Browse through all the posts from the most recent to the oldest and enjoy all the content.
This lab's administration interface has an authentication bypass vulnerability, but it is impractical to exploit without knowledge of a custom HTTP header used by the front-end.
This lab leaks its source code via backup files in a hidden directory. To solve the lab, identify and submit the database password, which is hard-coded in the leaked source code.
This lab contains a debug page that discloses sensitive information about the application. To solve the lab, obtain and submit the SECRET_KEY environment variable.
A full guide on selfhosting Outline with Docker, Digital Ocean, Cloudflare, and Discord OAuth - Blog by SH3LL
This blog serves to be an updated guide on how to install Bootloader/Fastboot drivers for your Android device. I will be using the Google drivers in this tutorial, so no suspicious downloads will be used at all in this blog!
The Ghost/Cring Ransomware Gang's Unique Success; DMARC Required Under PCI DSS On March 31st of 2025; Apple Removes iCloud Encryption for UK; Recent High Efficacy Social Engineering Tactics; North Korean-Linked Attackers Stole $1.46 Billion in Crypto From Bybit Exchange
This lab discloses sensitive information via its version control history. To solve the lab, obtain the password for the administrator user then log in and delete the user carlos.
In this blog post, we are discussing the negatives of webcam surveillance
This cyber threat intelligence investigation hunts ghosts - seeking to answer why the Ghost/Cring ransomware gang is so successful at eluding security researchers and being profitable, especially when they avoid phishing in favor of targeting known-vulnerabilities in internet-facing systems.
This app contains some unique keys. Can you get one?
