The Latest Exploits/Vulnerabilities

Exploit Discussion

Find the Best Exploits/Vulnerabilities from 2017 here:


UACMe - Defeat Windows User Account Control (UAC)

UACMe – Defeat Windows User Account Control (UAC)

UACme is a compiled, C-based tool which contains a number of methods to defeat Windows User Account Control commonly known as UAC. It abuses the built-in Windows AutoElevate backdoor and contains 41 methods. The tool requires an Admin account with the Windows UAC set to default settings. Usage Run executable from command line: akagi32 [Key] […]

Topic: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking
US Voting Machines Hacked At DEF CON - Every One

US Voting Machines Hacked At DEF CON – Every One

US Voting Machines Hacked, some in minutes at this year’s DEF CON “Voting Village” – not something you want to hear really. Especially with the results of recent elections that the World is currently dealing with the consequences from. Of course with physical access, most machines can be dominated in some way or another – […]

Topic: Exploits/Vulnerabilities, Hardware Hacking, Legal Issues
CrackMapExec - Post-Exploitation Tool

CrackMapExec – Active Directory Post-Exploitation Tool

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions. CME makes heavy use of […]

Topic: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking
EvilAbigail - Automated Evil Maid Attack For Linux

EvilAbigail – Automated Evil Maid Attack For Linux

EvilAbigail is a Python-based tool that allows you run an automated Evil Maid attack on Linux systems, this is the Initrd encrypted root fs attack. An Evil Maid attack is a type of attack that targets a computer device that has been shut down and left unattended. An Evil Maid attack is characterized by the […]

Topic: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking
All You Need To Know About Cross-Site Request Forgery (CSRF)

All You Need To Know About Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery is a term you’ve properly heard in the context of web security or web hacking, but do you really know what it means? The OWASP definition is as follows: Cross-Site Request Forgery (CSRF) is an attack that forces an end user to execute unwanted actions on a web application in which they’re […]

Topic: Advertorial, Exploits/Vulnerabilities, Web Hacking
Another Week Another Mass Domain Hijacking

Another Week Another Mass Domain Hijacking

Following shortly after the .io domain cock-up that left thousands vulnerable to domain hijacking, this week more than 750 domains were jacked via registrar Gandi. Seems like some pretty sloppy administration going on, but that’s how business goes sadly security is still a very much reactive trade. People don’t enable strict controls and audit unless […]

Topic: Exploits/Vulnerabilities, Web Hacking