"From error to error one discovers the entire truth." โ Sigmund Freud
๐ฐ SecLinks
Cloud Security 101: Ultimate weapon against cyber threats
SMTP Smuggling - Spoofing E-Mails Worldwide
Exploring the advanced techniques of email spoofing and SMTP smuggling.
Read MoreWeaponizing DHCP DNS Spoofing โ A Hands-On Guide
A practical exploration of DHCP DNS spoofing vulnerabilities and their exploitation.
Read MoreImpersonating JA3 Fingerprints
Techniques and consequences of impersonating JA3 fingerprints in cybersecurity.
Read MoreAerospace Security: Hacking The Skies
Unveiling the security threats and challenges in the aerospace industry.
Read MoreAn AWS IAM Identity Center Vulnerability
Deep dive into a significant vulnerability within AWS IAM Identity Center.
Read MoreAn In-depth Analysis of Arbitrary Address Spoofing Attacks
Comprehensive analysis of arbitrary address spoofing and its impact on network security.
Read MoreMute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook: Pt 1
Exploring chained vulnerabilities leading to remote code execution in Outlook.
Read MoreThe Anatomy of a Block Stuffing Attack
Detailed examination of block stuffing attacks in cybersecurity.
Read MoreTerrapin Attack
Insight into the Terrapin cyber attack and its methodologies.
Read MoreSummer Interns 2023 Recap
Insights and experiences from the summer interns at Trail of Bits in 2023.
Read MoreSecuring the Web PKI - Freedom to Tinker
Addressing the challenges and solutions in securing the web's Public Key Infrastructure.
Read MorePETEP (PEnetration TEsting Proxy)
An overview of PETEP, a tool designed for penetration testing.
Read MoreRust Foundation - Improving Supply Chain Security for Rust Through Artifact Signing
Enhancing Rust's supply chain security through artifact signing initiatives.
Read MoreSSH ProxyCommand == RCE
Analysis of a remote code execution vulnerability in SSH's ProxyCommand.
Read MoreData Exfiltration from Writer.com with Indirect Prompt Injection
Investigating data exfiltration from Writer.com through indirect prompt injection.
Read MoreCVE-2023-42793 - Attacking and Defending JetBrains Teamcity
Detailed analysis of attacking and defending JetBrains Teamcity, focusing on CVE-2023-42793.
Read MoreSecuritum - securitum-protonmail-security-audit
A comprehensive security audit report of ProtonMail conducted by Securitum.
Read MoreZoneTransfer.me
Exploring the ZoneTransfer.me project and its significance in cybersecurity.
Read MoreFull Chain Baseband Exploits, Part 1
A deep dive into the world of full-chain baseband exploits.
Read More
๐ฅ SecVideo
Over the Air, Under the Radar: Attacking and Securing the Pixel Modem
Insights into the security aspects of the Pixel modem.
Watch HereAI breaks physical boundaries: CyberRunner, the superhuman AI robot
Discover how AI transcends physical boundaries in cybersecurity.
Watch Here
๐ป SecGit
ANG13T/skytrack
A cybersecurity toolkit for various security tasks.
Explore on GitHubunknownhad/AWSAttacks
Tools and strategies for attacking AWS services.
Explore on GitHubRUB-NDS/Terrapin-Scanner
A scanner for detecting vulnerabilities in cybersecurity systems.
Explore on GitHubivre/ivre
An open-source network reconnaissance tool.
Explore on GitHubbrandon-t-elliott/CVE-2023-49438
Analysis of the CVE-2023-49438 vulnerability.
Explore on GitHubsom3canadian/Cloudflare-Redirector
A tool for managing redirects in Cloudflare.
Explore on GitHubhannob/smtpsmug
A project focused on SMTP smuggling research.
Explore on GitHub
๐ SecMisc
- lima-vm/lima: Linux virtual machines, with a focus on running containers
Linux virtual machines optimized for containerized environments.
Explore on GitHub