Seclog - #60

You are important enough to ask and you are blessed enough to receive back. — Wayne Dyer

📰 SecLinks

  • How I Also Hacked my Car
    Delving into the personal journey of hacking a car, exploring the intricacies and challenges faced. Read More

  • DJI - The ART of obfuscation
    An in-depth analysis of DJI's obfuscation techniques in their drone technology. Read More

  • Zero-knowledge security model: an introduction
    An introductory guide to the zero-knowledge security model, explaining its principles and applications. Read More

  • Java applet + serialization in 2024! What could go wrong?
    Insights into the risks and challenges of using Java applet and serialization in modern contexts. Read More

  • AppSec is harder than you think. Here’s how AI can help.
    Discussing the complexities of Application Security and the potential role of AI in addressing these challenges. Read More

  • Generative AI Meets AWS Security
    Examining the intersection of Generative AI and AWS security protocols. Read More

  • The Web Scraping Problem: Part 1
    An exploration of the challenges and solutions in web scraping. Read More

  • BitLocker encryption broken in 43 seconds
    Revealing how BitLocker encryption can be compromised quickly using a Raspberry Pi Pico. Read More

  • Conditional Love for AWS Metadata Enumeration
    Delving into the specifics of AWS metadata enumeration. Read More

  • Companies embracing SMS for account logins should be blamed for SIM-swap attacks
    Discussing the responsibility of companies in the rise of SIM-swap attacks. Read More

  • Exploiting Tomcat
    A detailed guide on exploiting vulnerabilities in Tomcat. Read More

  • Securing a VPS
    Comprehensive insights into securing a Virtual Private Server (VPS). Read More

  • The 80 / 20 Principle
    An exploration of the 80/20 principle and its application in various contexts. Read More

  • Computer viruses are celebrating their 40th birthday
    A historical look at the evolution of computer viruses over 40 years. Read More

💻 SecGit

  • google/oss-fuzz-gen: LLM powered fuzzing via OSS-Fuzz
    Explore this Google project that leverages LLM for enhanced fuzzing capabilities. Explore on GitHub

  • hakaioffsec/navgix: nginx alias traversal vulnerability checker
    Discover a tool for identifying nginx vulnerabilities in a multi-threaded environment. Explore on GitHub

  • purs3lab/Argus
    A cybersecurity tool for monitoring and analysis. Explore on GitHub

  • narfindustries/http-garden: HTTP server and proxy testing
    Tools for differential testing and fuzzing of HTTP servers and proxies. Explore on GitHub

  • bebiksior/EvenBetter: Caido UI Improvement Script
    Improve your Caido user interface experience with this script. Explore on GitHub