Intro to CakePHP for Bug HuntersA short guide to help you fast track your huntCoding a WebAssembly CTF ChallengeI recently wrote a CTF challenge for my coworkers.
The challenge was written using WebAssembly…Stealing Downloads from Slack UsersI’m going to go over an interesting feature abuse that could have been used to steal and even manipulate downloads from Slack users using the Slack desktop app on Windows.
The vulnerability was reported to Slack via HackerOne based on our coordinated disclosure…How Tenable Uses Helm to Template a Microservice Stack, Part 2Automation Testing with PytestWe live in an era where software is adopted very quickly.
This puts lots of stress on software…Automated deployment to Azure MarketplaceWith Tenable Core’s unofficial goal of making all Tenable products available everywhere…An Old Cisco OpenSSH BugFrom support issue to 0day… sort of.
IntroductionEight Devices, One ExploitOEM VulnerabilitiesVerizon Fios Router Authenticated Command InjectionFileZilla Untrusted Search PathTargeting the user with a rogue binarySummaryOwning the Network with BadUSBMan-in-the-Middle with a Raspberry PiLessons from AWS NLB TimeoutsJonathan Lynch, Alan NingAchieving RCE on Tomcat via CVE-2016-8735 — A Proof of ConceptIntroductionOwning the Smart Home with Logitech Harmony HubCritical remote root vulnerabilities discovered in…GPON Home Gateway RCE threatens tens of thousands usersYou get a shell, you get a shell, everybody…MikroTik Firewall & NAT BypassExploitation from WAN to LANA Design FlawMake It Rain with MikroTikNot a Coinhive WriteupCan you hear me in the… front?Poppin’ Calc: Web Studio EditionWhat Even Are You?Reversing the Rachio Smart Sprinkler ControllerRooting Nagios Via Outdated LibrariesNagios XI vulnerable since 2012Trumping Physical Security with Software InsecurityExploiting an 18 Year Old BugA Write-up for CVE-2018–1160CSRF is No JokeFrom CSRF to RCE in Cisco Energy ManagementIntroductionRemotely Exploiting Zoom MeetingsHello Everyone,PLC Bug HuntA Team Building Activity.