Seclog - #79
📚 SecMisc #
The SSO Wall of Shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. Read More
📰 SecLinks #
LangChain JS Arbitrary File Read Vulnerability - Read More
AI and Machine Learning: Revolutionizing Application Security - Read More
Perplexity AI is susceptible to prompt injection - Read More
Red Teaming with LLMs - Read More
AWS re:Inforce 2024: Session Notes and Announcements - Read More
Security and Human Behavior 2024 - Read More
Using LLMs to Exploit Vulnerabilities - Read More
Anatomy of a Terminal Emulator - Read More
GHSL-2024-001_GHSL-2024-003: Remote DoS and potential authentication bypasses in RubyGems.org - Read More
Assessing CVE-2024-25065: Apache OFBiz Security bypass leads to Unauthorized Access/Actions - Read More
Tales from the cloud trenches: Raiding for AWS vaults, buckets and secrets - Read More
Security in the 2000s - Read More
Cloud Detection and Response in AWS - Read More
Off-path TCP hijacking in NAT-enabled Wi-Fi networks - Read More
Google Online Security Blog: Staying Safe with Chrome Extensions - Read More
🎥 SecVideo #
Hacking clouds using the power of the sun - Ian Mckay - Watch Here
💻 SecGit #
p0dalirius/smbclient-ng - smbclient-ng, a fast and user friendly way to interact with SMB shares. Explore on GitHub
soteria-security/MFArcade - PowerShell script to create reports of M365 User Multi-factor Authentication Registration Status and Highlight MFA Related Conditional Access Policy Gaps. Explore on GitHub
nowsecure/fsmon - monitor filesystem on iOS / OS X / Android / FirefoxOS / Linux. Explore on GitHub
Marven11/CVE-2024-28397-js2py-Sandbox-Escape - CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction. Explore on GitHub
← All Seclogsdeggja/netfetch - Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads. Explore on GitHub