A security engineer found two methods to bypass DOMPurify's protection by targeting how XML and HTML parsers work. The Drozer framework is used for testing Android app vulnerabilities, it's user-friendly and can be set up using Docker. It's important to check Active Directory admin groups to reduce risks. GitHub's xz-vulnerable-honeypot shows how to set up a honeypot detecting SSH attacks. AssetViz draws subdomains as a mind map for penetration testers. ChaiLdr repository helps avoid antivirus using shellcode loader techniques. Misusing the DLL Search Order can allow malware on Windows, so defenses are needed. An Android 14 kernel exploit affects Pixel devices, can gain root access. ADPT simplifies DLL hijack and sideloading exploits automatically. Modpot uses Go and gin for a web app honeypot to catch cyberattacks. Arjun hunts for HTTP parameters effectively. ADCSCoercePotato can force ADCS to authenticate for elevated privileges. HuntKit compiles pentesting tools in Docker for performance. A Python script makes simulated web traffic for network training. Portr safely shares local web services. LLVM is a compiler framework supporting many languages. CS 6120 at Cornell teaches programming language implementation online. A security researcher, amlweems, created a honeypot for CVE-2024-3094. Sudistark/xss-writeups explains an XSS bug on figma.com. An online service checks XZ backdoor in ELF binaries. Microsoft’s ML-For-Beginners provides a 26-lesson course on machine learning. A blog post demonstrates executing a buffer overflow attack. Linux's 'wall' command has a flaw, WallEscape (CVE-2024-28085), which can leak sensitive info. And Helix is a modern text editor offering features for coders.

The HEDnsExtractor tool helps cyber security folks by pulling out domains/IP networks that could be bad news. Sadly, there's a nasty bug CVE-2024-0204 in GoAnywhere Admin that lets sneaky folks make high-privilege accounts they shouldn't. For you tech heads, there's a guide to writing 64-bit Linux shellcode so you can say "Hello World" with your CPU. R2Frida is a cool thing mixing radare2 with Frida to tweak live processes. Gynvael Coldwind busted a sneaky attack hiding in xz/liblzma that messes with data and sneaks in a backdoor. DroidLysis speeds up reverse engineering for Android apps while Subfinder and httpx are ace for finding digital weak spots. Certificate Transparency logs help spot tricky subdomains, helping in research and bounty hunting. FFUF finds hidden web content, and an SSH honeypot using CVE-2024-3094 waits for hackers. Cloudtopolis cracks passwords using Google's cloud and the net. Sniff out leaked credentials with Chrome and Burp Suite. Compare different EDR products with EDR-Telemetry. Hijack Windows with CcmPwn, and level up your cybersecurity chops with a book covering all things low-level. Some smart cookies found a Linux kernel bug (CVE-2024-1086) and a Cisco Umbrella script that susses out weird DNS requests. There's new malware-sniffing gear for .NET, and the latest tricks for nabbing manually mapped rootkits. Learn all about Windows UAC, poking around group policy bits for security testing, and make stuff safer with the Failsafe-go library. See OSINT trends with MetaOSINT, dig into Mastodon with Masto, and lurk on CashApp profile pics. Bag complex web data with One, track blockchain wallets with Wallet-Tracker CLI, learn malware analysis free from Arch Cloud Labs, and speed-scan websites with PIDRILA. There's a list of tools for taking apart social media, a fancy Cobalt Strike code generator, smackdab in ya face. OffSec Reporting beautifies pentest reports and there's more Telegram and Discord sleuthing gear, plus search savvy IRBIS for personal info digging. PHP library 'telegram-osint-lib' focuses on Telegram for data scraping, and the OSINT Notebook by tjnull organizes your snooping. Gynvael Coldwind had another go at showing how attacks creep into xz/liblzma. Slide into a process on Windows with the NtSetInformationProcess function. CVE-2023-4863 made a boo-boo with WebP images, gotta patch those browsers! Then there's a crafty exploit messing with Google's sign-in, and finally, a treasure trove of cyber security resources for folks gearing up for the OSCP or just being security-smart.

Ken Shirriff takes a dive into a military-grade chip to explore its gate array design and compares it with custom chips, outlining the costs and production differences. A cyber security fan uncovers how to hack into the Rebound box on HackTheBox with techniques that bump up privileges. Trail of Bits launches Ruzzy, a fuzzer to sniff out Ruby code bugs. "forensictools" toolkit makes a one-stop virtual spot for digital forensics, loaded with a bunch of analysis tools. An article unveils a hacking trick to mess with turnstiles using the Wiegand protocol. Lastly, C2 Tracker on GitHub keeps an eye on shady online dealings, nabbing IP addresses to spot malign servers.

This article teaches malware develpers how to dodge antivirus by changing NTFS attributes, in-memory tricks, digital certificates, and more, with tips for security pros. There’s updates on malware IOCs vital for knowing and stopping threats. Cloud_Enum looks for open cloud stuff on AWS, Azure, and others using keywords. Telerecon helps with Intel on Telegram, like scraping chats and seeing user links, but you need to set it up right. Awesome Cloud Security Labs has free security exercises for cloud tech. Netlas.io scans the internet for research and can spot industrial controls online needing better security. Backslash-powered-scanner finds hidden injection problems in servers and slides past firewalls. You can learn how to use Rust language in cybersecurity with their tool. There’s a full guide on Windows for malware work, and a project for a DNS Tunnel Keylogger to sneak out info without getting caught. Lastly, learn to spot .NET malware with GUIDs and MVIDs, and find Yara rules online.

This series helps with emulating IoT malware using Docker and Qiling. A pro explains using Velociraptor on VMware ESXi hypervisors for forensics. Security flaws in ChatGPT allow XSS attacks. A JavaScript file cleverly hides AsyncRAT deployment. There's a binary exploitation roadmap from basics through pwn.college. SARA teaches making Android Trojans. BruteUnpackage cracks compressed file passwords. Demonstrate elevated privileges with CVE-2024-1086 on Linux. CVE-2023-48788 exploit for Fortinet's FortiClient EMS is on GitHub. Understand Open Redirect vulnerability in IIS using JavaScript. CVE-2024-25153 proof-of-concept affects Fortra FileCatalyst Workflow. Xiaomi WiFi routers had security issues now fixed. A 64-bit library loads DLLs stealthily. Lastly, Meckazin/ChromeKatz extracts browser cookies from memory.

In a recent blog post, a data-only exploitation technique has been discussed which affects the Linux kernel’s io_uring. The technique lets attackers control memory pages and escalate privileges without changing kernel code. Zero Day Engineering offers masterclasses in software vulnerability research and exploit development with resources from conferences. A security researcher showed steps for unpacking Agent Tesla malware, analyzing its stages, and decrypting the payload. Ryan Weil explained deobfuscating the control flow in Agent Tesla by creating a plugin for de4dot and restoring code readability. Frida is a toolkit for modifying how programs run across multiple operating systems without needing source code. Noia is a sandbox file browser that simplifies examining mobile application files with Frida, suitable for rooted and non-rooted devices. VolWeb is a digital forensic tool using Volatility 3 for memory analysis and integration with CTI platforms. Domain Hunter Pro automates collecting web assets and interfaces with security tools, aimed at those in security testing.You can exploit local admin access to blind an EDR by tweaking the registry and rebooting to ensure Sysmon blindness. An in-depth analysis covers a Linux kernel vulnerability and exploitation, also providing research insights. There’s a guide on Velociraptor, a forensic tool, setup in a Windows lab environment. Suricata Hunting Rules provides network anomaly detection rules for Suricata IDS on GitHub. Nuclei v3.2 offers secure scanning of targets with authentication via a YAML file. An OSINT text outlines defending against cyber-attacks and info for cybersecurity careers. A repository holds dictionaries for penetration testers for password attacks and vulnerability finding. An article shows using DNS pivoting with Validin to analyze cyber infrastructures like LokiBot. The process of finding malware in open-source software through code analysis is detailed.A piece explains creating a self-replicating UEFI application and covers related techniques.BestEdrOfTheMarket is an open-source project for studying EDR detection strategies.The unKover project details an anti-rootkit tool which reveals unauthorized Windows drivers.A Google sub-domain XSS vulnerability was uncovered and resolved for a $4,133.70 reward.An article explains Windows syscall execution with a focus on kernel structure roles.Matthew Alt bypassed security protections on STM32 microcontrollers with Electromagnetic Fault Injection.Lastly, a script demonstrated a collision in SHA-256 hash function challenging its reliability.

A new exploit for local privilege escalation in Linux kernels (CVE-2024-1086) affects versions 5.14 to 6.6. A security flaw’s been found that let’s people get more access on Apple macOS systems by messing with file system mount options; it’s been fixed now. There’s this thing, ChromeKatz, that can grab cookies from Chromium browsers. AutoWLAN helps set up a mobile hotspot with a Raspberry Pi and lets people make it more secure. Matthew Alt showed how to mess with STM32F4 microcontrollers using EMFI. Agenda ransomware is hitting VMWare’s vCenter and ESXi servers hard with their new tricks. Folks can make a bad Amazon Machine Image (AMI) that gets into other people’s AWS accounts. There’s a fix for a problem where folks could read files they shouldn’t in Adobe ColdFusion (CVE-2024-20767). Tracecat helps security teams be smarter and faster with cool AI stuff, and mailtools does email things for learning. A script on GitHub can set up AnyDesk with better security options. You can use Grafana Labs tools for keeping an eye on apps and make it safer with GitHub Action. Some smarties figured out how to take advantage of a hole in HTTP .NET Remoting (CVE-2024-29059). Devs can make assembly code easier with x86inc.asm. AMD Zen 2 and Zen 3 chips might be messed up by Rowhammer attacks, even with DDR4 and DDR5. Telegram-Anti-Revoke used to keep messages in Telegram from going poof, but it’s not being looked after anymore.

A vulnerability in JustSystems Ichitaro Word Processor was fixed after Cisco Talos reported it. Git-Rotate helps avoid IP detection on GitHub during password attacks. AzureNum gathers data on Microsoft Entra IDs. There's a way to disable Windows Defender by tweaking system permissions. An OS engineer explains overcoming a Linux kernel bug (CVE-2023-0461) using advanced hacking techniques. DynamicMSBuilder makes .NET builds unique to dodge security checks. Dropper on GitHub crafts risky Office docs. BlueSpy steals audio from Bluetooth gadgets without user permision. Radamsa tests program stability with bad data. "WhoIsWho" shows other ways to do "whoami" tasks. Chiasmodon is a tool for domain info like emails. Tips for email investigation using OSINT tools are shared. To fix a "404 error," you should check the website URL. Various OSINT tools can find online profiles by nickname/email. Python scripts can automate file, web, and database work. Mr.Holmes mines public data about domains and such. Google Dork Maker creates search queries for hard-to-find data. Analyzing Latrodectus loader involves removing code clutter to see the harmful payload. Lastly, Telegram-Anti-Revoke was a plugin to keep Telegram messages from disappearing.

Cybersecurity AI Pentest Muse offers creative solutions for professionals, helping analyze code and craft payloads. Alisa Esage shares JIT engine and VM escape exploits on GitHub. unKover, a PoC anti-rootkit, detects malicious drivers using specialized techniques. A new malware analysis toolkit features 98 tools for various tasks, plus updates. DroneXtract analyzes data from DJI drones, including file parsing and telemetry. bootfuzz tests MBR-based system BIOS, requesting more tests on physical hardware. Octopii by RedHunt Labs scans for personal identifiable information using OCR and NLP technologies. Osintracker provides a browser-based tool for OSINT investigators. OffSec-Reporting by Syslifters enables cybersecurity report generation. 'telegram-osint-lib' on GitHub provides a Telegram API for OSINT activities, and TJ-OSINT-Notebook includes tools and resources for OSINT work. GitOSINT Bot will return for professional use with paid APIs after being discontinued due to misuse. Various scripts scrape social media profiles, supporting Python. "HackingEnVivo/Doxing" is a Python tool for gathering personal info via doxing. A document offers resources and tools for OSINT. HINTS stores intelligence on targets and plans for secure user authentication and reporting. TELEKRAM-DOX hosts a Telegram flood bot. Social_X embeds RATs in files and warns against illegal use. SoulTaker packs multiple hacking features. LinkDox gathers info through different techniques. 'krishpranav/car-osint' helps gather vehicle associated data. DaProfiler collects digital identities to correct personal info leaks. Graver script exploits a vulnerability in Grav CMS. 'FattusRattus/Grandstream' scripts target Grandstream Phones vulnerabilities. CVE-2021-31630 PoC allows OpenPLC remote code execution. 'asploit' repository provides backdoors for multiple web servers. Exploit configurations for CVE-2021-44228 vulnerability and usage instructions are provided. f5_scanner identifies devices vulnerable to CVE-2020-5902. NoMoney is an information gathering tool that combines data from platforms. Learn low-level bit manipulation techniques for embedded systems. ComplianceAsCode project aids in maintaining security policies. MTProxy process for Telegram is outlined on GitHub. Akamai shares a privilege escalation technique detection in Active Directory. Neutron, an AI-driven assistant, joins Nebula Pro's free tier. A Python script checks for systems vulnerable to a new denial of service attack, CVE-2024–2169.

Kubesploit is a framework for attacking container environments, with modules for both exploits and defenses. Ken Shirriff explores the Intel 8088 prefetch system, which boosts performance by pre-fetching instructions. A cyber security tutorial demonstrates how to exploit a vulnerability in Metabase. The Sr2T tool converts security scan reports into readable formats. A new tool extracts URLs and paths from web pages, suggesting improvements for handling applications. Researchers exploit a Chrome vulnerability by manipulating heap allocation patterns. Olivier Laflamme’s blog teaches emulating IoT firmware using QEMU. Reverser_ai offers automated reverse engineering tools on consumer hardware. The rev.ng decompiler has a modern interface and structure detection for code analysis. NoArgs hides command-line arguments of a process for covert operations. Emora is an open-source tool for finding user accounts with just a username. Secure coding guides teach prevention of common security issues. Sysmon blocks malicious file execution as backup to EDR systems in critical environments. Understanding process creation is important for cybersecurity. SquareX browser extension improves online safety. A vulnerability in Android’s Package Manager was exploited on Samsung devices. Scripts for finding vulnerable systems on networks using search engines. Auto-Gmail-Creator GitHub repository automates Gmail account creation. Python script discussed for SSH and FTP brute-forcing. Alisa Esage shares exploit code for competitions. Guide for testing AWS security. Repository for creating reverse shells and bypassing antivirus for educational purposes. Directory listing of educational cyber security content and tools. Resources for the Certified Red Team Expert (CRTE) exam. Cheatsheet-God provides cyber security resources. Command & Control frameworks are key for cyber operations. Code for manipulating Windows process’s command line arguments. International Anti Crime Academy gives guidance on investigating the Dark Web. Exploitation of the old TRACE method and HTTP/2 desync issues for web attacks. Method for privilege escalation in Azure. Handling dangling pointer errors through proper labeling and restructuring. Chrome’s detector for dangling pointers forces crashes to prevent their use. "Bob the Smuggler" conceals and encrypts files in other files to bypass security. DOMPurify’s deficiency is patched to prevent sanitization bypass. Method for maintaining persistent access with a malicious DLL. WindowsHardeningScript enhances Windows 10/11 security with system modifications.