ROSECURIFY

Seclog - #114

"In cyber war, even the strongest passwords can fall, but a mind prepared for battle is unbreakable." - The Art of Cyber War

📚 SecMisc #

Meshtastic – An open-source, encrypted mesh networking communication protocol. Read More

LOLC2 – A lightweight and easy-to-use command and control (C2) framework. Read More

LOTTunnels – A proxy-based security tunneling tool for penetration testers and researchers. Read More

Infosec 101 for Activists – A cybersecurity guide tailored for activists and journalists. Read More

Elon Musk’s X blocks links to Signal – X is reportedly blocking links to Signal, the encrypted messaging service. Read More

Hacking cars in JavaScript – Running replay attacks in the browser with HackRF to manipulate vehicle systems. Read More

Removing Jeff Bezos From My Bed – An unusual cybersecurity investigation uncovering security flaws. Read More

Achieving RCE in a Japanese chat tool – Exploiting an outdated Electron feature to achieve remote code execution. Read More

How to Backdoor Large Language Models – Exploring methods of injecting backdoors into AI models. Read More

SSRF on Sliver C2 teamserver – A new vulnerability (CVE-2025-27090) allowing SSRF via spoofed callbacks. Read More

AWS IAM User Enumeration Vulnerability – A newly discovered issue (CVE-2025-0693) allowing unauthorized AWS IAM user enumeration. Read More

NSA Cyber Tactics Exposed – A look at NSA’s cyber strategies from China’s perspective. Read More

Fun with Timing Attacks – A deep dive into timing-based cybersecurity exploits. Read More

🐦 SecX #

The Importance of Penetration Testing Reports – A pentester’s primary job is writing a great report; hacking is just the fun part. Read More

💻 SecGit #

AI-Infra-Guard – A security assessment tool for discovering risks in AI infrastructure. Explore on GitHub

Boofuzz – A powerful network protocol fuzzing tool for security testing. Explore on GitHub

OpenSSH Account Takeover (CVE-2023-38408) – A proof-of-concept exploit for an OpenSSH vulnerability. Explore on GitHub

Subtrace – A Wireshark-like tool for monitoring traffic in Docker containers. Explore on GitHub

Passkey Raider – A Burp Suite extension for testing Passkey authentication systems. Explore on GitHub

Tailpipe – An open-source SIEM tool for instant log insights using SQL and DuckDB. Explore on GitHub

M365TokenRepeater – A tool for analyzing authentication flows in Microsoft 365. Explore on GitHub

Subscribe to Seclog

Weekly security analysis direct to your inbox.

Share
← All Seclogs

Press / to search, Esc to close