The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL) - JoeyRentenaar/Office-365-Extractor

All malwares are equals, but some malware are more equals than others Joxean Koret

Adobe Reader progress One year ago I blogged about my many attempts and failures at fuzzing Adobe Reader and finding exploitable security issues.

This is a tale of how we found a wormable XSS on Twitter, and how we managed to fully bypass its CSP policy.

Infiltrate 2019 talk slides

SAP Message Server research presented at OPCDE 2019 - gelim/sap_ms

USB armory: open source flash-drive-sized computer - inversepath/usbarmory

CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.

Welcome to "The Fuzzing Book"! Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. Recent years have seen the development of novel…

TL;DR Link to heading You can run an arbitrary command on a VMware Fusion guest VM through a website without any priory knowledge. Basically VMware Fusion is starting up a websocket listening only on the localhost. You can fully control all the VMs (also…

Exploit for CVE-2019-9810 Firefox on Windows 64-bit. - 0vercl0k/CVE-2019-9810

This short post catalogs some resources that may be useful for those interested in security data science. It is not meant to be an…

I think the backdoor issue's been solved 🤔