A cheat sheet for pentesters and researchers about deserialization vulnerabilities in various Java (JVM) serialization libraries. Please, use #javadeser hash…
C# port of ZeroMemoryEx's Terminator, so all hail goes to him. Usage You can download the driver from a remote…
Interactive PDF Analysis (also called IPA) allows any researcher to explore the inner details of any PDF file. PDF files…
Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard,…
NyxInvoke is a versatile Rust-based tool designed for executing .NET assemblies, PowerShell commands/scripts, and Beacon Object Files (BOFs) with built-in…
Usman Sikander (a.k.a Offensive-Panda) is a seasoned security professional specializing in adversary emulation, malware development, malware analysis, and red teaming.…
HikvisionExploiter is a Python-based utility designed to automate exploitation and directory accessibility checks on Hikvision network cameras exploiting the Web…
Shwmae (shuh-my) is a Windows Hello abuse tool that was released during DEF CON 32 as part of the Abusing…
A sophisticated tool designed for exploiting vulnerabilities in Android devices. This article dives into the features of AdbNet, offering a…
This project showcases the vulnerability research that we conducted on Quick Share, which we presented at DEF CON 32 (2024).…