The DVC from TRCore has a Path Traversal vulnerability and does not restrict the types of uploaded files. This allows unauthenticated remote attackers to upload arbitrary files to any directory, leading to arbitrary code execution by uploading webshells.

ALL

1
NEW

CyberScoop delivers up-to-the-minute breaking cybersecurity news and is the leading public sector media company reaching top leaders.

NEW

VirusShare.com is a repository of malware samples to provide security researchers, incident responders, forensic analysts, and the morbidly curious access to samples of live malicious code.

NEW

The Largest Password Recovery Community. Join our (discord) community, fully geared towards recovering the plains of hash algorithms. Fully supports non-binary hashcat algorithms. MD5, SHA1, ZIP, Bitcoin, Ethereum, Dogecoin Wallets - we have it all.

NEW

The latest Security breaking news, comment, reviews and features from the experts at TechRadar.

NEW

The latest research, reports and releases from the minds at Permiso Security.

NEW

SiliconANGLE Media Inc. has dedicated itself to covering the massive, often underreported global impact of enterprise and emerging technologies, from semiconductors to computer and networking systems to the cloud, as well as the applications, cybersecurity, AI and machine learning, blockchain and other technologies built on top of that foundation.

NEW

Keep up with the latest attack trends, research, and cybersecurity industry updates on the Perception Point blog!

NEW

Perception Point’s learning center is full of useful and informative guides on every topic related to enterprise cybersecurity.

NEW

Stay up-to-date on the latest cybersecurity topics and security operations thought leadership from ReliaQuest experts.

NEW

HeroCTF is an online cybersecurity competition for beginners and intermediates that takes place once a year.

NEW

The ATT&CK Navigator is a web-based tool for annotating and exploring ATT&CK matrices. It can be used to visualize defensive coverage, red/blue team planning, the frequency of detected techniques, and more.

NEW

Sonar is the home of Clean Code. Our blog showcases our products. SonarLint, SonarQube & SonarCloud - trusted by 400k+ organizations globally.

NEW

Get the latest information, insights, and news from Microsoft.

NEW

IT Security expertise - Penetration tests, Security audits, Code review, Training, Consulting, Vulnerability research

NEW

CryptoBook is a community project, developed by members of CryptoHack to create a resource for people to learn cryptography. The focus of this project is to create a friendly resource for the mathematical fundamentals of cryptography, along with corresponding SageMath implementation.

NEW

Menlo Labs provides insights, expertise, context and tools to aid customers on their journey to connect, communicate and collaborate securely without compromise. The collective is made up of elite security researchers that put a spotlight on the threats you know and don’t know about.

NEW

Read more about how Netskope is enabling security and networking transformation through secure access service edge (SASE).

NEW

Tackle tech challenges together. Join our IT community to connect, share your expertise, get answers, stay up with trends, advance your career, and keep IT fun!

NEW

Sinkholing is a technique whereby a resource used by malicious actors to control malware is taken over and redirected to a benign listener that can (to a varying degree) understand network connections coming from infected devices. This provides visibility of the distribution of infected devices worldwide, as well as protecting victims by preventing botnet command and control (C2) from cybercriminals.

Stay up-to-date with the latest file extensions being used by attackers.

Enter a domain or URL into the search engine to view details about its current URL categories. To request recategorization of this website, click Request Change below the search results.

PoC auto collect from GitHub. Be careful Malware.

Infosec's favorite weekly newsletter for news, tools, and tips with 18,000+ CISOs, founders, change-makers, and straight up hackers.

AttackIQ Academy combats cyberthreats with free courses by top experts. Enjoy hands-on learning in MITRE ATT&CK®, purple teaming, and breach & attack simulation, earning badges and certifications. Enhance your cybersecurity skills at no cost as part of the Informed Defender Community. Join us and become a cybersecurity hero today!

PolySwarm is a crowdsourced threat detection marketplace where security experts & AV companies compete to protect you.

A site for sharing packet capture (pcap) files and malware samples. I started this blog in 2013 to share pcaps and malware samples. Due to issues with Google, I've had to take most all blog posts downfrom 2013 through 2018, and I've been slowly restoring these pages using a new pattern for the password-portected zip archives.

Read McAfee Labs blogs for the latest threat research, threat intelligence, and thought leadership from the Threat Research team.

In the contemporary cybersecurity landscape, Security Operations Centers find themselves besieged by an overwhelming number of cyber threats, escalating in both frequency and complexity, leaving traditional...

Your go-to source for expert red team tips and tricks. Elevate your cybersecurity game with our insightful content.

The site for people they like to build Network Servers with CentOS, Ubuntu, Fedora, Debian, Windows Server.

AMSI.fail generates obfuscated PowerShell snippets that break or disable AMSI for the current process. The snippets are randomly selected from a small pool of techniques/variations before being obfuscated. Every snippet is obfuscated at runtime/request so that no generated output share the same signatures.

Living Off The Land Payload Generator.

The Netwrix blog is a free source of best practices, trends and expert advice for cybersecurity and IT pros.

Expert insight, best practices and advice on cloud native security, trends, threat intelligence and compliance.

We keep you posted on the latest cyber threats. Learn more about what is new in the world of IT security. Knowledge is the best protection.

1