The Latest Exploits/Vulnerabilities

Exploit Discussion

Find the Best Exploits/Vulnerabilities from 2018 here:


CrackMapExec - Post-Exploitation Tool

CrackMapExec – Active Directory Post-Exploitation Tool

CrackMapExec (a.k.a CME) is a post-exploitation tool that helps automate assessing the security of large Active Directory networks. Built with stealth in mind, CME follows the concept of “Living off the Land”: abusing built-in Active Directory features/protocols to achieve its functionality and allowing it to evade most endpoint protection/IDS/IPS solutions. CME makes heavy use of […]

Topic: Exploits/Vulnerabilities, Hacking Tools, Windows Hacking
EvilAbigail - Automated Evil Maid Attack For Linux

EvilAbigail – Automated Evil Maid Attack For Linux

EvilAbigail is a Python-based tool that allows you run an automated Evil Maid attack on Linux systems, this is the Initrd encrypted root fs attack. An Evil Maid attack is a type of attack that targets a computer device that has been shut down and left unattended. An Evil Maid attack is characterized by the […]

Topic: Exploits/Vulnerabilities, Hacking Tools, Linux Hacking
Another Week Another Mass Domain Hijacking

Another Week Another Mass Domain Hijacking

Following shortly after the .io domain cock-up that left thousands vulnerable to domain hijacking, this week more than 750 domains were jacked via registrar Gandi. Seems like some pretty sloppy administration going on, but that’s how business goes sadly security is still a very much reactive trade. People don’t enable strict controls and audit unless […]

Topic: Exploits/Vulnerabilities, Web Hacking
DJI Firmware Hacking Removes Drone Flight Restrictions

DJI Firmware Hacking Removes Drone Flight Restrictions

Drones have been taking over the world, everyone with a passing interest in making videos has one and DJI firmware hacking gives you the ability to remove all restrictions (no-fly zones, height and distance) which under most jurisdictions is illegal (mostly EU and FAA for the US). It’s an interesting subject, and also a controversial […]

Topic: Exploits/Vulnerabilities, Hardware Hacking, Legal Issues
GnuPG Crypto Library libgcrypt Cracked Via Side-Channel

GnuPG Crypto Library libgcrypt Cracked Via Side-Channel

Some clever boffins including Internet software pioneer djb have gotten libgcrypt cracked via a Side-Channel attack which has to do with the direction of a sliding window carried out in the library. Patches have already been released so update your Linux servers ASAP, even though honestly it seems like a fairly theoretical attack (this side-channel […]

Topic: Cryptography, Exploits/Vulnerabilities