Vulnerability Analysis

Fcuk : Fuzzy CUDA Kernel

Fcuk, or Fuzzy CUDA Kernel, is an innovative library designed to leverage the power of CUDA for fuzzy string matching.…

1 month ago

CVE-2025-24813-PoC : Apache Tomcat 远程代码执行漏洞批量检测脚本

简介 CVE-2025-24813 是一个影响 Apache Tomcat 的远程代码执行(RCE)漏洞,允许攻击者通过发送一个 PUT 请求上传恶意的序列化会话文件,并通过 GET 请求触发反序列化,从而在服务器上执行任意代码。该漏洞已在野外被利用,且其利用条件相对简单,只需 Tomcat 使用文件存储会话且支持部分 PUT 请求即可。 脚本功能 CVE-2025-24813-PoC 脚本主要用于检测 Apache Tomcat 是否存在此漏洞。它支持批量检测和单个检测两种模式。…

1 month ago

OSCP : Navigating The Essential Toolkit For Penetration Testing

The OSCP (Offensive Security Certified Professional) certification is a highly respected credential in the cybersecurity industry, focusing on hands-on penetration…

1 month ago

ELF Loader And PS5-JAR-Loader : Tools For Enhanced Functionality

In the realm of PlayStation 5 (PS5) development, two significant tools have emerged to enhance the console's capabilities: the ELF…

1 month ago

WebHunt : A Dive Into Web App Testing For Bug Bounty Hunting

WebHunt is an innovative project that focuses on web application testing, particularly for bug bounty hunting. It leverages powerful tools…

1 month ago

Process Ghosting In Rust : Crafting Evasive Applications On Windows

Process ghosting is a sophisticated technique used to evade detection by security tools on Windows systems. It involves creating a…

1 month ago

eWPTX Preparion : Essential Tools And Functions

The eWPTX (eLearnSecurity Web Application Penetration Tester Extreme) certification is a challenging credential that validates an individual's advanced skills in…

1 month ago

CPUMicrocodes : A Gateway To Advanced CPU Microcode Management And Optimization

CPUMicrocodes is a comprehensive repository of microcodes for Intel, AMD, VIA, and Freescale CPUs. Microcode is a low-level firmware that…

1 month ago

2025-03-04 (Tuesday) : Group Claiming To Be BianLian Sends Paper-Based Extortion Letters via Postal Service

On March 4, 2025, a group claiming to be the notorious threat actor BianLian began sending paper-based extortion letters to…

1 month ago

DE-TH-Aura : Detection Engineering And Threat Hunting By SecurityAura

DE-TH-Aura, an initiative by SecurityAura, focuses on enhancing detection engineering and threat hunting capabilities using KQL (Kusto Query Language). This…

1 month ago