unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Extending Burp Suite for fun and profit – The Montoya way – Part 7
Setting up the environment + Hello WorldInspecting and tampering HTT...
2024-11-19 17:23:37 | 阅读: 6 |
收藏
|
hn security - security.humanativaspa.it
payload
staticitems
burp
Fault Injection – Down the Rabbit Hole
IntroThis series of articles describes fault injection attack techniq...
2024-11-13 17:15:48 | 阅读: 4 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
a6
addi
emuhelper
longvalue
An analysis of the Keycloak authentication system
Earlier this year, we carried out a source-assisted application and ar...
2024-10-30 21:18:39 | 阅读: 0 |
收藏
|
hn security - security.humanativaspa.it
keycloak
security
otp
attacker
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 3
In the previous part of the series we successfully confirmed the vulne...
2024-10-9 21:1:30 | 阅读: 5 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
ropstack
fffff800
ntbase
shellcode
cr4
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 2
Welcome back! We concluded the previous article by spotting two vulner...
2024-10-2 16:1:34 | 阅读: 6 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
inputbuffer
debugger
Exploiting AMD atdcm64a.sys arbitrary pointer dereference – Part 1
After attending the OST2 – Exp4011 course, taught by Cedric Halbronn...
2024-9-25 16:1:43 | 阅读: 3 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
windows
pseudocode
reversing
Learning Rust for fun and backdoo-rs
“Launch the PolarisThe end doesn’t scare usWhen will this cease?The...
2024-9-3 14:7:32 | 阅读: 6 |
收藏
|
hn security - security.humanativaspa.it
payload
backdoo
windows
compiling
raptor
Extending Burp Suite for fun and profit – The Montoya way – Part 6
Setting up the environment + Hello WorldInspecting and tampering HTT...
2024-7-30 20:16:33 | 阅读: 13 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
burp
auditissue
insertion
auditresult
Extending Burp Suite for fun and profit – The Montoya way – Part 5
Setting up the environment + Hello WorldInspecting and tampering HTT...
2024-6-19 18:8:7 | 阅读: 20 |
收藏
|
hn security - security.humanativaspa.it
bytearray
portion
montoyaapi
Multiple vulnerabilities in Eclipse ThreadX
“Why don’t you pick on projects your own size,quit tormenting the tin...
2024-5-28 16:27:49 | 阅读: 14 |
收藏
|
hn security - security.humanativaspa.it
eclipse
threadx
github
security
Multiple vulnerabilities in RIOT OS
“Where there is parsing, there are bugs.”— Dr. Silvio CesareSummary...
2024-5-7 15:31:28 | 阅读: 15 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
riot
security
github
ghsa
Frida on Java applications and applets in 2024
As explained in Federico‘s latest article, during a red teaming engage...
2024-3-26 16:19:58 | 阅读: 21 |
收藏
|
hn security - security.humanativaspa.it
applet
jnlp
github
classtofind
loader
Multiple vulnerabilities in RT-Thread RTOS
“Security is in the mind of the programmer and in the mind of the desi...
2024-3-5 17:57:32 | 阅读: 17 |
收藏
|
hn security - security.humanativaspa.it
github
maintainers
overflow
security
Seemposium Podcast interview
The fine folks at Seemposium Sicuranext interviewed me for their new p...
2024-2-14 20:17:26 | 阅读: 11 |
收藏
|
hn security - security.humanativaspa.it
italian
security
90s
memory
pleasure
Java applet + serialization in 2024! What could go wrong?
Recently, during a red team engagement with my colleague Maurizio, we...
2024-2-8 21:28:18 | 阅读: 18 |
收藏
|
hn security - security.humanativaspa.it
burp
applet
proxy
security
serialized
A collection of weggli patterns for C/C++ vulnerability research
“No one cares about the old scene people anymore, I’m sure,bunch of o...
2024-1-11 16:16:23 | 阅读: 13 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
weggli
semgrep
analysis
identify
DevSecCon Italy video
Hi!Yesterday I spoke at DevSecCon Italy, following the invitation by...
2023-12-1 00:17:19 | 阅读: 17 |
收藏
|
Over Security - Cybersecurity news aggregator - security.humanativaspa.it
brida
github
devseccon
italy
Big update to my Semgrep C/C++ ruleset
“The attack surface is the vulnerability. Finding a bug there is just...
2023-11-28 14:38:50 | 阅读: 16 |
收藏
|
hn security - security.humanativaspa.it
semgrep
raptor
github
sarif
zephyr
OST2, Zephyr RTOS, and a bunch of CVEs
“When hackers tell me it’s so hard to find bugs, I tell them to stop l...
2023-11-7 14:47:14 | 阅读: 41 |
收藏
|
hn security - security.humanativaspa.it
zephyr
overflow
security
rtos
Customizing Sliver – Part 3
In this third and final post in the series about Sliver C2 I’ll provid...
2023-10-24 17:54:58 | 阅读: 39 |
收藏
|
hn security - security.humanativaspa.it
sliver
helloworld
client
protobuf
sliverpb
Previous
-7
-6
-5
-4
-3
-2
-1
0
Next