Adobe Reader progress One year ago I blogged about my many attempts and failures at fuzzing Adobe Reader and finding exploitable security issues.

This is a tale of how we found a wormable XSS on Twitter, and how we managed to fully bypass its CSP policy.

Infiltrate 2019 talk slides

SAP Message Server research presented at OPCDE 2019 - gelim/sap_ms

USB armory: open source flash-drive-sized computer - inversepath/usbarmory

CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.

Welcome to "The Fuzzing Book"! Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. Recent years have seen the development of novel…

TL;DR Link to heading You can run an arbitrary command on a VMware Fusion guest VM through a website without any priory knowledge. Basically VMware Fusion is starting up a websocket listening only on the localhost. You can fully control all the VMs (also…

Exploit for CVE-2019-9810 Firefox on Windows 64-bit. - 0vercl0k/CVE-2019-9810

This short post catalogs some resources that may be useful for those interested in security data science. It is not meant to be an…

I think the backdoor issue's been solved 🤔

Attack and defend active directory using modern post exploitation adversary tradecraft activity - infosecn1nja/AD-Attack-Defense

Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error - varchashva/LetsMapYourNetwork

Amid a massive exchange of rocket fire and airstrikes between Israel and both Hamas and Islamic Jihad this weekend, Hamas attempted a cyber operation against an unspecified civilian target in Israel.