Welcome to "The Fuzzing Book"! Software has bugs, and catching bugs can involve lots of effort. This book addresses this problem by automating software testing, specifically by generating tests automatically. Recent years have seen the development of novel…

TL;DR Link to heading You can run an arbitrary command on a VMware Fusion guest VM through a website without any priory knowledge. Basically VMware Fusion is starting up a websocket listening only on the localhost. You can fully control all the VMs (also…

Exploit for CVE-2019-9810 Firefox on Windows 64-bit. - 0vercl0k/CVE-2019-9810

This short post catalogs some resources that may be useful for those interested in security data science. It is not meant to be an…

I think the backdoor issue's been solved 🤔

Attack and defend active directory using modern post exploitation adversary tradecraft activity - infosecn1nja/AD-Attack-Defense

Lets Map Your Network enables you to visualise your physical network in form of graph with zero manual error - varchashva/LetsMapYourNetwork

Amid a massive exchange of rocket fire and airstrikes between Israel and both Hamas and Islamic Jihad this weekend, Hamas attempted a cyber operation against an unspecified civilian target in Israel.

In this post we will discuss the design and implementation of peer-to-peer command and control protocols in general, as well as the…

Slides from my talk at ISC 2018 in Beijing 2018. Contribute to fboldewin/ATM-Hacking-ISC2018 development by creating an account on GitHub.

Tool to find and extract credentials from phone configuration files hosted on CUCM - llt4l/iCULeak.py

Just uploaded the exploit for my #HITB2019Ams talk, kernel privilege escalation on macOS High Sierra without memory corruption: https://t.co/aqTG923Bu9 slides: https://t.co/j5uPIpKOwH