Needed bloodhound.py with kerberos support for the latest HTB machine, so I merged master into Dirk-jan's Kerberos branch and it gave me working Bloodhound 4.2+ exports :) Try it out and report any issues to me! All credits go to the authors. github.com/jazzpizazz/Blo…

GDG Algiers CTF 2022 復習Writeup blog.hamayanhamayan.com/entry/2022/10/… #ctf

這次 hack. lu CTF 的 web 題難度及有趣度應該是打過的比賽中排前三的，學到了不少東西，內文包含： 1. Electron relaunch 2. Python decorator 執行程式碼 3. 讓 Apache 不輸出 content type 4. GIF + JS polyglot 5. 繞過 SQLite 不合法欄位 6. JS 註解 <!-- 7. superjson blog.huli.tw/2022/10/31/hac…

Just for completeness here is my solve script: files.veryhax.ninja/solve-foodapi-… For anyone that wants another challenge try exploit this, with mysql instead of sqlite. 😈

I’ve just bought #javascriptforhackers by Gareth Heyes \u2028🔥

I am thrilled to share my first two CVE assignments CVE-2023-50694 and CVE-2023-50693 for discovering HTTP request smuggling vulnerabilities in HTTPbeast and Jester, both written in Nim language. tenable.com/cve/CVE-2023-5… tenable.com/cve/CVE-2023-5…

Shoutout to Ahmed Yasser & vvxhid for this 🔥 find! It's always cool to see our huntrs team up to uncover vulnerabilities. Check out the details here: bit.ly/3TUw4aS

Attacking UNIX Systems via CUPS, Part I evilsocket.net/2024/09/26/Att…

Imagine opening a Discord message and suddenly your computer is hacked. We discovered a bug that made this possible and earned a $5,000 bounty for it. Here's the story and a beginner-friendly deep dive into V8 exploit development. Watch: youtube.com/watch?v=R3SE4V…

very pleased to announce the release of my new article based on my research that led to CVE-2024-46982 titled: Next.js, cache, and chains: the stale elixir zhero-web-sec.github.io/research-and-t… note: does not cover the latest findings shared in my recent posts enjoy reading;

the research paper is out: Next.js and the corrupt middleware: the authorizing artifact result of a collaboration with inzo that led to CVE-2025-29927 (9.1-critical) zhero-web-sec.github.io/research-and-t… enjoy the read!

lightyear just got 6 times faster! Although I now work at Synacktiv, I proposed a PR for the tool to support threading and compression, greatly reducing the time required to dump a file. Dumping the demo /etc/passwd now takes 48s instead of 5m30. github.com/ambionics/ligh…