Because sharing
is caring.
By suidpit
24/10/2023
CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files
A recently disclosed CVE for the Orthanc DICOM server can be used to obtain Remote Code Execution. As a PoC was not available, we wrote one.
Min
By paupu
10/07/2023
AWS CodeBuild + S3 == Privilege Escalation
How to escalate your privileges in AWS by abusing CodeBuild and S3 permissions.
Min
05/09/2022
How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale
Learn how to decrypt Manage Engine Password Manager Pro (PMP) passwords after exploiting CVE-2022-35405.
Min
By thezero
16/05/2022
Printing Fake Fiscal Receipts - An Italian Job p.2
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
19/04/2022
Printing Fake Fiscal Receipts - An Italian Job p.1
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
05/04/2022
A Sneak Peek into Smart Contracts Reversing and Emulation
Introduction to web3 security, Smart Contract Reversing (bytecode and decompiled code level) and EVM emulation with Qiling.
Min
Min
Min
Min
By polict
16/02/2021
Hunting for bugs in Telegram's animated stickers remote attack surface
polict's 2020 journey in researching the lottie animation format, its integration in mobile apps and the vulnerabilities triggerable by a remote attacker against any Telegram user.
Min