“If you know your network and your systems, you need not fear the result of a hundred cyber battles." - Sun Tzu, The Art of Cyber War

📚 SecMisc

GPS Signal Spoofing - Overview of GPS spoofing threats and mitigation techniques. Read More

📰 SecLinks

Ancient Monkey: Pwning a 17-Year-Old Version of SpiderMonkey - Exploiting vulnerabilities in older versions of SpiderMonkey. Read More

RCE Vulnerability in QBittorrent – Sharp Security - Analysis of a remote code execution vulnerability in QBittorrent. Read More

OSV - Open Source Vulnerabilities - Initiatives for improving data quality in open-source vulnerability reporting. Read More

Email Security Analysis - Danny's Newsletter - In-depth look into email security challenges and solutions. Read More

More Models, More ProbLLMs: New Vulnerabilities in Ollama | Oligo Security - Discussing vulnerabilities introduced by new models in machine learning security. Read More

Identifying Blind Spots in Your API and Application Security - Strategies for identifying and addressing API security gaps. Read More

ChatGPT-4o Guardrail Jailbreak: Hex Encoding for Writing CVE - Techniques for bypassing guardrails in ChatGPT-4 to write CVEs. Read More

Asking Good Questions in OSINT - Essential questioning strategies to enhance OSINT investigations. Read More

🐦 SecX

Bypassing App-Bound Encrypted Keys in Chrome - Code for bypassing and decrypting App-Bound encrypted keys in Chrome 127+. View on X

💻 SecGit

tun2socks - A tool powered by gVisor’s TCP/IP stack for tunneling SOCKS connections. Explore on GitHub

gcp-ctf-workshop - A workshop for GCP-based capture the flag (CTF) exercises. Explore on GitHub

dns-triage - A Python script for conducting domain-focused reconnaissance. Explore on GitHub

← Back to Seclog