DEV Community

TutorialBoy profile picture

TutorialBoy

Our mission is to get you into information security. We'll introduce you to penetration testing and Red Teaming. We cover network testing, Active Directory, Security Automation.

Analyzing the Google Chrome V8 CVE-2024-0517 Out-of-Bounds Code Execution Vulnerability

Analyzing the Google Chrome V8 CVE-2024-0517 Out-of-Bounds Code Execution Vulnerability

3
Comments
39 min read
Analysis of Glibc privilege escalation vulnerability "Looney Tunables" (CVE-2023-4911)

Analysis of Glibc privilege escalation vulnerability "Looney Tunables" (CVE-2023-4911)

Comments
8 min read
Analysis of Microsoft Streaming Agent Privilege Elevation Vulnerability - CVE-2023-36802

Analysis of Microsoft Streaming Agent Privilege Elevation Vulnerability - CVE-2023-36802

Comments
14 min read
Confluence Vulnerability (CVE-2023-22515): A Deep Dive into Atlassian Bamboo's Chain Security Landscape

Confluence Vulnerability (CVE-2023-22515): A Deep Dive into Atlassian Bamboo's Chain Security Landscape

Comments
8 min read
Unveiling the Secrets of XSS Bypass: Harnessing JavaScript Symbols for Code Execution

Unveiling the Secrets of XSS Bypass: Harnessing JavaScript Symbols for Code Execution

Comments
3 min read
A Malicious Python Repository fshec2 PyPI Attack Analysis

A Malicious Python Repository fshec2 PyPI Attack Analysis

Comments
4 min read
KeePass Memory Leakage Vulnerability Analysis - CVE-2023-32784

KeePass Memory Leakage Vulnerability Analysis - CVE-2023-32784

2
Comments
4 min read
Critical Analysis: Unraveling the Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246)

Critical Analysis: Unraveling the Apache RocketMQ Remote Code Execution Vulnerability (CVE-2023-33246)

Comments
7 min read
Talking about JSONP Hijacking Vulnerability

Talking about JSONP Hijacking Vulnerability

2
Comments
3 min read
Bypassing PHP WAF to Achieve Remote Code Execution In-Depth Analysis

Bypassing PHP WAF to Achieve Remote Code Execution In-Depth Analysis

Comments
5 min read
Unveiling the Sudo Heap Overflow Vulnerability (CVE-2021-3156): A Critical Security Flaw Reappears

Unveiling the Sudo Heap Overflow Vulnerability (CVE-2021-3156): A Critical Security Flaw Reappears

1
Comments
13 min read
LangChain Arbitrary Command Execution - CVE-2023-34541

LangChain Arbitrary Command Execution - CVE-2023-34541

2
Comments
2 min read
Auth.Tesla.com's Vulnerability Leads To Account Takeover of Internal Tesla Accounts

Auth.Tesla.com's Vulnerability Leads To Account Takeover of Internal Tesla Accounts

9
Comments
4 min read
The Summary Of Spring Security Authorization Bypass on Java

The Summary Of Spring Security Authorization Bypass on Java

1
Comments
12 min read
WebLogic Deserialization Vulnerability - CVE-2023-21839

WebLogic Deserialization Vulnerability - CVE-2023-21839

1
Comments
3 min read
An Authentication Bypass Vulnerabilities Methodologies

An Authentication Bypass Vulnerabilities Methodologies

Comments
4 min read
Getting Started with Internet of Vehicles Security - CAN Simulation

Getting Started with Internet of Vehicles Security - CAN Simulation

Comments
6 min read
The Unbounded Loops Vulnerability : Denial of Service

The Unbounded Loops Vulnerability : Denial of Service

Comments
4 min read
The VSCode Shortcuts, Extensions & Settings for Flutter Development

The VSCode Shortcuts, Extensions & Settings for Flutter Development

Comments
9 min read
An Unsafe Deserialization Vulnerability and Types of Deserialization

An Unsafe Deserialization Vulnerability and Types of Deserialization

5
Comments
12 min read
Apache Commons Text RCE Vulnerability Analysis - CVE-2022-42889

Apache Commons Text RCE Vulnerability Analysis - CVE-2022-42889

5
Comments
3 min read
A Talk about Logic Vulnerabilities of Android Components - Android Security

A Talk about Logic Vulnerabilities of Android Components - Android Security

2
Comments
34 min read
A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters

A Summary of Fuzzing Tools and Dictionaries For Bug Bounty Hunters

5
Comments
3 min read
A Brief Introduction to SAML Security Vector

A Brief Introduction to SAML Security Vector

8
Comments
29 min read
An Open Source apps Leads to XSS to RCE Vulnerability Flaws

An Open Source apps Leads to XSS to RCE Vulnerability Flaws

3
Comments
6 min read
Sophos XG Firewall Authentication bypass allowing Remote Code Execution - CVE-2022-1040

Sophos XG Firewall Authentication bypass allowing Remote Code Execution - CVE-2022-1040

2
Comments
8 min read
Cross-Site Scripting Vulnerabilities in Elementor Impact Over 65 Million Websites - CVE-2022-29455

Cross-Site Scripting Vulnerabilities in Elementor Impact Over 65 Million Websites - CVE-2022-29455

2
Comments
10 min read
How To Exploit PHP Remotely To Bypass Filters & WAF Rules

How To Exploit PHP Remotely To Bypass Filters & WAF Rules

5
Comments
6 min read
Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl

Exploiting Amazon Simple Notification Service Improper Validation of SigningCertUrl

2
Comments
8 min read
A Rolling-PWN Attack Vulnerability Leads to Unlock or Start Vehicles Remotely - CVE-2022-27254

A Rolling-PWN Attack Vulnerability Leads to Unlock or Start Vehicles Remotely - CVE-2022-27254

2
Comments
5 min read
A Talk About Java Serialization and Deserialization

A Talk About Java Serialization and Deserialization

1
Comments
6 min read
A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 2)

A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 2)

2
Comments
6 min read
A Heap Buffer Overflow in the Linux Kernal Leads to Root Privileges - CVE-2022-34918

A Heap Buffer Overflow in the Linux Kernal Leads to Root Privileges - CVE-2022-34918

2
Comments
11 min read
The Blind Exploits To Rule Watchguard Firewalls Vulnerabilities

The Blind Exploits To Rule Watchguard Firewalls Vulnerabilities

3
Comments
27 min read
Turning cookie based XSS into account takeover

Turning cookie based XSS into account takeover

2
Comments
7 min read
XSS vulnerabilities discovered in ServiceNow - CVE-2022-38463

XSS vulnerabilities discovered in ServiceNow - CVE-2022-38463

2
Comments
3 min read
A Mass Exploitation of Unauthenticated Zimbra RCE -- CVE-2022-27925

A Mass Exploitation of Unauthenticated Zimbra RCE -- CVE-2022-27925

3
Comments
10 min read
How to Fix MSDT Vulnerability using SCCM and Intune | CVE-2022-30190

How to Fix MSDT Vulnerability using SCCM and Intune | CVE-2022-30190

3
Comments
7 min read
The Fastjson “Auto Type Bypass” leads to RCE vulnerability - CVE-2022-25845

The Fastjson “Auto Type Bypass” leads to RCE vulnerability - CVE-2022-25845

4
Comments
7 min read
An OGNL Injection Remote Code Execution (RCE) Vulnerability on Atlassian Confluence (CVE-2022-26134)

An OGNL Injection Remote Code Execution (RCE) Vulnerability on Atlassian Confluence (CVE-2022-26134)

1
Comments
9 min read
The Various Utilization Methods of PHP Serialization & Deserialization

The Various Utilization Methods of PHP Serialization & Deserialization

6
Comments
22 min read
A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 1)

A Detailed Talk about K8S Cluster Security from the Perspective of Attackers (Part 1)

5
Comments
9 min read
Android Security : A Checklist For Exploiting WebView

Android Security : A Checklist For Exploiting WebView

2
Comments
11 min read
The Spring Data MongoDB SpEL Expression Injection Vulnerability - CVE-2022-22980

The Spring Data MongoDB SpEL Expression Injection Vulnerability - CVE-2022-22980

3
Comments
3 min read
A Detailed Brief About Offence and Defence on Cloud Security - Etcd Risks

A Detailed Brief About Offence and Defence on Cloud Security - Etcd Risks

3
Comments
9 min read
A Critical Vulnerability Leads to Remote Code Execution in Sophos Firewall - CVE-2022-1040

A Critical Vulnerability Leads to Remote Code Execution in Sophos Firewall - CVE-2022-1040

2
Comments 1
4 min read
Spring Actuator - Finding Actuators using Static Code Analysis - Part 2

Spring Actuator - Finding Actuators using Static Code Analysis - Part 2

1
Comments
10 min read
Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1:

Spring Actuator - Stealing Secrets Using Spring Actuators - Part 1:

1
Comments
9 min read
A Remote Code Execution in JXPath Library (CVE-2022-41852)

A Remote Code Execution in JXPath Library (CVE-2022-41852)

2
Comments
4 min read
The Linux Kernel Network Scheduler Vulnerabilities and Exploits - Privilege Escalation

The Linux Kernel Network Scheduler Vulnerabilities and Exploits - Privilege Escalation

Comments
17 min read
An Introduction to Smart Contracts Hacking and Attacks

An Introduction to Smart Contracts Hacking and Attacks

2
Comments
10 min read
loading...