- Supporting threat intelligence analysts in finding the right open standards, tools and methodologies
- KDE CVE-2018-6791
- The LaZagne Project is back
- HENkaku Ensō bootloader hack for Vita
- Malware analysis, threat intelligence and reverse engineering
- Bug bounty Talk is cheap. Show me the money!
- Proof of concept of LibreOffice remote arbitrary file disclosure vulnerability
- VerSprite Security Research
- Cisco NX-OS VDC takeover vulnerability
- Burp extension : Replicator
- Adobe Flash Exploitation, Then and Now: From CVE-2015-5119 to CVE-2018-4878
- Analyzing CVE-2018-6376 – Joomla!, Second Order SQL Injection
- Catching phishing before they catch you
- unfurl, An Entropy-Based Link Vulnerability Analysis Tool
- Introducing Red Baron - Automate the Creation of Resilient, Disposable, Secure, and Agile Infrastructure for Red Teams
- Weaponization of Nessus Plugins
- Leverage certificate transparency live feed to monitor for newly issued subdomain certificates (last 90 days, configurable), for domains participating in bug bounty programs.
- Tool for extracting information from newly spawned processes
- iOS iBoot source code leaked on GitHub
- ReelPhish: A Real-Time Two-Factor Phishing Tool
- FinSpy VM Part 2: VM Analysis and Bytecode Disassembly
- Patch java archives obfuscated and signed by stringer 3.0.x
- Reddit : Reverse Engineering a MMORPG Bot to Find Vulnerabilities
- How to mount a raw image with a NTFS volume that is Bitlocker encrypted on Windows?
- Reddit : IR Interview Coming Up… Tips?
- Reddit : Linux system profile
- Reddit : Do I still need to secure erase? If your SSD has full disk encryption.
- Reddit : Forensic Recovery on a damaged drive
- Bruteforcing Linux Full Disk Encryption (LUKS) with hashcat - The Forensic way!
- Reddit : [HELP] First Android Encrypted acquisition
- Introducing SDB Explorer, a Microsoft Shim Databases explorer
- Reddit : Introducing SDB Explorer
- Hackers Can Now Steal Data Even From Faraday Cage Air-Gapped Computers
- I wrote a little write-up for a session fixation vulnerability previously found in Tomcat (CVE-2015-5346) for anyone that would like to read it
- Russians penetrated US voter systems, DHS cybersecurity chief tells NBC
- Cloud Security Risks and AWS CloudTrail
- PinMe: Tracking a Smartphone User around the World
- make a process unkillable?!
- Ability to bypass partner email confirmation to take over any store given an employee email
- Scripts And Tools For Pentesting
- Reddit : Tutorial: Cracking Denuvo V4 - YouTube