"The cyber expert in battle seeks his victory from strategic advantage and does not demand it from his SOC." - The Art of Cyber War

📚 SecMisc #

Internet Artifacts – A nostalgic collection of forgotten internet relics. Read More

The Vulnerable MCP Project – Tracking Model Context Protocol vulnerabilities in LLMs. Read More

📰 SecLinks #

Eclipse on Next.js – Conditioned exploitation of an intended race-condition. Read More

Security for High Velocity Engineering – Balancing speed with security in modern DevOps. Read More

Cloud Pentesting or Just Scanning? – A real-world discussion on cloud security testing. Read More

Invision Community <= 5.0.6 RCE – Remote Code Execution via customCss. Read More

SysAid RCE Chain – Pre-auth RCE in support ticket systems. Read More

When RSS Feeds Bite – How Chrome and Firefox handle RSS feeds differently. Read More

HTML to PDF RCE – File access and shellcode via server-side rendering. Read More

Screen Security Issues – Multiple vulnerabilities discovered in GNU Screen. Read More

Python Tools w/ UV CheatSheet – Handy CLI tools and scripts for pentesters. Read More

MrBruh's Epic Blog – Research into ASUS Driver Hub hijack. Read More

Detecting Malicious Unicode – Threats hiding in plain text. Read More

VSCode XSS to RCE – Breaking out of restricted mode. Read More

🎥 SecVideo #

How Does Surveillance Work? – A breakdown of digital surveillance systems by Victoria Baines. Watch Here

💻 SecGit #

fwalbuloushi/pixhash – CTI tool to extract and hash images from websites. Explore on GitHub

carlospolop/CloudPEASS – Privilege escalation tools for cloud environments. Explore on GitHub

The-Art-of-Hacking/h4cker – A curated collection of hacking and security resources. Explore on GitHub

ANG13T/skytrack – A cybersecurity toolkit for various security tasks. Explore on GitHub

← Back to Seclog