This week, we’re excited to share a list of must-read research! These are some of the most fascinating findings we’ve come across in the past week, so don’t miss out—check them out!
🔒 Using YouTube to steal your files
An insightful write-up on how Google Slides, Open Redirects, and social engineering are leveraged: Using YouTube to steal your files.
🐍 Vulnerabilities in Open Source C2 Frameworks
Hacking the hackers... An excellent deep dive into finding vulnerabilities in Open Source C2 Frameworks.
🛡️ A Journey From sudo iptables To Local Privilege Escalation
Gained access to a box with sudo iptables permissions—what’s next? The Shielder team covers it in their latest post: A Journey From sudo iptables To Local Privilege Escalation.
🐘 Exploiting Chamilo during a Red Team engagement
A good old PHP hacking adventure with some source code in this latest blog from QuarksLab: Exploiting Chamilo during a Red Team engagement.
🚀 Gaining access to anyone’s browser without them even visiting a website
A fascinating Swift + Firebase hack with source code in this excellent write-up: Attacking Arc.
🔑 Understanding Tokens in Entra ID: A Comprehensive Guide
A detailed and insightful guide on Tokens in Entra ID.
📚 AppSec eZine #553
AppSec eZine returns with the latest edition—check out issue #553.
