|
How to Perform a Comprehensive Code Security Audit | 2024-12-24 | Code Audit, smart contract, Vulnerabilities |
Joern for Beginners: A How-To Guide for Source Code Analysis | 2024-11-25 | Code Audit, Vulnerabilities |
A Comprehensive Guide to Learning Smart Contract Security: From Scratch to Advanced | 2024-04-05 | ethereum, smart contract, solidity, web3 |
A Deep Dive Understanding of Smart Contract Vulnerabilities - Part 2 | 2024-03-31 | defi, ethereum, smart contract, web3 |
A Deep Dive Understanding of Smart Contract Vulnerabilities - Part 1 | 2024-03-29 | defi, ethereum, smart contract, web3 |
SolarWinds Security Event Manager AMF deserialization RCE - CVE-2024-0692 | 2024-03-22 | CVE, Poc |
Exploring the Impact of 0-Day Exploitation in Qualcomm MSM Linux Kernel and ARM Mali GPU | 2024-02-27 | 0 Day, Poc |
Full-Chain Attacks: A Look at Baseband Vulnerability Exploits - 2 | 2024-02-26 | Poc, Vulnerabilities |
Full-Chain Attacks: A Look at Baseband Vulnerability Exploits - 1 | 2024-02-25 | Poc, Vulnerabilities |
Analyzing the Google Chrome V8 CVE-2024-0517 Out-of-Bounds Code Execution Vulnerability | 2024-02-24 | Chrome, CVE, Poc |
Analysis of Glibc privilege escalation vulnerability "Looney Tunables" (CVE-2023-4911) | 2024-02-21 | CVE, Poc |
Analysis of Microsoft Streaming Agent Privilege Elevation Vulnerability - CVE-2023-36802 | 2024-01-10 | Poc |
An In-Depth Analysis of Google Chrome Extension Vulnerabilities and Security | 2023-11-29 | Poc, Vulnerabilities |
Unveiling the Unauthenticated Command Execution Vulnerability in Cisco IOS XE System WebUI | 2023-11-24 | Poc, Vulnerabilities |
Confluence Vulnerability (CVE-2023-22515): A Deep Dive into Atlassian Bamboo's Chain Security Landscape | 2023-11-23 | Poc, Vulnerabilities |
Unveiling the Secrets of XSS Bypass: Harnessing JavaScript Symbols for Code Execution | 2023-11-05 | Poc, Vulnerabilities, XSS |
A Malicious Python Repository fshec2 PyPI Attack Analysis | 2023-10-11 | Code Audit, Vulnerabilities |
KeePass Memory Leakage Vulnerability Analysis - CVE-2023-32784 | 2023-10-09 | Poc |
Critical Analysis: Unraveling the Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246) | 2023-07-29 | Poc |
Talking about JSONP Hijacking Vulnerability | 2023-07-22 | Application Security, Injection Attack, Penetration |
Bypassing PHP WAF to Achieve Remote Code Execution In-Depth Analysis | 2023-07-21 | PHP |
Unveiling the Sudo Heap Overflow Vulnerability (CVE-2021-3156): A Critical Security Flaw Reappears | 2023-07-13 | Poc |
LangChain Arbitrary Command Execution - CVE-2023-34541 | 2023-07-10 | Poc |
Auth.Tesla.com's Vulnerability Leads To Account Takeover of Internal Tesla Accounts | 2023-05-09 | Bug Bounty, Poc, Vulnerabilities |
The Summary Of Spring Security Authorization Bypass on Java | 2023-04-28 | Penetration, Spring Boot |
WebLogic Deserialization Vulnerability - CVE-2023-21839 | 2023-04-27 | Poc, Vulnerabilities |
Methods for Bypassing Authentication Vulnerabilities | 2023-04-24 | Bug Bounty, Penetration |
Getting Started with Internet of Vehicles Security - CAN Simulation | 2023-03-23 | Penetration |
The Unbounded Loops Vulnerability : Denial of Service | 2023-02-05 | smart contract, web3 |
The VSCode Shortcuts, Extensions & Settings for Flutter Development | 2023-01-28 | Flutter |
The Linux Kernel Network Scheduler Vulnerabilities and Exploits - Privilege Escalation | 2022-12-29 | Poc, Vulnerabilities |
An Introduction to Smart Contracts Hacking and Attacks | 2022-12-28 | smart contract |
An Unsafe Deserialization Vulnerability and Types of Deserialization | 2022-12-10 | Deserialization |
Apache Commons Text RCE Vulnerability Analysis - CVE-2022-42889 | 2022-12-02 | Poc |
A Talk about Logic Vulnerabilities of Android Components - Android Security | 2022-11-21 | android |
A Brief Introduction to SAML Security Vector | 2022-11-15 | |
A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters | 2022-11-03 | Bug Bounty |
A Remote Code Execution in JXPath Library (CVE-2022-41852) | 2022-10-28 | Poc |
Android Security : A Checklist For Exploiting WebView | 2022-10-19 | android |
Spring Actuator - Finding Actuators using Static Code Analysis - Part 2 | 2022-10-04 | Spring Boot |
Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1: | 2022-09-29 | Spring Boot |
Turning cookie based XSS into account takeover | 2022-09-27 | |
Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl | 2022-09-27 | Poc |
The Blind Exploits To Rule Watchguard Firewalls Vulnerabilities | 2022-09-22 | Poc |
A Talk About Java Serialization and Deserialization | 2022-09-19 | Application Security, java |
A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 2) | 2022-09-09 | Cloud Security, Kubernetes, Penetration |
XSS vulnerabilities discovered in ServiceNow - CVE-2022-38463 | 2022-09-06 | Poc |
A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 1) | 2022-08-30 | Cloud Security, Kubernetes, Penetration |
A Mass Exploitation of Unauthenticated Zimbra RCE -- CVE-2022-27925 | 2022-08-25 | Poc |
An Open Source apps Leads to XSS to RCE Vulnerability Flaws | 2022-08-22 | Bug Bounty, Penetration, Poc |
How To Exploit PHP Remotely To Bypass Filters & WAF Rules | 2022-08-15 | Bug Bounty, Penetration, PHP |
A Heap Buffer Overflow in the Linux Kernal Leads to Root Privileges - CVE-2022-34918 | 2022-08-06 | Poc |
Sophos XG Firewall Authentication bypass allowing Remote Code Execution - CVE-2022-1040 | 2022-08-04 | Poc |
Cross-Site Scripting Vulnerabilities in Elementor Impact Over 65 Million Websites - CVE-2022-29455 | 2022-07-27 | Poc |
A Rolling-PWN Attack Vulnerability Leads to Unlock or Start Vehicles Remotely - CVE-2022-27254 | 2022-07-17 | Poc |
An OGNL Injection Remote Code Execution (RCE) Vulnerability on Atlassian Confluence (CVE-2022-26134) | 2022-07-12 | Poc |
The Spring Data MongoDB SpEL Expression Injection Vulnerability - CVE-2022-22980 | 2022-06-24 | Poc, Spring Boot |
The Fastjson “Auto Type Bypass” leads to RCE vulnerability - CVE-2022-25845 | 2022-06-22 | Poc |
A Critical Vulnerability Leads to Remote Code Execution in Sophos Firewall - CVE-2022-1040 | 2022-06-17 | Poc |
How to Fix MSDT Vulnerability using SCCM and Intune | CVE-2022-30190 | 2022-06-10 | Application Security, Poc |
The Various Utilization Methods of PHP Serialization & Deserialization | 2022-06-09 | Bug Bounty, Penetration, PHP |
A Detailed Brief About Offence and Defence on Cloud Security - Etcd Risks | 2022-05-04 | Kubernetes |
Server-Side Request Forgery in Java by URLConnection Method | 2022-04-24 | Bug Bounty, Injection Attack |
A Common WAF Bypass Techniques and Principles | 2022-04-16 | |
Spring4Shell: An Application Vulnerable to RCE | 2022-04-12 | Poc |
A Detail Understanding of DLL Injection Attack | 2022-04-03 | Injection Attack |
A Brief Analysis of Saas, PaaS and IaaS of Enterprise Cloud Services | 2022-03-22 | |
A Study of Double-Write Bypass for SQLMap - Tamper | 2022-03-20 | Sql Injection |
The Dirty Pipe Vulnerability (CVE-2022-0847) gives Unprivileged Users Root Access | 2022-03-17 | Poc |
The Story of 3 bugs that lead to Unauthorized RCE - Pascom Systems | 2022-03-13 | Poc |
A SQL Server Conditional Statement Injection Tips | 2022-03-07 | Sql Injection |
Introduction to SQL Server Function to Perform Fuzzy Search | 2022-03-04 | Sql Injection |
Introduction to SQL Server Injection | 2022-02-28 | Sql Injection |
A Study Notes of Exploit Spring Boot Actuator | 2022-02-21 | Spring Boot |
Introduction to Spring Boot Related Vulnerabilities | 2022-02-11 | Spring Boot |
A MacOS Vulnerability Could Lead to Unauthorized User Data - CVE-2021-30970 | 2022-02-08 | Poc |
A Windows Defender Vulnerability That Bypass the Trojan/Malware | 2022-02-07 | |
A Remote Code Execution on WinRAR - CVE-2021-35052 | 2022-02-02 | Poc |
Gaining Unauthorized Camera Access via Safari UXSS - CVE-2021-30861, CVE-2021-30975 | 2022-02-01 | Poc |
A Summary of OAuth 2.0 Attack Methods | 2022-01-28 | |
A Brief Summary of Primary Interview of Security Engineer | 2022-01-06 | Application Security, Blue Team, Penetration |
A Summary Of Fancy Attack Injection Methods - Part 3 | 2022-01-01 | Injection Attack |
A Summary Of Fancy Attack Injection Methods - Part 2 | 2021-12-31 | Injection Attack |
A Summary Of Fancy Attack Injection Methods - Part 1 | 2021-12-28 | Injection Attack |
PHP - A File Inclusion Vulnerability | 2021-12-19 | Bug Bounty |
SQL/MySQL Constraints | 2021-12-17 | DBMS |
Data Types in SQL/MySQL | 2021-12-17 | DBMS |
SQL/MySQL RDBMS Concepts | 2021-12-16 | DBMS |
DDL, DML, DCL and TCL Commands in SQL/MySQL/NoSQL | 2021-12-15 | DBMS |
Introduction to DBMS | 2021-12-15 | DBMS |
Apache Log4j Vulnerability Is Actively Exploited in the Wild (CVE-2021-44228) | 2021-12-12 | Poc |
What is DevSecOps : What Tools for DevSecOps | 2021-12-08 | |
CVE-2021-43267: Remote Linux Kernel Heap Overflow | TIPC Module Allows Arbitrary Code Execution | 2021-11-26 | Poc |
Top 6 Kubernetes Security Tools | 2021-11-25 | Kubernetes |
Introduction to Kubernetes Pentesting | 2021-11-24 | Kubernetes |
Microsoft Exchange Deserialization RCE (CVE-2021–42321) | 2021-11-23 | Poc |
Windows Lockscreen Elevation of Privilege Vulnerability - CVE-2020-1398 | 2021-11-15 | Poc |
Remote Code Execution Flaws in WordPress | 2021-11-12 | Poc |
What is ELF (Binary Exploitation ) and How to Dissecting and Exploiting ELF Files - 3 | 2021-11-11 | Binary Exploit |
What is ELF (Binary Exploitation ) and How to Exploiting ELF - 2 | 2021-11-08 | Binary Exploit |
What is ELF (Binary Exploitation ) and How to Exploiting ELF - 1 | 2021-11-07 | Binary Exploit |
Multiple Vulnerabilities in KaiOS Pre-installed Mobile Applications | 2021-11-06 | Application Security |
What is Single Sign-On (SSO) and How Does It Work? | 2021-11-05 | |
OWASP MOBILE TOP 10 : Insecure Communication | 2021-11-03 | Mobile Pentest |
An Unauthenticated RCE Vulnerability In MovableType / CVE-2021-20837 | 2021-10-31 | Poc |
An Unauthorized RCE in VMware vCenter - CVE-2021–22005 | 2021-10-30 | Poc |
An Unauthenticated RCE Vulnerability In MacOS Finder | 2021-10-29 | Poc |
OWASP MOBILE TOP 10 : Insecure Data Storage | 2021-10-19 | Mobile Pentest |
OWASP MOBILE TOP 10 : Improper Platform Usage | 2021-10-18 | Mobile Pentest |
What is Forensic Imaging : Which Tools for Digital Forensic and Incident Response | 2021-10-17 | Digital Forensic |
What is Security Information and Event Management (SIEM) : How does SIEM Work? | 2021-10-06 | Blue Team |
What is Threat Intelligence & What are the Indicators of compromise ? | 2021-10-05 | Blue Team |
Incident Response and Security Operations | 2021-10-05 | Blue Team |
Security in Cloud Computing: The Essential Guide for Cybersecurity | 2021-10-02 | |
Top 20 Open-source tools for every Blue Teamer | 2021-09-30 | Blue Team |
RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through | 2021-09-29 | Poc |
Remote Code Execution (RCE) vulnerability in Hikvision IP camera/NVR firmware (CVE-2021-36260) | 2021-09-27 | Poc |
What is Web Fuzzing: How can Web Fuzzing useful in Pentest? | 2021-09-18 | Penetration |
What Is Computer Forensics: Learn to Become a Cyber Forensics Expert | 2021-09-17 | Digital Forensic |
Top Ethical Hacking Practice Resource Labs | 2021-09-16 | Penetration |
Getting Started into AWS Penetration Testing | 2021-09-04 | Penetration |
Famous First Landing Pages | Google, Facebook, Amazon, Twitter, Instagram..etc | 2021-09-04 | |
The Ultimate Guide To DEEP FAKE & What Softwares using deepfake ? | 2021-08-04 | |
What is Blind SQL injection ? What is Blind SQL Injection Brute Forcer ? | 2021-07-29 | Bug Bounty |
Complete Guide to Configuring SSH in Ubuntu / Debian | 2021-07-21 | Ubuntu |
How to Install Ventoy --- an Open-Source Tool to Create a Bootable USB drive on Ubuntu / Debian | 2021-06-25 | Ubuntu |
Top 10 Web Application Security Risks | 2021-06-25 | Application Security |
What is a Server Form ? How Server Farms Work? | 2021-06-24 | |
What is Artificial Intelligence ? How does AI work, Types and Future of it? | 2021-06-23 | AI Trends |
How To Install the Apache Web Server on Ubuntu 20.04 [Quickstart] | 2021-06-23 | Ubuntu |
Linear Regression in Machine Learning Definition, Advantage & Uses | 2021-06-23 | AI Trends |
Deep Learning : What it Means and what’s the role of Deep Learning | 2021-06-22 | AI Trends |
Cryptography Basics Encryption and Decryption | 2021-06-19 | |
Best Chrome Extensions for Email Marketers | 2021-04-05 | |
Rengine : An Automated Recon Framework For Web Applications | 2021-04-01 | Bug Bounty |
Case File -- Atom Package (Bookmark Mananger For Programmer's ) | 2021-02-19 | |
How To Get Remote Acess To Browser | 2021-01-31 | |
What Is Ghidra Reverse Engineering Tool | 2020-12-17 | |
What is WannaCry Ransomware | 2020-12-16 | |
EvilOSX : A Remote Administration Tool (RAT) for macOS / OS X | 2020-12-16 | |
How to Disable the Use of USB Storage Devices in Windows 10 | 2020-11-12 | Tricks |
WordPress File Manager Plugin Exploit for Unauthenticated RCE | 2020-11-08 | Poc |
eDEX-UI - A Cross-Platform, Customizable Science Fiction Terminal Emulator With Advanced Monitoring &Touchscreen Support | 2020-10-31 | |
Ethical Hacking Tools | 2020-10-31 | Tools |
How to Make Invisible Password Protected Folder | 2020-10-29 | |
How To Clone A Sim Cards | 2020-10-29 | |
DNS Spoffing [Man in middle attack ] | 2020-09-27 | Hacking, Spoofing |
Legion - Network Pentesting Tool | 2020-09-25 | Penetration |
Hack - Tools : A Extension For Web Pentesters | 2020-09-11 | Bug Bounty |
🕷️ReconSpider - Open Source Intelligence (OSINT) Framework | 2020-09-06 | Bug Bounty |