This week again, we are publishing a list of research worth reading! Make sure you check it out!
❤️ CVE Hunting Made Easy
I really liked this article this week, grab some Wordpress plugins, run Semgrep, timeboxe your review of the results, get CVEs... CVE Hunting Made Easy.
🤙 Why bother with argv[0]?
This article shows how something as simple as argv[0], the first command-line argument, can be used to sneak past security checks: Why bother with argv[0]?.
🐧 The Art of Exploiting Active Directory from Linux
Should you hack AD from Windows or Linux? This article provides some interesting insights on the subject The Art of Exploiting Active Directory from Linux.
📖 bhyve(8) privileged guest escape via TPM device passthrough
Here's an interesting FreeBSD advisory from the team at Synacktiv: bhyve(8) privileged guest escape via TPM device passthrough
👉 AppSec eZine #551
AppSec eZine is back with issue #551.
