Authored by James Forshaw, Google Security Research
The HTTP server implemented in HTTP.SYS on Windows handles authentication in a system thread which bypasses PAC verification...
By:
Cybersecurity is an infinite journey in a digital landscape that never ceases to change. According to Ponemon Institute1, "only 59% of organizations say...
By:
Jan 12, 2023Ravie LakshmananActive Directory / Malware
A recent IcedID malware attack enabled the threat actor to compromise the Active Directory domain of an...
By:
Jan 24, 2023Ravie LakshmananCyber Threat / Cyber Crime
The Emotet malware operation has continued to refine its tactics in an effort to fly under...
By: Tina Martin
Why You Need Cybersecurity to Protect Your Greatest Assets
When it comes to cybersecurity, you can never be too careful. After all, not...
Most major economies in Africa experienced fewer overall cyber threats in 2023, but there were some dramatic exceptions: Kenya suffered a 68% rise in...
A user on a popular hacker forum has leaked an archive containing user and creator data allegedly exfiltrated from Teespring, an e-commerce platform that...
In December 2020, FireEye uncovered and publicly disclosed a widespread attacker campaign that is being tracked as UNC2452. In some, but not all, of...
I Can Haz Domain Admin?
Active Directory security is notoriously difficult. Small organizations generally have no idea what they're doing, and way too many people...
domhttpx is a google search engine dorker with HTTP toolkit built with python, can make it easier for you to find many URLs/IPs at once with fast time.
Usage
Flags
This...
Sniffle is a sniffer for Bluetooth 5 and 4.x (LE) using TI CC1352/CC26x2 hardware.
Sniffle has a number of useful features, including:
Support for BT5/4.2 extended...
Modular brute force tool written in Python, for very fast password spraying SSH, and FTP and in the near future other network services.
COMING SOON: SMB,...
This project builds virtual machine which can be used for analytics of tshark -T ek (ndjson) output. The virtual appliance is built using vagrant, which builds...
Authored by CraCkEr
osCommerce version 4 suffers from a cross site scripting vulnerability. This finding is another vector of attack for this issue already discovered...
Authored by gabe_k
Proof of concept code that demonstrates how the Windows kernel suffers from a privilege escalation vulnerability due to a double-fetch in NtQueryInformationThread...