Seclog - #86

ยท

3 min read

๐Ÿ“š SecMisc

  • GhostWrite - Explore advanced attack techniques with GhostWrite. - Read More

  • Welcome to Gallipoli Community! โ€“ Gallipoli โ€“ A hacker saved my life - Discover the Gallipoli community and learn how hacking can change lives. - Read More

  • privacy.sexy - Maximize Your Privacy and Security - Maximize your privacy and security with privacy.sexy. - Read More

๐Ÿ“ฐ SecLinks

  • Wizlympics: The First Cloud Security Olympic Games | Wiz Blog - Discover the first Cloud Security Olympic Games hosted by Wiz. - Read More

  • My keyboard was misbehaving so I had to exploit my NAS - appsec & stuff - A fascinating tale of keyboard issues leading to NAS exploitation. - Read More

  • Exploiting Novel GPT-4 APIs - A deep dive into exploiting the latest GPT-4 APIs. - Read More

  • CVE-2022-2586 Writeup | jmpr4xp4xโ€™s blog - A detailed write-up on CVE-2022-2586. - Read More

  • Y'all are sleeping on HTTP/3 - Why HTTP/3 deserves more attention in the security community. - Read More

  • Introducing our new Canarytoken: the Fake App โ€“ Thinkst Thoughts - Learn about Thinkst's new Canarytoken, the Fake App. - Read More

  • Auditing Atlassian Plugins, 53 0-Days Later | cyllective's blog - A comprehensive audit of Atlassian plugins leading to 53 0-days. - Read More

  • Code Execution in Chromium's V8 Heap Sandbox โ€“ Anvbis - A deep dive into code execution vulnerabilities in Chromium's V8 Heap Sandbox. - Read More

  • Security Engineer Interview Prep - Preparing for a security engineer interview at Amazon. - Read More

  • Scaling Variant Analysis // Going Beyond Grep - Techniques for scaling variant analysis beyond simple grep. - Read More

  • SOP bypass in Google Scholar PDF Reader (Fixed) - A write-up on a SOP bypass in Google Scholar PDF Reader. - Read More

๐Ÿ’ป SecGit

  • happycakefriends/certainly - Offensive security toolkit for capturing large amounts of traffic in bitflip and typosquat scenarios. - Explore on GitHub

  • NodeSecure/js-x-ray - JavaScript & Node.js open-source SAST scanner for detecting malicious patterns. - Explore on GitHub

  • chainguard-dev/incert - Add CA certificates into containers with ease. - Explore on GitHub

  • seemoo-lab/openhaystack - Build your own 'AirTags' today and track personal Bluetooth devices via Apple's Find My network. - Explore on GitHub

  • grimdoomer/TonyHawksProStrcpy - Code execution exploit for Tony Hawk's video game series. - Explore on GitHub

  • OrangeJuiceHU/CVE-2024-41958-PoC - Proof of concept for CVE-2024-41958. - Explore on GitHub

  • mbadanoiu/CVE-2024-22274 - Authenticated Remote Code Execution in VMware vCenter Server. - Explore on GitHub

  • testanull/MS-SharePoint-July-Patch-RCE-PoC - Remote Code Execution proof of concept for SharePoint July Patch. - Explore on GitHub

  • cmlccie/awsipranges - Quickly query the AWS IP Ranges with this tool. - Explore on GitHub

  • crowdsecurity/crowdsec - CrowdSec: Open-source and participative security solution offering crowdsourced protection against malicious IPs. - Explore on GitHub

  • NilsIrl/dockerc - A tool to compile a container image into a single executable. - Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com

ย