"From error to error one discovers the entire truth." — Sigmund Freud

📰 SecLinks #

Cloud Security 101: Ultimate weapon against cyber threats #

Read More

SMTP Smuggling - Spoofing E-Mails Worldwide Exploring the advanced techniques of email spoofing and SMTP smuggling.
Read More

Weaponizing DHCP DNS Spoofing — A Hands-On Guide A practical exploration of DHCP DNS spoofing vulnerabilities and their exploitation.
Read More

Impersonating JA3 Fingerprints Techniques and consequences of impersonating JA3 fingerprints in cybersecurity.
Read More

Aerospace Security: Hacking The Skies Unveiling the security threats and challenges in the aerospace industry.
Read More

An AWS IAM Identity Center Vulnerability Deep dive into a significant vulnerability within AWS IAM Identity Center.
Read More

An In-depth Analysis of Arbitrary Address Spoofing Attacks Comprehensive analysis of arbitrary address spoofing and its impact on network security.
Read More

Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook: Pt 1 Exploring chained vulnerabilities leading to remote code execution in Outlook.
Read More

The Anatomy of a Block Stuffing Attack Detailed examination of block stuffing attacks in cybersecurity.
Read More

Terrapin Attack Insight into the Terrapin cyber attack and its methodologies.
Read More

Summer Interns 2023 Recap Insights and experiences from the summer interns at Trail of Bits in 2023.
Read More

Securing the Web PKI - Freedom to Tinker Addressing the challenges and solutions in securing the web's Public Key Infrastructure.
Read More

PETEP (PEnetration TEsting Proxy) An overview of PETEP, a tool designed for penetration testing.
Read More

Rust Foundation - Improving Supply Chain Security for Rust Through Artifact Signing Enhancing Rust's supply chain security through artifact signing initiatives.
Read More

SSH ProxyCommand == RCE Analysis of a remote code execution vulnerability in SSH's ProxyCommand.
Read More

Data Exfiltration from Writer.com with Indirect Prompt Injection Investigating data exfiltration from Writer.com through indirect prompt injection.
Read More

CVE-2023-42793 - Attacking and Defending JetBrains Teamcity Detailed analysis of attacking and defending JetBrains Teamcity, focusing on CVE-2023-42793.
Read More

Securitum - securitum-protonmail-security-audit A comprehensive security audit report of ProtonMail conducted by Securitum.
Read More

ZoneTransfer.me Exploring the ZoneTransfer.me project and its significance in cybersecurity.
Read More

Full Chain Baseband Exploits, Part 1 A deep dive into the world of full-chain baseband exploits.
Read More

🎥 SecVideo #

Over the Air, Under the Radar: Attacking and Securing the Pixel Modem Insights into the security aspects of the Pixel modem.
Watch Here

AI breaks physical boundaries: CyberRunner, the superhuman AI robot Discover how AI transcends physical boundaries in cybersecurity.
Watch Here

💻 SecGit #

ANG13T/skytrack A cybersecurity toolkit for various security tasks.
Explore on GitHub

unknownhad/AWSAttacks Tools and strategies for attacking AWS services.
Explore on GitHub

RUB-NDS/Terrapin-Scanner A scanner for detecting vulnerabilities in cybersecurity systems.
Explore on GitHub

ivre/ivre An open-source network reconnaissance tool.
Explore on GitHub

brandon-t-elliott/CVE-2023-49438 Analysis of the CVE-2023-49438 vulnerability.
Explore on GitHub

som3canadian/Cloudflare-Redirector A tool for managing redirects in Cloudflare.
Explore on GitHub

hannob/smtpsmug A project focused on SMTP smuggling research.
Explore on GitHub

📋 SecMisc #

lima-vm/lima: Linux virtual machines, with a focus on running containers Linux virtual machines optimized for containerized environments.
Explore on GitHub

← Back to Seclog