Latest Infosec News and Articles
- jwt-hack: tool for hacking/security testing to JWT https://securityonline.info/jwt-hack-tool-for-hacking-security-testing-to-jwt/
- SharpCookieMonster – Extracts Cookies From Chrome https://www.kitploit.com/2022/02/sharpcookiemonster-extracts-cookies.html
- WELA: Windows Event Log Analyzer https://securityonline.info/wela-windows-event-log-analyzer/
- GitBleed – Finding Secrets in Mirrored Git Repositories https://wwws.nightwatchcybersecurity.com/2022/02/11/gitbleed/
- Dropping Files on a Domain Controller Using CVE-2021-43893 https://www.rapid7.com/blog/post/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893/
- Overview of GLIBC heap exploitation techniques https://0x434b.dev/overview-of-glibc-heap-exploitation-techniques/
- A collection of scripts for assessing Microsoft Azure security https://github.com/NetSPI/MicroBurst
- Check for LDAP protections regarding the relay of NTLM authentication https://github.com/zyn3rgy/LdapRelayScan
- Forensic Analysis Of Xiaomi IoT Ecosystem https://www.forensicfocus.com/webinars/forensic-analysis-of-xiaomi-iot-ecosystem/
- Precursor: From Boot to Root https://www.bunniestudios.com/blog/?p=6336
Latest Vulnerabilities, POCs, and Exploit
- Hotel Druid 3.0.3 – Remote Code Execution (RCE) https://www.exploit-db.com/exploits/50754
- WordPress Plugin dzs-zoomsounds 6.60 – Remote Code Execution (RCE) (Unauthenticated) https://www.exploit-db.com/exploits/50753
- ServiceNow – Username Enumeration https://www.exploit-db.com/exploits/50741
