Extracting Windows Users Password Hints with PowerShell

This is a quick blog post about extracting Password Hints for Windows users using PowerShell. Recen...

Read More

HTTP Evader - Automate Firewall and IDS Evasion Tests

While HTTP is defined in RFC2616 (HTTP/1.1) the specification does not address every tiny detail. ...

Read More

Extracting Digital Signatures from Signed Malware with pf

Lot of malware/PUP (Potential Unwanted Programs)/Adwares are now digitally signed. Those signatures...

Read More

Zhone ADSL2+ 4P Bridge&Router - Multiple Vulnerabilities

Document Title: =============== Zhone ADSL2+ 4P Bridge&Router - Multiple Vulnerabilities Refe...

Read More

Virtual Freer v1.57 - Authentication Bypass Vulnerability

Document Title: =============== Virtual Freer v1.57 - Authentication Bypass Vulnerability Referen...

Read More

[CVE-2014-7216] Yahoo! Messenger emoticons.xml Multiple Key Value Handling Local Buffer Overflow

RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION --------------------...

Read More

Analyzing Popular Layer 7 Application DDoS Attacks

Distributed Denial of Service (DDoS) attacks have been a major concern for website owners for a whi...

Read More

Metasploit: Windows Escalate UAC Protection Bypass

## # This module requires Metasploit: http://metasploit.com/download # Current source: https://gi...

Read More

LinkedIn Sockpuppets Are Targeting Security Researchers

Multiple LinkedIn accounts recently targeted numerous security specialists in an attempt to map the...

Read More

W^X policy violation affecting all Windows drivers compiled in Visual Studio 2013 and previous

Back in June, I was doing some analysis on a Windows driver and discovered that the INIT section ha...

Read More

Paper: Automating Information Flow Analysis of Low Level Code

ABSTRACT Low level code is challenging: It lacks structure, it uses jumps and symbolic addresses,...

Read More

Checkmarx CxQL Sandbox bypass (CVE-2014-8778)

Checkmarx CxQL Sandbox bypass (CVE-2014-8778) Vendor: Checkmarx - www.checkmarx.com Product: CxSui...

Read More

Tiny Banker hidden in modified WinObj tool from Sysinternals

Tiny Banker aka Tinba Trojan made a name for itself targeting banking customers worldwide. The Avas...

Read More

Shifu: A new interesting Banking Trojan

Hello everybody, today I'd like to share some infos on "Shifu" a new incredibly inter...

Read More

Cross-Site Request Forgery in Cerb

Advisory ID: HTB23269 Product: Cerb Vendor: Webgroup Media LLC Vulnerable Version(s): 7.0.3 and pro...

Read More

PayPal Inc - SecApproval & 2FA Auth Bypass Vulnerability

Document Title: =============== PayPal Inc - SecApproval & 2FA Auth Bypass Vulnerability Refe...

Read More

Netflix Sleepy Puppy XSS Payload Management Framework

Sleepy Puppy is a cross-site scripting (XSS) payload management framework which simplifies the abil...

Read More

About the “tpwn” Local Privilege Escalation

This post had to come out two weeks ago, but due to school exams I haven’t had the time to write th...

Read More

Flash Exploit Detector

Flash Exploit Detector(FED), or named FlashProtector. A BHO of IE, detect Flash Vector Exploit an...

Read More

KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation

KL-001-2015-004 : XGI Windows VGA Display Manager Arbitrary Write Privilege Escalation Title: XGI ...

Read More

KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation

KL-001-2015-003 : SiS Windows VGA Display Manager Multiple Privilege Escalation Title: SiS Windows...

Read More

[CORE-2015-0013] - FortiClient Antivirus Multiple Vulnerabilities

1. Advisory Information Title: FortiClient Antivirus Multiple Vulnerabilities Advisory ID: CORE-20...

Read More