unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Analysis and Scanner for Ivanti CVE-2025-0282
SummaryIvanti recently released an advisoryfor CVE...
2025-1-10 21:22:0 | 阅读: 42 |
收藏
|
bishopfox.com - bishopfox.com
ift
client
crash
clientip
Cyber Mirage: How AI is Shaping the Future of Social Engineering
“As a Red Teamer, I’ve always believed the best defe...
2025-1-8 08:0:0 | 阅读: 4 |
收藏
|
bishopfox.com - bishopfox.com
deepfake
brandon
deepfakes
vocal
chris
Current State of SonicWall Exposure: Firmware Decryption Unlocks New Insights
This is part two of a three-part series on SonicWall fire...
2024-12-13 14:0:0 | 阅读: 5 |
收藏
|
bishopfox.com - bishopfox.com
firmware
security
identify
precision
Sonicwall Firmware Deep Dive - Part 1
At Bishop Fox, we spend a lot of time researching ne...
2024-12-2 22:0:0 | 阅读: 19 |
收藏
|
bishopfox.com - bishopfox.com
swi
firmware
sig
nsv
salt
The Growing Concern of API Security
The Growing Concern of API SecurityAs the internet...
2024-11-27 23:0:0 | 阅读: 3 |
收藏
|
bishopfox.com - bishopfox.com
security
attackers
processes
A Brief Look at FortiJump (FortiManager CVE-2024-47575)
CVE-2024-47575, also known as FortiJump, recently ga...
2024-11-2 00:15:0 | 阅读: 43 |
收藏
|
bishopfox.com - bishopfox.com
fortigate
ncat
47575
x509
Broken Hill: A Productionized Greedy Coordinate Gradient Attack Tool for Use Against Large Language Models
TL;DR: This blog explains the GCG attack, which tricks AI chatbots into misbehaving, and introduce...
2024-9-24 23:0:0 | 阅读: 12 |
收藏
|
bishopfox.com - bishopfox.com
llm
gcg
hill
weapon
Exploring Large Language Models: Local LLM CTF & Lab
TL;DR: Explore research on isolating functional expectations for LLMs using a controller to manage...
2024-9-12 01:0:0 | 阅读: 6 |
收藏
|
bishopfox.com - bishopfox.com
llm
llms
outputmode
phi3
patron
Product Security Review Methodology for Traeger Grill Hack
In this blog, we aim to provide additional context on how Bishop Fox staff discovered vulnerabiliti...
2024-7-3 06:22:0 | 阅读: 13 |
收藏
|
bishopfox.com - bishopfox.com
fox
bishop
grill
omitted
brevity
The Unmask IAM Permission: API Gateway Access Logging
In the era of cloud computing, where businesses leverage platforms like Amazon Web Services (AWS) f...
2024-6-7 06:26:0 | 阅读: 10 |
收藏
|
bishopfox.com - bishopfox.com
unmask
cloud
7x18l9o7og
masked
queryid
PAN-OS CVE-2024-3400: Patch Your Palo Alto Firewalls
OverviewCVE-2024-3400, a critical-severity vulnerability in PAN-OS, allows pre-authenticated remot...
2024-4-19 23:16:0 | 阅读: 15 |
收藏
|
bishopfox.com - bishopfox.com
telemetry
injection
alto
palo
payload
The iSOON Disclosure: Exploring the Integrated Operations Platform
In February, the cybersecurity community was provided with an unauthorized public information disc...
2024-3-21 18:0:0 | 阅读: 26 |
收藏
|
bishopfox.com - bishopfox.com
mission
security
analysis
network
whitepaper
Poisoned Pipeline Execution Attacks: A Look at CI-CD Environments
Continuous Integration and Continuous Deployment (CI/CD) pipelines have revolutionized how softwar...
2024-3-19 19:0:0 | 阅读: 24 |
收藏
|
bishopfox.com - bishopfox.com
repository
github
ppe
attacker
malicious
Further Adventures in Fortinet Decryption
When CVE-2024-21762 and CVE-2024-23113 were patched in February 2024, Bishop Fox analyzed the patch...
2024-3-8 19:0:0 | 阅读: 160 |
收藏
|
bishopfox.com - bishopfox.com
rootfs
fgt
flatkc
vals
kallsyms
CVE-2024-21762 Vulnerability Scanner for FortiGate Firewalls
Due to the nature in which we conduct research and penetration tests, some of our security experts p...
2024-3-1 19:0:0 | 阅读: 53 |
收藏
|
bishopfox.com - bishopfox.com
security
fortune
fox
bishop
excellence
It’s 2024 and Over 178,000 SonicWall Firewalls are Publicly Exploitable
Summary SonicWall next-generation firewall (NGFW) series 6 and 7 devices are affected by two...
2024-1-16 01:0:0 | 阅读: 33 |
收藏
|
bishopfox.com - bishopfox.com
snprintf
chk
22274
overflow
0656
GWT: Unpatched, Unauthenticated Java Deserialization
IntroductionHow would you react if I told you that GWT, a fairly popular open-source web applicat...
2023-12-19 01:0:0 | 阅读: 20 |
收藏
|
bishopfox.com - bishopfox.com
gwt
client
omitted
brevity
Introducing Swagger Jacker: Auditing OpenAPI Definition Files
Swagger Jacker, or “sj” for short, is an open-source tool developed to audit OpenAPI definition fi...
2023-12-12 22:0:0 | 阅读: 7 |
收藏
|
bishopfox.com - bishopfox.com
swagger
routes
security
openapi
Cloud Security Podcast Featuring Seth Art: Network Pentest 2.0
Ashish: Seth, can you tell us a bit about yourself and how you got to where you are today? Seth: S...
2023-11-8 22:0:0 | 阅读: 10 |
收藏
|
bishopfox.com - bishopfox.com
cloud
network
ashish
seth
security
Cloud Security Podcast Featuring Seth Art: Cloud Pentest of AWS
Seth Art, principal at Bishop Fox and creator of CloudFox and CloudFoxable, joined Cloud Security P...
2023-11-1 21:0:0 | 阅读: 14 |
收藏
|
bishopfox.com - bishopfox.com
cloud
seth
ashish
security
client
Previous
1
2
3
4
5
6
7
8
Next