exploit.org

Alert for iOS users Trust Wallet has just alerted about zero-day exploit in iMessage. To disable iMessage go to Settings > Messages and toggle iMessage button. The days are getting harder and harder 🤷

Hi to all of those with superior taste and knowledge of true mastery. Today we are giving away 10 Telegram Premiums amongst our subscribers. Enjoy and hope the stakes play in your favour, while we do our job 😉

Everything Lit: Ways to achieve UEFI persistence. Just one view of "extreme" techniques. Imagination and knowledge is all you need! https://blog.exploit.org/everything-lit/

Pivoting against Windows is a fairly complex post-exploitation process. In this article I will demonstrate my new method of link layer pivoting using SoftEther and without a virtual machine Caster — Witchhammer https://blog.exploit.org/witchhammer

New version of Above v2.5 sniffer + The tool now handles all frames and packets in the air + New 5 protocols support: EAPOL, ARP, IGMP, DHCP, ICMPv6 + New visual output of packets + Completely rewritten and simplified code, removed threads, removed dependency on pcap_analyzer + Fixed code for some protocols for error handling https://github.com/casterbyte/Above/releases/tag/v2.5

Beyond the Code: Exposing in Disguise In this article we will review the usage of such techniques as TLS (JA3) Fingerprinting, HTTP/2 Fingerprinting in a use case of malicious client detection. https://blog.exploit.org/exposing-in-disguise/

NetArmor v1.1 released + Fixed ClientHello packet detection in TLS Fingerprinting + Advanced HTTP/2 Fingerprinting according to Akamai's White Paper + JDK 11 and upper support + ALPN support in Reactor Netty Provider Github

Beyond the Code: Art of AppSec in Java: Part 1 Master your knowledge of application security, follow best practices and become stronger with us. https://blog.exploit.org/java-appsec/

Release of an article on the experimental vector of pivoting against Windows Caster - Windows Nightmare https://blog.exploit.org/windows-nightmare

Channel created