unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Breaking Fortinet Firmware Encryption
IntroductionThe previous article in our Fortinet series, CVE-2023-27997 is exploitable, and 69%...
2023-8-2 21:0:0 | 阅读: 7 |
收藏
|
bishopfox.com - bishopfox.com
ciphertext
cleartext
encryption
firmware
fgt
Citrix ADC Gateway RCE: CVE-2023-3519 is Exploitable, and 53% of Servers Are Unpatched
Update Monday, July 24, 2023: After originally publishing an analysis of unpatched servers on Fri...
2023-7-22 01:55:0 | 阅读: 11 |
收藏
|
bishopfox.com - bishopfox.com
citrix
adc
netscaler
unpatched
analysis
Introducing jsluice: The Why Behind JavaScript Gold Mining (Part 1)
JavaScript. Depending on who you are it's a word that can instil fear, joy, or curiosity. Regardle...
2023-7-20 21:0:0 | 阅读: 5 |
收藏
|
bishopfox.com - bishopfox.com
guestbook
jsluice
analysis
security
Introducing jsluice: A Technical Deep-Dive for JavaScript Gold (Part 2)
A sluice box is a box lined with riffles or ridges. When you put a sluice box in flowing water tha...
2023-7-20 21:0:0 | 阅读: 4 |
收藏
|
bishopfox.com - bishopfox.com
jsluice
jq
awskey
analysis
CVE-2023-27997 Is Exploitable, and 69% of FortiGate Firewalls Are Vulnerable
TL;DR Bishop Fox internally developed an exploit for CVE-2023-27997, a heap overflow in FortiOS—t...
2023-7-1 01:0:0 | 阅读: 7 |
收藏
|
bishopfox.com - bishopfox.com
fortios
fortigate
remote
logarithmic
CVE-2023-27997 Vulnerability Scanner for FortiGate Firewalls
TL;DRBishop Fox has developed a tool to quickly check if a remote FortiGate firewall is affected...
2023-6-21 05:0:0 | 阅读: 11 |
收藏
|
bishopfox.com - bishopfox.com
fortigate
27997
memory
statistic
overflow
Introducing CloudFoxable: A Gamified Cloud Hacking Sandbox
CloudFox helps penetration testers and security professionals find exploitable attack paths in clo...
2023-6-13 22:0:0 | 阅读: 7 |
收藏
|
bishopfox.com - bishopfox.com
cloud
security
github
cloudfox
Power Up Your Pen Tests: Creating Burp Suite Extensions with the New Montoya API
As a security consultant who spends a lot of time testing web applications, Burp Suite is the soft...
2023-5-25 21:0:0 | 阅读: 6 |
收藏
|
bishopfox.com - bishopfox.com
burp
montoya
burpcage
kotlin
proxy
A More Complete Exploit for Fortinet CVE-2022-42475
BackgroundRecently, there has been some buzz about remotely exploitable vulnerabilities in Fortin...
2023-5-17 19:0:0 | 阅读: 8 |
收藏
|
bishopfox.com - bishopfox.com
shellcode
payload
mprotect
fortigate
memory
What the Vuln: EDR Bypass with LoLBins
IntroductionIn a world of ever-evolving cybersecurity threats, endpoint detection and response so...
2023-3-23 22:0:0 | 阅读: 17 |
收藏
|
bishopfox.com - bishopfox.com
c2
download
windows
attacker
What the Vuln: Zimbra
What the Vuln is a new series where in each episode our offensive security experts and hackers dee...
2023-2-21 20:0:0 | 阅读: 10 |
收藏
|
bishopfox.com - bishopfox.com
zimbra
network
zimbraadmin
bf
jetty
Spoofy: An Email Domain Spoofing Tool
Email is an essential tool in modern communication; however, the underlying technology is often ta...
2023-2-1 23:0:0 | 阅读: 10 |
收藏
|
bishopfox.com - bishopfox.com
spoofy
spf
spoofing
dmarc
spoof
Cloud Penetration: Not Your Typical Internal Testing
This blog originally appeared on SethSec: https://sethsec.blogspot.com.There seems to be a common...
2023-1-11 00:0:0 | 阅读: 7 |
收藏
|
bishopfox.com - bishopfox.com
cloud
realize
ec2
tooling
security
160K COVID-19 Records: Vulnerability in Avicena Medical Laboratory
Electronic health records (EHR) and personally identifiable information (PII) are highly sought by...
2022-12-10 00:0:0 | 阅读: 9 |
收藏
|
bishopfox.com - bishopfox.com
avicena
ks
kos
php
ipko
The State of Vulnerabilities in 2022
“You’re only as strong as your weakest link.” Or in the cyber space – vulnerabilities. By keeping...
2022-10-19 23:0:0 | 阅读: 6 |
收藏
|
bishopfox.com - bishopfox.com
gitlab
security
ssrf
bounties
(In)Secure by Design
In 2021, design as a security concern became a top-of-mind issue for application security professio...
2022-9-22 22:30:0 | 阅读: 12 |
收藏
|
bishopfox.com - bishopfox.com
security
injection
modeling
development
Introducing: CloudFox
CloudFox helps you gain situational awareness in unfamiliar cloud environments. It’s a command line...
2022-9-13 20:0:0 | 阅读: 14 |
收藏
|
bishopfox.com - bishopfox.com
cloudfox
cloud
rds
database
security
Solving the Unredacter Challenge
OverviewSerious security researchers are constantly monitoring industry happenings for interesting...
2022-9-8 23:0:0 | 阅读: 7 |
收藏
|
bishopfox.com - bishopfox.com
blur
gimp
blurred
reverse
gaussian
You're (Still) Doing IoT RNG
It’s been a whole year since Allan Cecil and I, Dan Petro, gave our presentation at DEF CON 29 deta...
2022-8-24 21:0:0 | 阅读: 5 |
收藏
|
bishopfox.com - bishopfox.com
entropy
csprng
hardware
rng
quantity
An Introduction to Bluetooth Security
Bluetooth is an established yet growing technology that allows the exchange of data between device...
2022-6-28 04:0:0 | 阅读: 11 |
收藏
|
bishopfox.com - bishopfox.com
security
tk
exchange
association
pairing
Previous
2
3
4
5
6
7
8
9
Next