Because sharing
is caring.
By paupu
10/07/2023
AWS CodeBuild + S3 == Privilege Escalation
How to escalate your privileges in AWS by abusing CodeBuild and S3 permissions.
Min
05/09/2022
How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale
Learn how to decrypt Manage Engine Password Manager Pro (PMP) passwords after exploiting CVE-2022-35405.
Min
By thezero
16/05/2022
Printing Fake Fiscal Receipts - An Italian Job p.2
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
19/04/2022
Printing Fake Fiscal Receipts - An Italian Job p.1
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
05/04/2022
A Sneak Peek into Smart Contracts Reversing and Emulation
Introduction to web3 security, Smart Contract Reversing (bytecode and decompiled code level) and EVM emulation with Qiling.
Min
Min
Min
Min
By polict
16/02/2021
Hunting for bugs in Telegram's animated stickers remote attack surface
polict's 2020 journey in researching the lottie animation format, its integration in mobile apps and the vulnerabilities triggerable by a remote attacker against any Telegram user.
Min
By zi0black
02/11/2020
Re-discovering a JWT Authentication Bypass in ServiceStack
ServiceStack in version 5.9.2 almost silently patched a vulnerability which allowed to bypass JWT signature.
Min