Seclog - #12

DNS DriveBy: Stealthy GPS Tracking Using Open Wi-Fi - Hackster.io

X41 Audited Git | X41 D-SEC

You Move, They Follow: Uncovering Iran’s Mobile Legal Intercept System - The Citizen Lab

Project Bishop: Clustering Web Pages – NCC Group Research

StaffEng Security - tl;dr sec

Sudoedit bypass in Sudo <= 1.9.12p1 CVE-2023-22809

XML Security in Java

AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass | Datadog Security Labs

AWS Phishing: Four Ways - High Signal Security

GraphQL exploitation – All you need to know – Cybervelia | Cyber Security

Year 2038 problem - Wikiwand

CORS Bypass via dot

Making Clouds Rain :: Remote Code Execution in Microsoft Office 365

This man thought opening a TXT file is fine, he thought wrong. macOS CVE-2019-8761 - Paulos Yibelo - Blog

Security in the age of LLMs

Defense Techniques: Reporting Phish – text/plain

PandoraFMS - Pre-Auth Remote Code Execution | Esjay’s Blog

Exploiting CVE-2021-3490 for Container Escapes | CrowdStrike

Optimizing Wordlists with Masks · Cyber & Stuff

MaximeBeasse/KeyDecoder: KeyDecoder app lets you use your smartphone or tablet to decode your mechanical keys in seconds.

alcionai/corso: Free, Secure, and Open-Source Backup for Microsoft 365

r0oth3x49/ghauri: An advanced cross-platform tool that automates the process of detecting and exploiting SQL injection security flaws

joelsernamoreno/EvilCrow-Keylogger: WiFi keylogger with Micro SD slot, based on the Atmega32U4 microcontroller and the ESP32-PICO module

trickest/dsieve: Filter and enrich a list of subdomains by level

orf/aws-creds-scanner: This repo scans pypi, rubygems and hexpm for AWS keys

Suggestions & Feedback

Enjoyed this post? Subscribe to Seclog for more in-depth security analysis and updates.

For any suggestions or feedback, please contact us at: [email protected]

Enjoyed this post? Subscribe for more in-depth security analysis and updates direct to your inbox.

No spam. Only high-security insights. Unsubscribe at any time.

Share this Seclog: