Brida 0.5 released for Hack In Paris 2021!
Hi! Last Friday my colleague Piergiovanni […]
The post Brida 0.5 released for Hack In Paris 2021! appeared first on hn security.
Hi! Last Friday my colleague Piergiovanni […]
The post Brida 0.5 released for Hack In Paris 2021! appeared first on hn security.
A few years back, I published […]
The post letme.go – A minimalistic Meterpreter stager written in Go appeared first on hn security.
“A vulnerability provides an assembly language […]
The post New (and old) shellcode samples appeared first on hn security.
Hi, A few days ago, Hack […]
The post Hack In Paris video and Brida demo plugins released appeared first on hn security.
Hi! Years ago ( 🙁 ) […]
The post A journey into IoT – Chip identification, BUSSide, and I2C appeared first on hn security.
Disclaimer: as many other security researchers […]
The post A journey into IoT – Unknown Chinese alarm – Part 1 – Discover components and ports appeared first on hn security.
“Humans are more suited to recognize […]
The post Semgrep ruleset for C/C++ vulnerability research appeared first on hn security.
Backstory During a red teaming exercise […]
The post Zyxel firmware extraction and password analysis appeared first on hn security.
Disclaimer: as many other security researchers […]
The post A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis appeared first on hn security.
“We live on a placid island […]
The post Multiple vulnerabilities in Zyxel zysh appeared first on hn security.
Hi! According to the official documentation, Semgrep […]
The post Semgrep rules for PHP security assessment appeared first on hn security.
“Some details are more important than […]
The post Automating binary vulnerability discovery with Ghidra and Semgrep appeared first on hn security.
A few months ago, new firmware […]
The post Zyxel authentication bypass patch analysis (CVE-2022-0342) appeared first on hn security.
Disclaimer: as many other security researchers […]
The post A journey into IoT – Unknown Chinese alarm – Part 3 – Radio communications appeared first on hn security.
During our analysis of Zyxel’s device […]
The post Useless path traversals in Zyxel admin interface (CVE-2022-2030) appeared first on hn security.
Java web applications are far from […]
The post Groovy Template Engine Exploitation – Notes from a real case scenario appeared first on hn security.
Hi, I recently had the chance […]
The post Semgrep rules for Kotlin security assessment appeared first on hn security.
Hi, Last year (I know, I’m […]
The post Burp Suite and Protobuf appeared first on hn security.
Disclaimer: as many other security researchers […]
The post A journey into IoT – Unknown Chinese alarm – Part 4 – Internal communications appeared first on hn security.
“What has been will be again, […]
The post Nothing new under the Sun – Discovering and exploiting a CDE bug chain appeared first on hn security.
Apache Maven is a well-known tool […]
The post Abusing Maven’s pom.xml appeared first on hn security.
Hello there! Please allow me a […]
The post Celebrating two years of HN Security appeared first on hn security.
Hi! We are releasing Kraken, HN […]
The post Cracked password analytics with Kraken appeared first on hn security.
In this article, I’ll show how […]
The post Pentesting Xamarin Android apps: DLLs and root check bypass appeared first on hn security.
-> Setting up the environment + […]
The post Extending Burp Suite for fun and profit – The Montoya way – Part 1 appeared first on hn security.
Setting up the environment + Hello […]
The post Extending Burp Suite for fun and profit – The Montoya way – Part 2 appeared first on hn security.
Setting up the environment + Hello […]
The post Extending Burp Suite for fun and profit – The Montoya way – Part 3 appeared first on hn security.
Setting up the environment + Hello […]
The post Extending Burp Suite for fun and profit – The Montoya way – Part 4 appeared first on hn security.
Lately I’ve been conducting research into […]
The post Customizing Sliver – Part 1 appeared first on hn security.