the Xbox 360 Dashboard for Fun and RCE |
landaire.net 0 |
|
| 2024-08-07 |
CVE-2024-38100: Leaked Wallpaper Exploit Exposes Windows Users to Privilege Escalation Attacks |
securityonline.info 0 |
|
| 2024-08-07 |
Search query for bugs in Apache Solr |
pvs-studio.com 0 |
|
| 2024-08-07 |
Disclaimer |
github.com 0 |
|
| 2024-08-07 |
GitHub - Aegrah/PANIX: Customizable Linux Persistence Tool for Security Research and Detection Engineering. |
github.com 0 |
|
| 2024-08-07 |
Auditing Atlassian Plugins, 53 0-Days Later |
cyllective.com 0 |
|
| 2024-08-07 |
A Visual Guide to Pointer Analysis with cclyzer++: Part 1 |
galois.com 1 |
|
| 2024-08-06 |
Windows AppLocker Driver LPE Vulnerability - CVE-2024-21338 - Crowdfense |
www.crowdfense.com 2 |
|
| 2024-08-06 |
Fuzzy matching with Ghidra BSim, a guide |
Pen Test Partners 0 |
|
| 2024-08-06 |
Create your own custom implant |
www.ribbiting-sec.info 0 |
|
| 2024-08-06 |
Windows Kernel Rootkit in Rust (shadow-rs) ???? |
github.com 0 |
|
| 2024-08-06 |
From Limited file read to full access on Jenkins (CVE-2024-23897) |
xphantom.nl 0 |
|
| 2024-08-06 |
Teaching the Old .NET Remoting New Exploitation Tricks |
github.com 0 |
|
| 2024-08-06 |
One for all and all for WHAD: wireless shenanigans made easy ! |
defcon.org 0 |
|
| 2024-08-06 |
SyzBridge |
github.com 0 |
|
| 2024-08-01 |
Unmasking the SMS Stealer: Targeting Several Countries with Deceptive Apps |
Blogs Archive - Zimperium 0 |
|
| 2024-08-01 |
Crooks Bypassed Google’s Email Verification to Create Workspace Accounts, Access 3rd-Party Services |
Krebs on Security 0 |
|
| 2024-08-01 |
Heap exploitation, glibc internals and nifty tricks. |
Quarkslab's blog 0 |
|
| 2024-08-01 |
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 2 |
Zero Day Initiative - Blog 0 |
|
| 2024-08-01 |
Re: ISC has disclosed four vulnerabilities in BIND 9 (CVE-2024-0760, CVE-2024-1737, CVE-2024-1975, CVE-2024-4076) |
Open Source Security 0 |
|
| 2024-08-01 |
An In-Depth Look at the Cisco CCDE-AI Infrastructure Certification |
Cisco Blogs 0 |
|
| 2024-08-01 |
[SECURITY ADVISORY] curl: CVE-2024-7264 ASN.1 date parser overread |
Open Source Security 0 |
|
| 2024-08-01 |
Don’t Let Your Domain Name Become a “Sitting Duck” |
Krebs on Security 0 |
|
| 2024-08-01 |
Out-of-bounds read vulnerability in NVIDIA driver; Open-source flashcard software contains multiple security issues |
Cisco Talos Blog 0 |
|
| 2024-07-31 |
tartufo: searches through git repositories for secrets, digging deep into commit history and branches |
meterpreter.org 0 |
|
| 2024-07-31 |
Chrome Stealer |
bernking.github.io 0 |
|
| 2024-07-31 |
Breaking Barriers and Assumptions: Techniques for Privilege Escalation on Windows: Part 1 |
www.zerodayinitiative.com 0 |
|
| 2024-07-31 |
Entity-Relation Diagram Assisted Hacking Tool |
github.com 0 |
|
| 2024-07-31 |
Improving the security of Chrome cookies on Windows |
security.googleblog.com 0 |
|
| 2024-07-31 |
How a GraphQL Bug Resulted in Authentication Bypass |
www.hackerone.com 0 |
|
| 2024-07-31 |
Unit 42 Secures Medical Device Manufacturer After Network Breach |
www.paloaltonetworks.com 0 |
|
| 2024-07-31 |
Our audit of Homebrew |
Trail of Bits Blog 0 |
|
| 2024-07-30 |
Proofpoint Email Routing Flaw Exploited to Send Millions of Spoofed Phishing Emails |
thehackernews.com 0 |
|
| 2024-07-30 |
Exploiting CVE-2024-21412: A Stealer Campaign Unleashed | FortiGuard Labs |
www.fortinet.com 0 |
|
| 2024-07-30 |
ImageMagick AppImage Vulnerability Opens Door to Arbitrary Code Execution |
securityonline.info 0 |
|
| 2024-07-30 |
VMware ESXi CVE-2024-37085 Targeted in Ransomware Campaigns |
Rapid7 Cybersecurity Blog 0 |
|
| 2024-07-30 |
ESXi Security-hardening | change the default “ESX Admins” AD group |
mosnotes.com 0 |
|
| 2024-07-30 |
RADIUS Protocol Vulnerability Impacted Multiple Cisco Products |
cybersecuritynews.com 0 |
|
| 2024-07-30 |
Unveiling the latest banking trojan threats in LATAM |
securityintelligence.com 0 |
|
| 2024-07-30 |
Hands in the Cookie Jar: Dumping Cookies with Chromium’s Remote Debugger Port |
posts.specterops.io 0 |
|
| 2024-07-29 |
H1d3r/GPU_ShellCode |
github.com 1 |
|
| 2024-07-29 |
Introduction |
tudoor.net 0 |
|
| 2024-07-29 |
CVE-2024-6922: Automation Anywhere Automation 360 Server-Side Request Forgery |
Rapid7 Cybersecurity Blog 0 |
|
| 2024-07-29 |
Leaked Intel Boot Guard keys: What happened? How does it affect the software supply chain? |
www.binarly.io 0 |
|
| 2024-07-29 |
10 Million Users Compromised in Z-Library Phishing Site Hack |
securityonline.info 0 |
|
| 2024-07-29 |
Abusing RCU callbacks with a Use-After-Free read to defeat KASLR |
anatomic.rip 0 |
|
| 2024-07-29 |
CYBERSECEVAL 3: Advancing the Evaluation of Cybersecurity Risks and Capabilities in Large Language Models | Research - AI at Meta |
ai.meta.com 0 |
|
| 2024-07-29 |
PDF Dosyalarına Zararlı Kod Enjekte Etme ve PDF Dropper (ADOBE) |
cti.monster 0 |
|
| 2024-07-24 |
Researchers find ‘Port Shadow’ flaws in VPN platforms |
www.scmagazine.com 0 |
|
