Intro Just before we start, a little shoutout to https://formatmysourcecode.blogspot.co.uk/ for making all the exploit code look neat n ti...

When the Windows Operating system is installed via a clean installation or via an upgrade, the Windows Setup binary is executed. The Windows setup allows custom scripts to be executed such as the S…

In part nine of Claroty Team82's OPC UA Deep Dive Series, we describe remote code execution (RCE) attacks against OPC UA integration servers. We uncovered five new vulnerabilities during our research of the Softing Secure Integration Server, which we were…

In the constantly changing world of cybersecurity, generative AI is becoming an increasingly valuable tool. This blog post shows various exa...

Posted by Alexander Frömmgen, Staff Software Engineer, and Lera Kharatyan, Senior Software Engineer, Core Systems & Experiences Code-change rev...

Summary A vulnerability in TOTOLINK LR1200GB allows remote unauthenticated attackers to become authenticated due to a stack overflow vulnerability in the web interface. Additional post-auth vulnerabilities in the product allow for command injection and their…

A new and concerning chapter has unfolded in these troubled times of geopolitical chaos. The Cozy Bear threat actor has caused significant breaches targeting Microsoft and HPE, and more are likely...

This article summarizes methods that can be used to gather forensic evidence from Ivanti appliances.

An attempt to explain covariance and correlation in the simplest form.

GitHub Gist: instantly share code, notes, and snippets.

Whenever I see a wordpress site -

1. Run wpscan
2. /wp-json/wp/v2/users /wp-json/?rest_route=/wp/v2/users[/n] /?author=n and try common passwords.
3. /wp-admin/install.php
4. /wp-config.php.zip /wp-config.php.bak
5. /wp-content/debug.log
6. SSRF /wp-jso…

What it is like to exploit a
Linux kernel bug in 2023 when you have never exploited anything

Introduction CVE-2024-0517은 Maglev가 derived constructor를 컴파일하는 과정에서 allocation folding을 처리할 때 발생하는 버그로, out of bounds write를 이용하여 arbitrary code execution이 가능한 취약점입니다. Environment Setting # install depot_tools cd ~ git clone https://chromium.googlesource…

Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022).…

TL:DR Insignificant whitespaces in the JSON standard can be used to encode data without breaking the format. This could aid malicious…

This new backdoor we’re calling “TinyTurla-NG” (TTNG) is similar to Turla’s previously disclosed implant, TinyTurla, in coding style and functionality implementation.

Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements. Anyone who has tried to run a Social…