Security Links
A vulnerability was found in Quarkus in the quarkus-security-webauthn module. The Quarkus WebAuthn module publishes default REST endpoints for registering and logging users in while allowing developers to provide custom REST endpoints. When developers provide custom REST endpoints, the default endpoints remain accessible, potentially allowing attackers to obtain a login cookie that has no corresponding user in the Quarkus application or, depending on how the application is written, could correspond to an existing user that has no relation with the current attacker, allowing anyone to log in as an existing user by just knowing that user's user name.
#TECHNIQUE
Cynet Attack Techniques Hands On

List of attack techniques.

https://www.cynet.com/attack-techniques-hands-on/
Unprotect Project

Search Evasion Techniques.

https://unprotect.it/
Push Security Blog

We research and share the latest identity attack techniques to help blue teams understand the threats they face.

https://pushsecurity.com/blog
Reddit Blackhat

Hacking techniques and research. Focused on the ongoing discussion and documentation of vulnerabilities and exploitation techniques. Please read the rules before posting here.

https://www.reddit.com/r/blackhat/
Anti-Debug Tricks

This encyclopedia contains the description of anti-debug tricks which work on the latest Windows releases with the most popular debuggers (such as OllyDbg, WinDbg, x64dbg). Deprecated techniques (e.g. for SoftICE, etc.) are not included (despite all the love to SoftICE).

https://anti-debug.checkpoint.com/