Hacking

A backdoor in our code that can perform OS injection is one of the most scary scenarios ever. Currently, npm has more than 1.2M of public packages available.

Attackers try to take over user accounts for several reasons and through several different methods. Learn why ATOs occur and what you can do about them.

Recap of Bishop Fox's favorite penetration testing tools for 2020 including, Nuclei, Spyse Search Engine, Dufflebag, GadgetProbe, RMIScout and more.

This credit card skimmer hides in plain sight, quite literally, as it resides inside the metadata of image files. We analyze the threat.

Wearing a striped shirt and Matrix-style dark glasses, Onel de Guzman stared at the floor as he made his way through a crowd of photographers into a hastily arranged press conference in Quezon City, a suburb of the Philippines capital Manila.

In the 1980’s, Cliff Stoll discovered a $0.75 accounting error on the computer systems he managed at Lawrence Berkeley Laboratory. This small discovery would eventually lead him on the year-l…

Sécurité/Surveillance/Hacktualité

How GURPS Cyberpunk triggered a Secret Service raid of RPG publisher Steve Jackson Games' offices.

Root Me est une plateforme permettant à chacun de tester et d'améliorer ses connaissances dans le domaine de la sécurité informatique et du hacking à travers la publication de challenges, de solutions, d'articles.

:pushpin: Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security. - sundownd...

Do you want to stop criminals from getting into your Gmail or Facebook account? Are you worried about the cops spying on you? We have all the answers on how to protect yourself.

A collection of various awesome lists for hackers, pentesters and security researchers - Hack-with-Github/Awesome-Hacking

DoS tool for HTTP requests (inspired by hulk but has more functionalities) - Quitten/doser.py

Company tells employees to seek new employment after suspending all operations right before Christmas.

Download a free, fully functional evaluation of PassMark OSForensics from this page, or download a sample hash set for use with OSForensics. 32-bit and 64-bit versions of OSForensics are available.

Friendly white-hat hackers who gently access your vulnerable systems and patch them when you are not allowed to.

Thirty years ago, Cliff Stoll published The Cuckoo's Egg, a book about his cat-and-mouse game with a KGB-sponsored hacker. Today, the internet is a far darker place—and Stoll has become a cybersecurity icon.

Venez jouer et apprendre de nouvelles techniques!

This is a collection of legal wording and documentation used for physical security assessments. The goal is to hopefully allow this as a template for other companies to use and to protect themselve...

Demonstration of Cross Site Request Forgery(CSRF) with a simple todo app.

The best hacker's gadgets for Red Team pentesters and security researchers. - yadox666/The-Hackers-Hardware-Toolkit

And how not to handle reported vulnerabilities

A pentester shares a story that shows how social engineering can get you anywhere.

A collection of hacking / penetration testing resources to make you better! - vitalysim/Awesome-Hacking-Resources

Earlier this month, a researcher discovered Wi-Fi has a fundamental security flaw. Again.

This blog has moved! This post and other mistakes are now at https://mango.pdf.zone

First of all, I would like to state that my intentions with this are article are entirely dishonourable. I want to help hackers to break…