Who says you have to start small? A security researcher in India has netted $31,500 in bug bounty winnings after finding several security flaws in
Read more
‘Sign in with Apple’ vulnerability find earns $100k bug bounty
John Leyden 01 June 2020 at 14:51 UTCUpdated: 01 June 2020 at 15:30 UTC Forged requests flaw leads to six-figure payout A security researcher has
Read more
Hackers Leaked Dark Web Hosting Provider Database
Hackers leaked database of the largest dark web free web hosting provider that contains email addresses, credentials, and .onion private keys. Hacker named by KingNull,
Read more
Enumy – Linux Post Exploitation Privilege Escalation Enumeration
Enumy is portable executable that you drop on target Linux machine during a pentest or CTF in the post exploitation phase. Running enumy will enumerate
Read more
How Octopus Scanner malware attacked the open source supply chain
Malware abused the build process on GitHub ANALYSIS GitHub has published an informative post-mortem of a real-world open source software supply chain attack. NetBeans repositories
Read more
Victim:1 Vulnhub Walkthrough
Today we are going to solve another boot2root challenge called “Victim:1”. It is available on Vulnhub for the purpose of Penetration Testing practices. This lab
Read more
Jaeles : The Swiss Army Knife For Automated Web Application Testing
Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If
Read more
Bing-Ip2Hosts – Bingip2Hosts Is A Bing.com Web Scraper That Discovers Websites By IP Address
Bing-ip2hosts is a Bing.com web scraper to discover hostnames by IP address. DescriptionBing-ip2hosts is a Bing.com web scraper that discovers hostnames by IP address. Bing
Read more
Vault – A Tool For Secrets Management, Encryption As A Service, And Privileged Access Management
Please note: We take Vault’s security and our users’ trust very seriously. If you believe you have found a security issue in Vault, please responsibly
Read more
AutoRDPwn : The Shadow Attack Framework
AutoRDPwn is a post-exploitation framework created in Powershell, designed primarily to automate the Shadow attack on Microsoft Windows computers. This vulnerability (cataloged as a feature
Read more
Credential Dumping: LAPS
In this post, you will find out how Microsoft’s LAPs feature can be abused by the attacker in order to get the end-user password. Table
Read moreADS goes here!
If you don't see it, then please turn OFFAD blocker for this website.
Our ads are not aggressive and help us
pay for the server and coffee.
THANK YOU for your support!