Exploit

Entries with this tag talk about cases of vulnerability exploitation or address the creation and use of code strings known as exploits.

Photo by sebastiaan stam on Unsplash

January 12, 2023

Carlos Bello


Injecting JS into one site is harmful, into all, lethal

In this blog post, we present in detail a vulnerability we discovered in Rushbet v2022.23.1-b490616d, along with the steps to follow to replicate the exploit.

Photo by Nahel Abdul Hadi on Unsplash

November 23, 2022

Carlos Bello


So it's the app itself that delivers the cookie to me?

In this blog post, I present in detail a zero-day vulnerability I discovered in KAYAK v161.1, along with the steps to follow to replicate the exploit.

Photo by Andrew Neel on Unsplash

September 12, 2022

Felipe Ruiz


Top 10 international capture the flag competitions

Do you know what capture the flag is in the cybersecurity field? Are you aware of some of the most recent and prominent CTF competitions worldwide? Learn here.

Photo by Axel Ruffini on Unsplash

September 6, 2022

Andres Roldan


A Black Hat talk follow up

We will take a brief understanding at DirectX, a new attack surface on Hyper-V

Photo by Lenny Kuhne on Unsplash

May 28, 2022

Andres Roldan


Cross-process memory patching with Python

We will take AMSI bypass to another level by using cross-process memory injection.

Photo by Chris Briggs on Unsplash

April 20, 2022

Felipe Ruiz


Three strikes already for this web browser in 2022

In this blog post, you can learn about three zero-day vulnerabilities of at least high severity in Google Chrome that have been exploited this year.

Photo by tabitha turner on Unsplash

December 23, 2021

Jason Chavarría


Patch these Log4j vulnerabilities or perish!

A vulnerability in the ubiquitous open-source library Log4j has revealed terrifying exploit possibilities. Learn what it is and what you should do about it.

Photo by Clark Van Der Beken on Unsplash

December 7, 2021

Jason Chavarría


Clues in the investigation of cyberattacks

We describe the kinds of technical traces left in the phases of a cyberattack and talk about how they may help the attribution process.

Photo by Anil Xavier on Unsplash

December 2, 2021

Jason Chavarría


Here's what happened this year, in case you missed it

Supply chain attacks, ransomware and data leaks: We give you a short summary of the major cyberattacks of 2021.

Start your 21-day free trial

Discover benefits of our Continuous Hacking solution, which hundreds of organizations are already enjoying.

Start your 21-day free trial