"Your adversary does not wait for you to finish patching." - The Art of Cyber War

📚 SecMisc

InfoSecMap - Mapping out the best InfoSec events and groups! - Read More

📰 SecLinks

Increasing Google & Alphabet VRP rewards up to $151,515 - Google Bug Hunters announces increased rewards for vulnerability reports. Read More

Undocumented "backdoor" found in Bluetooth chip used by a billion devices - Critical security flaw discovered affecting numerous Bluetooth-enabled devices. Read More

Sitecore: Unsafe Deserialisation Again! (CVE-2025-27218) - New vulnerability in Sitecore CMS due to unsafe deserialization practices. Read More

Google Vulnerability Reward Program: 2024 in Review - Google's annual review of their vulnerability reward program highlights key findings and statistics. Read More

Zen and the Art of Microcode Hacking - Insights into microcode vulnerabilities and exploitation techniques shared by Google Bug Hunters. Read More

Find my hacker: How Apple's network can be a potential tracking tool - Analysis on potential misuse of Apple's Find My network for tracking purposes. Read More

K8s-Security-4 - Deep dive into Kubernetes security best practices and vulnerabilities. Read More

Threat modeling the TRAIL of Bits way - Comprehensive guide to effective threat modeling methodologies by Trail of Bits. Read More

Ciofeca Forensics - Never Trust Cookies - Exploration of cookie-based vulnerabilities and forensic analysis techniques. Read More

PostgreSQL: Privilege Escalation Vulnerability via pg_cron - Advisory detailing privilege escalation vulnerability in PostgreSQL's pg_cron extension. Read More

🎥 SecVideo

Do you know this common Go vulnerability? - Explanation and demonstration of a prevalent Go programming language vulnerability. Watch Here

The tools that real hackers use - Overview of essential hacking tools used by cybersecurity professionals and penetration testers. Watch Here

💻 SecGit

webcap - An ultra lightweight web screenshot tool with advanced DOM analysis features by Black Lantern Security. Explore on GitHub

oasis - Ollama Automated Security Intelligence Scanner for efficient vulnerability detection by Psyray. Explore on GitHub

JavaRansomware - Simple ransomware tool implemented purely in Java by Panagiotis Drakatos for educational purposes. Explore on GitHub

system-prompts-and-models-of-ai-tools - Collection of system prompts and models used by various AI tools, curated by x1xhlol. Explore on GitHub

phisherman - A realistic fake social engineering application developed by jfmaes for security training purposes. Explore on GitHub

← Back to Seclog