Start now

AckLab

Basics- Linux Events Logging

Basics- Linux Events Logging

In this post we will cover the basics of Event Logging in Linux systems. We will talk about Syslog: Message structure, the most famous implementations and main configurations.

In-depth Freemarker Template Injection

In-depth Freemarker Template Injection

During a recent engagement, our AppSec team faced an interesting instance of limited Server Side Template Injection in Freemarker.

An unusual case of Client SQL Injection

An unusual case of Client SQL Injection

It is widely known how dangerous using unsanitized data in SQL queries can be.

A walkthrough  of the new Windows 0 day released on twitter

A walkthrough of the new Windows 0 day released on twitter

Recently, a new zero-day vulnerability was made public following a Tweet from @SandboxEscaper, who claimed to be frustrated with Microsoft and their bug submission process.

Regarding the recently discovered RCE in Git

Regarding the recently discovered RCE in Git

Etienne Stalmans (@_staaldraad) recently discovered a Remote Code Execution vulnerability in the version-control software Git (CVE-2018-11235).

KRACK or “How WPA2 did not die”

KRACK or “How WPA2 did not die”

Mathy Vanhoefm published a set of attacks against the Wi-Fi security protocol WPA2 with the name Key Reinstallation Attacks, or KRACKS.

r2wars: Shall we play a game?

r2wars: Shall we play a game?

Between September 6 and 9, the second radare2 conference (r2con) took place in Barcelona. This security conference is mainly focused in radare2, an open-source framework for reverse engineering with a great and active community.

ELK on a Raspberry Pi

ELK on a Raspberry Pi

The internet is full of bad guys that are constantly scanning all IP addresses looking for unpatched services, misconfigured servers, or simply gathering information from new targets.