#security
Bookmarks
- ๐ ๐ฆฎ Application vs. Database: Where Should Permissions Live? (2025-09-18) #database #security #blue
- ๐ ๐ฆฎ Tool Guides (2025-08-29) #security #blue
- ๐ ๐ฆฎ Vulnerability Database (2025-04-20) #security
- ๐ ๐ฆฎ Cross-Site WebSocket Hijacking Exploitation in 2025 - Include Security Research Blog (2025-04-18) #security #websocket
- ๐ ๐ฆฎ praetorian-inc/noseyparker: Nosey Parker is a command-line tool that finds secrets and sensitive information in textual data and Git history. (2025-03-31) #security
- ๐ ๐ฆฎ Traversal-resistant file APIs - The Go Programming Language (2025-03-27) #go #path-traversal #security
- ๐ ๐ฆฎ Breaking and Fixing Content-Defined Chunking (2025-03-26) #content-defined-chunking #security
- ๐ ๐ฆฎ Padmรฉ: Efficiently hiding file sizes (2025-03-24) #security #privacy #padding
- ๐ ๐ฆฎ Chunking Attacks on File Backup Services using Content-Defined Chunking (2025-03-22) #content-defined-chunking #pdf #security
- ๐ ๐ฆฎ CVE-2024-9956 - PassKey Account Takeover in All Mobile Browsers (2025-03-20) #passkey #security #mitm
- ๐ ๐ฆฎ SAML roulette: the hacker always wins (2025-03-19) #saml #red #xml #security
- ๐ ๐ฆฎ UTS #55: Unicode Source Code Handling (2024-12-01) #unicode #security
- ๐ ๐ฆฎ Low-Level Software Security for Compiler Developers (2024-06-23) #compiler #security
- ๐ ๐ฆฎ "^[[31m"?! ANSI Terminal security in 2023 and finding 10 CVEs (2023-10-20) #security #red #terminal #ansi
- ๐ ๐ฆฎ โ D68720 Support -fstack-clash-protection for x86 (2023-09-11) #llvm #security #stack-clash
- ๐ ๐ฆฎ https://gcc.gnu.org/legacy-ml/gcc-patches/2017-07/msg00556.html (2023-09-11) #security #stack-clash #gcc
- ๐ ๐ฆฎ Bringing Stack Clash Protection to Clang / X86 โ the Open Source Way (2023-09-11) #llvm #security #stack-clash
- ๐ ๐ฆฎ The Stack Clash (2023-09-11) #security #qualys #stack-clash
- ๐ ๐ฆฎ https://www.enricobassetti.it/2023/09/cve-2023-4809-freebsd-pf-bypass-when-using-ipv6 (2023-09-09) #security #cve #red #pf #ipv6 #fragment
- ๐ ๐ฆฎ mTLS: When certificate authentication is done wrong (2023-08-20) #security #mtls
- ๐ ๐ฆฎ EFAIL (2023-08-17) #security #crypto #red #cbc #cfb
- ๐ ๐ฆฎ Eclypsium Protection for โDownfallโ Vulnerabilities on Intel processors (2023-08-16) #cpu #security #downfall
- ๐ ๐ฆฎ https://www.intel.com/content/www/us/en/developer/articles/technical/software-security-guidance/technical-documentation/gather-data-sampling.html (2023-08-16) #cpu #security #intel
- ๐ ๐ฆฎ Smashing the state machine: the true potential of web race conditions (2023-08-14) #security #red #web #race
- ๐ ๐ฆฎ there are no good constant-time data structures (2023-08-13) #security #time-attack #structure
- ๐ ๐ฆฎ Shellcode Injection (2023-08-13) #security
- ๐ ๐ฆฎ The pre-play vulnerability in Chip and PIN (2023-08-13) #security #reverse #emv
- ๐ ๐ฆฎ http://www.darknet.org.uk/2015/03/wig-cms-identification-information-gathering-tool (2023-08-13) #security #red #cms
- ๐ ๐ฆฎ Plus rien ne marche, quโest-ce quโon fait ? (2023-08-13) #security
- ๐ ๐ฆฎ Cracking Candy Crush (2023-08-13) #security
- ๐ ๐ฆฎ C++11 regex insecure by default (2023-08-13) #security #regex #c++
- ๐ ๐ฆฎ Reverse Engineer a Verisure Wireless Alarm part 1 โ Radio Communications (2023-08-13) #security #reverse
- ๐ ๐ฆฎ Why the Security of USB Is Fundamentally Broken (2023-08-13) #security #usb
- ๐ ๐ฆฎ Exploiting Server Side Request Forgery on a Node/Express Application (hosted on Amazon EC2) (2023-08-13) #security #exploit
- ๐ ๐ฆฎ How I disabled your Chrome security extensions (2023-08-13) #security
- ๐ ๐ฆฎ timing attacks vs hash tables (2023-08-13) #security #time-attack
- ๐ ๐ฆฎ http://www.daemonology.net/blog/2014-12-25-when-security-goes-right.html (2023-08-13) #security
- ๐ ๐ฆฎ Sednit Espionage Group Attacking Air-Gapped Networks (2023-08-13) #security #airgap
- ๐ ๐ฆฎ Bypassing path restriction on whitelisted CDNs to circumvent CSP protections - SECT CTF Web 400 writeup (2023-08-13) #security #cdn #web
- ๐ ๐ฆฎ Every C99 / C99.php Shell Is Backdoored (2023-08-13) #exploit #security
- ๐ ๐ฆฎ Recommended Reading for Starting Cybersecurity | The Homepage of @attrc (2023-08-13) #book #security
- ๐ ๐ฆฎ http://insanecoding.blogspot.com/2014/05/dealing-with-randomness.html (2023-08-13) #security #rand
- ๐ ๐ฆฎ http://hackaday.io/project/956/log/10108-aes256-is-not-enough-breaking-a-bootloader (2023-08-13) #security #crypto #aes
- ๐ ๐ฆฎ Copypest (2023-08-13) #js #security #slides #clipboard #xss #pdf
- ๐ ๐ฆฎ http://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html (2023-08-13) #security #grub
- ๐ ๐ฆฎ Timing-safe memcmp and API parity (2023-08-13) #security #openbsd
- ๐ ๐ฆฎ DEF CON 22 - Joe Grand aka Kingpin - Deconstructing the Circuit Board Sandwich (2023-08-13) #video #security #defcon
- ๐ ๐ฆฎ The Shadow Brokers EPICBANANA and EXTRABACON Exploits (2023-08-13) #security #red #exploit
- ๐ ๐ฆฎ http://www.openbsd.org/papers/dev-sw-hostile-env.html (2023-08-13) #openbsd #security #dev
- ๐ ๐ฆฎ Analysis of CVE-2014-8476: a FreeBSD kernel memory disclosure vulnerability (2023-08-13) #security #freebsd #cve
- ๐ ๐ฆฎ RDTSCP โ a recooked AntiRe trick (2023-08-13) #security #reverse #asm
- ๐ ๐ฆฎ Statistics Will Crack Your Password (2023-08-13) #security #password
- ๐ ๐ฆฎ http://www.slideshare.net/mobile/PacSecJP/hyperchem-ma-badbarcode-en1109nocommentfinal (2023-08-13) #security #slides #red #barcode
- ๐ ๐ฆฎ Efficiently bypassing SNI-based HTTPS filtering (2023-08-13) #pdf #security #https #sni
- ๐ ๐ฆฎ SSL Pulse: 49% vulnerable to CVE-2014-0224, 14% exploitable (2023-08-13) #security #exploit #cve
- ๐ ๐ฆฎ Compromising a Linux desktop using... 6502 processor opcodes on the NES?! (2023-08-13) #security #nes #gstreamer #exploit
- ๐ ๐ฆฎ Traffic correlation using netflows (2023-08-13) #security #netflow #tor
- ๐ ๐ฆฎ afl-fuzz: crash exploration mode (2023-08-13) #security #fuzz
- ๐ ๐ฆฎ https://sites.google.com/a/chromium.org/dev/Home/chromium-security/client-identification-mechanisms (2023-08-13) #security #chrome
- ๐ ๐ฆฎ GitHub - seastorm/PuttyRider: Hijack Putty sessions in order to sniff conversation and inject Linux commands. (2023-08-13) #security #ssh #putty #hijack
- ๐ ๐ฆฎ http://www.openwall.com/lists/oss-security/2016/01/27/2 (2023-08-13) #security #ntp #shodan
- ๐ ๐ฆฎ Zeroing buffers is insufficient (2023-08-13) #security #buffer #blue #compiler
- ๐ ๐ฆฎ http://blog.gerv.net/2014/10/new-class-of-vulnerability-in-perl-web-applications (2023-08-13) #security #perl
- ๐ ๐ฆฎ timing attacks vs interned strings (2023-08-13) #security #time-attack
- ๐ ๐ฆฎ http://blog.lxgr.net/posts/2013/05/20/uninitialized-buffers-in-opengl (2023-08-13) #security #opengl #buffer
- ๐ ๐ฆฎ Article (2023-08-13) #pdf #security #math #dh
- ๐ ๐ฆฎ 20141106 asfws unicode hacks (2023-08-13) #pdf #security #unicode #slides
- ๐ ๐ฆฎ From fuzzing to 0-day (2023-08-13) #security #fuzz
- ๐ ๐ฆฎ http://netpatterns.blogspot.de/2016/01/the-rising-sophistication-of-network.html (2023-08-13) #security #ntp #shodan
- ๐ ๐ฆฎ TR-24 Analysis - Destory RAT family (2023-08-13) #security #malware
- ๐ ๐ฆฎ arc4random - 1996 to present (2023-08-13) #openbsd #security #rand #slides
- ๐ ๐ฆฎ http://www.openwall.com/presentations/PHDays2014-Yescrypt (2023-08-13) #security #hash #yescrypt
- ๐ ๐ฆฎ http://polymorf.github.io/sthack-slides-2015 (2023-08-13) #security #slides #reverse #challenge
- ๐ ๐ฆฎ 677 (2023-08-13) #pdf #security #crypto #red
- ๐ ๐ฆฎ Miniduke still duking it out (2023-08-13) #exploit #security
- ๐ ๐ฆฎ http://incolumitas.com/2016/06/08/typosquatting-package-managers (2023-08-13) #security #unicode
- ๐ ๐ฆฎ the long tail of MD5 (2023-08-13) #security #md5
- ๐ ๐ฆฎ http://mksben.l0.cm/2015/10/css-based-attack-abusing-unicode-range.html (2023-08-13) #css #security #unicode
- ๐ ๐ฆฎ The story of a pentester recruitment (2023-08-13) #security #pentest
- ๐ ๐ฆฎ UTR #36: Unicode Security Considerations (2023-08-13) #security #unicode #blue
- ๐ ๐ฆฎ Exploiting CVE-2014-0196 a walk-through of the Linux pty race condition PoC (2023-08-13) #security #exploit #cve
- ๐ ๐ฆฎ HTML5 Security Cheatsheet (2023-08-13) #css #html #js #security #red #svg #json
- ๐ ๐ฆฎ How Nvidia breaks Chrome Incognito (2023-08-13) #security #opengl #buffer
- ๐ ๐ฆฎ reallocarray() in OpenBSD: Integer Overflow Detection for Free (2023-08-13) #openbsd #security #alloc
- ๐ ๐ฆฎ Quick notes about the bash bug, its impact, and the fixes so far (2023-08-13) #security #bash
- ๐ ๐ฆฎ RC4 NOMORE (2023-08-13) #security #crypto #rc4
- ๐ ๐ฆฎ An exploit on Gaana.com gave me access to their entire User Database (2023-08-13) #security #exploit
- ๐ ๐ฆฎ An in-depth analysis of SSH attacks on Amazon EC2 (2023-08-13) #security #ssh #blue
- ๐ ๐ฆฎ https://dustri.org/b/how-to-radare2-a-fake-openssh-exploit.html (2023-08-13) #security #reverse
- ๐ ๐ฆฎ https://blog.acolyer.org/2016/11/10/when-csi-meets-public-wifi-inferring-your-mobile-phone-password-via-wifi-signals (2023-08-13) #security #side-channel #wifi
- ๐ ๐ฆฎ https://www.brokenbrowser.com/abusing-of-protocols (2023-08-13) #security #protocol
- ๐ ๐ฆฎ https://www.slideshare.net/vanhoefm/predicting-and-abusing-wpa280211-group-keys (2023-08-13) #security #wpa2 #wifi
- ๐ ๐ฆฎ http://bits-please.blogspot.com/2016/06/extracting-qualcomms-keymaster-keys.html (2023-08-13) #security #fde #qualcomm
- ๐ ๐ฆฎ When Constant-Time Source Code May Not Save You (2023-08-13) #security #crypto #curve25519
- ๐ ๐ฆฎ https://dhavalkapil.com/blogs/Attacking-the-OAuth-Protocol (2023-08-13) #security #oauth
- ๐ ๐ฆฎ Cracking Random Number Generators using Machine Learning โ Part 1: xorshift128 (2023-08-13) #security #xorshift128 #machine-learning #rand
- ๐ ๐ฆฎ GTFOBins (2023-03-10) #security