Virtual machines for iOS and macOS. Contribute to utmapp/UTM development by creating an account on GitHub.

Your security research may be eligible for a reward through the Apple Security Bounty. We welcome reports from anyone.

In this post we will be looking at AWS Lambda, how we can deploy code using the Serverless framework, and how we can use this technology as a redirector for Cobalt Strike

✨ A curated list of awesome threat detection and hunting resources 🕵️‍♂️ - 0x4D31/awesome-threat-detection

This most recent Patch Tuesday, Microsoft released an Important-rated patch to address a remote code execution bug in Microsoft Exchange Server. This vulnerability was reported to us by an anonymous researcher and affects all supported versions of Microsoft…

Kr00k – formally known as CVE-2019-15126 – is a vulnerability in Broadcom and Cypress Wi-Fi chips that allows unauthorized decryption of some WPA2-encrypted traffic.

Monitoring the relationships between parent and child processes is very common technique for threat hunting teams to detect malicious activities. For example if PowerShell is the child process and …

Course materials for Advanced Binary Deobfuscation by NTT Secure Platform Laboratories - malrev/ABD

Scripts for the Ghidra software reverse engineering suite. - ghidraninja/ghidra_scripts

Though we’re now almost to March, I’m still spending my free time working though VMware pwning as part of my 2019 advent calendar. I’d given myself 3 VMware challenges to look at, including one CTF challenge from Real World CTF Finals in 2018, and two n-days…

Contribute to wavestone-cdt/abaddon development by creating an account on GitHub.

Cyber Threat hunting workshop - Download as a PDF or view online for free

Privilege escalation always comes down to proper enumeration. But to accomplish proper enumeration you need to know what to check and look for. This takes familiarity with systems that normally comes along with experience. At first privilege escalation can…