Good luck is another name for tenacity of purpose. — Ralph Waldo Emerson
📚 SecMisc
Search for leaked passwords inside the largest dataset of all time (Combination Of Many Breaches) - This platform allows you to search for leaked passwords in a combined dataset of major breaches. Read More
SadServers - Linux & DevOps Troubleshooting Interviews - Linux and DevOps troubleshooting interviews. Read More
ESPHome - ESPHome is a system for controlling your ESP8266/ESP32-based devices in Home Assistant. Read More
Start Your Own ISP - A comprehensive guide to help you start your own Internet Service Provider. Read More
📰 SecLinks
10 Things Your First Security Hire Shouldn’t Do - Exploring ten things your first security hire shouldn't do. Read More
(The) Postman Carries Lots of Secrets - Insights into secrets carried by the Postman. Read More
Baldur - Exploration of embedded Mitel exploitation. Read More
LLM Agents can Autonomously Exploit One-day Vulnerabilities - Details on LLM Agents autonomously exploiting one-day vulnerabilities. Read More
Multiple Vulnerabilities in Open Devin (Autonomous AI Software Engineer) - Discussion on multiple vulnerabilities in Open Devin. Read More
How we escalated a DOM XSS to a sophisticated 1-click Account Takeover for $8000 - Part 1 - A detailed account of escalating a DOM XSS to a sophisticated account takeover. Read More
What’s new in security for Ubuntu 24.04 LTS? - Updates on security features in Ubuntu 24.04 LTS. Read More
18 vulnerabilities in Brocade SANnav - IT Security Research by Pierre - Analysis of 18 vulnerabilities in Brocade SANnav. Read More
GitLab affected by GitHub-style CDN flaw allowing malware hosting - Details on GitLab being affected by a GitHub-style CDN flaw. Read More
IPv6 for the remotely interested - Introduction to IPv6 for the remotely interested. Read More
Unauthenticated CrushFTP Zero-Day Enables Complete Server Compromise - Insights into an unauthenticated CrushFTP zero-day vulnerability. Read More
Comparison and Evaluation on Static Application Security Testing (SAST) Tools for Java - Analysis of SAST tools for Java. Read More
DevSecOps Best Practices- Secure Everything You Have - Best practices for securing everything in DevSecOps. Read More
GuptiMiner: Hijacking Antivirus Updates for Distributing Backdoors and Casual Mining - Insights into GuptiMiner hijacking antivirus updates. Read More
💻 SecGit
Microsoft/MS-DOS - The original sources of MS-DOS 1.25, 2.0, and 4.0 for reference purposes. Explore on GitHub
CVE-2024-21111: Oracle VirtualBox Elevation of Privilege (Local Privilege Escalation) Vulnerability - Vulnerability details regarding Oracle VirtualBox. Explore on GitHub
For suggestions and any feedback, please contact: securify@rosecurify.com