Research Hub

Java Remote Method Invocation (RMI) is a Java API that performs remote procedure calls and allows a client application to access or invoke the services available on a remote Java …

Read Story

You just found a Java deserialization bug, you ran all your ysoserial payloads, and.... you got nothing. Now what? How can you debug or build a gadget chain if you're …

Read Story

Did you know that Elastic Block Store (Amazon EBS) has a "public" mode that makes your virtual hard disk available to anyone on the internet? Apparently, hundreds of thousands of …

Read Story

Build secure Salesforce web applications and pass the SFDC AppExchange security review. As with any web application, it’s important to follow secure development practices when building an application on the …

Read Story

Although the Electron framework has gained popularity in recent years for simplifying desktop application development, many still consider it inherently insecure. This blog examines how various Electron exploits work and …

Read Story

This is the companion dictionary of the Cybersecurity Style Guide. The cyber.dic dictionary file can be added to your word processor to augment its standard spellcheck list. This is a resource …

Read Story

Eyeballer is an AI-powered, open source tool designed to help penetration testers assess large-scale external perimeters. About Eyeballer Give those screenshots of yours a quick eyeballing. Eyeballer is meant for …

Read Story

Introducing ZigDiggity, a ZigBee testing framework created by Bishop Fox. About ZigDiggity ZigDiggity version 2 is a major overhaul of the original package and aims to enable security auditors and developers to run …

Read Story

You May Also Like

Subscribe by Email