📚 SecMisc

Unsaflok - Unsaflok is a series of serious security vulnerabilities in the Saflok brand of hotel locks. Read More

Index of /ubuntu/ubuntu/ubuntu/ubuntu/.. - Directory listing of Ubuntu archives. Read More

📰 SecLinks

Global Microsoft Meltdown Tied to Bad Crowstrike Update - Issues caused by a faulty Crowdstrike update. Read More

Automated CrowdStrike BSOD Workaround in Safe Mode using Group Policy - Script to mitigate BSOD caused by CrowdStrike in Safe Mode. Read More

How to pwn a billion dollar VC firm using inspect element - Exploit demonstration against a VC firm using inspect element. Read More

Auditing GitLab: Public Gitlab Projects on Internal Networks - Assessing security of GitLab projects on internal networks. Read More

Encoding Differentials: Why Charset Matters - Understanding the importance of character set encoding in security. Read More

Uncoordinated Vulnerability Disclosure: The Continuing Issues with CVD - Challenges associated with uncoordinated vulnerability disclosure. Read More

XenForo <= 2.2.15 Cross-Site Request Forgery Vulnerability - Analysis of a CSRF vulnerability in XenForo. Read More

Unauthenticated SSRF on Havoc C2 teamserver via spoofed demon agent - SSRF vulnerability in Havoc C2 server. Read More

Evernote RCE: From PDF.js font-injection to All-platform Electron exposed ipcRenderer - Remote Code Execution vulnerability in Evernote. Read More

A Race to the Bottom - Database Transactions Undermining Your AppSec - Exploring how database transactions can undermine application security. Read More

Intigriti XSS Challenge July 2024 — Finding a new DOMPurify bug - Discovering a new bug in DOMPurify through an XSS challenge. Read More

How we share secrets at a fully-remote startup - Methods for securely sharing secrets in a remote work environment. Read More

SAPwned: SAP AI vulnerabilities expose customers’ cloud environments and private AI artifacts - SAP AI vulnerabilities that risk cloud environments. Read More

Cloudflare Reports that Almost 7% of All Internet Traffic Is Malicious - Cloudflare's analysis on the volume of malicious internet traffic. Read More

🎥 SecVideo

Free workshops from Ringzer0 Training - Access free cybersecurity workshops. Watch Here

I Bought 25 Million Computer Viruses - A journey through the world of computer viruses. Watch Here

💻 SecGit

senaykt/cloud-security-resources - A comprehensive list of cloud security resources. Explore on GitHub

ph03n1x13/dumpdino - A tool for dumping Dino game data. Explore on GitHub

taubyte/tau - Open source distributed Platform as a Service (PaaS). Explore on GitHub

CERT-Polska/mailgoose - Web application for checking SPF, DMARC, and DKIM configuration. Explore on GitHub

kevin-mizu/domloggerpp - A browser extension for monitoring and debugging JavaScript sinks. Explore on GitHub

timothee-chauvin/eyeballvul - Vulnerability detection benchmark based on CVEs in open-source repos. Explore on GitHub

hiddify/hiddify-next - Multi-platform auto-proxy client supporting various protocols. Explore on GitHub

tantosec/oneshell - Reverse shell listener and payload generator for Linux targets. Explore on GitHub

veggiedefender/open-and-shut - Type in Morse code by repeatedly slamming your laptop shut. Explore on GitHub

← Back to Seclog