📚 SecMisc #

The SSO Wall of Shame - A list of vendors that treat single sign-on as a luxury feature, not a core security requirement. Read More

📰 SecLinks #

LangChain JS Arbitrary File Read Vulnerability - Read More

AI and Machine Learning: Revolutionizing Application Security - Read More

Perplexity AI is susceptible to prompt injection - Read More

Red Teaming with LLMs - Read More

AWS re:Inforce 2024: Session Notes and Announcements - Read More

Security and Human Behavior 2024 - Read More

Using LLMs to Exploit Vulnerabilities - Read More

Anatomy of a Terminal Emulator - Read More

GHSL-2024-001_GHSL-2024-003: Remote DoS and potential authentication bypasses in RubyGems.org - Read More

Assessing CVE-2024-25065: Apache OFBiz Security bypass leads to Unauthorized Access/Actions - Read More

Tales from the cloud trenches: Raiding for AWS vaults, buckets and secrets - Read More

Security in the 2000s - Read More

Cloud Detection and Response in AWS - Read More

Off-path TCP hijacking in NAT-enabled Wi-Fi networks - Read More

Google Online Security Blog: Staying Safe with Chrome Extensions - Read More

🎥 SecVideo #

Hacking clouds using the power of the sun - Ian Mckay - Watch Here

💻 SecGit #

p0dalirius/smbclient-ng - smbclient-ng, a fast and user friendly way to interact with SMB shares. Explore on GitHub

soteria-security/MFArcade - PowerShell script to create reports of M365 User Multi-factor Authentication Registration Status and Highlight MFA Related Conditional Access Policy Gaps. Explore on GitHub

nowsecure/fsmon - monitor filesystem on iOS / OS X / Android / FirefoxOS / Linux. Explore on GitHub

Marven11/CVE-2024-28397-js2py-Sandbox-Escape - CVE-2024-28397: js2py sandbox escape, bypass pyimport restriction. Explore on GitHub

deggja/netfetch - Kubernetes tool for scanning clusters for network policies and identifying unprotected workloads. Explore on GitHub

← Back to Seclog