Abusing Azure AD SSO with the Primary Refresh Token Security News & Discussion

---

• Abusing Azure AD SSO with the Primary Refresh Token
• HTML sanitization bypass in Ruby Sanitize < 5.2.1
• Sinking U-Boots with Depthcharge - an extensible Python 3 toolkit designed to aid security researchers when analyzing a customized, product-specific build of the U-Boot bootloader
• Zero Knowledge Proofs: An illustrated primer
• Raining SYSTEM Shells with Citrix Workspace app
• AVAST SecureLine VPN - Arbitrary File Creation Vulnerability
• harbian-qa: State-based target directed fuzzer based on syzkaller
• From APEX to Super-Admin | Salesforce Privilege Escalation Technique | Polyrize Threat Labs
• AVAIN - A Framework for the Automated Vulnerability Analysis in IP-based Networks
• Writeup: Pwnable.kr: Toddler's Bottle: Leg (FR)
• dazzleUP -Windows Privilege Escalation Checker
• Learning Linux Binary Exploitation Series (with pwnable.kr)
• Protecting Your Serverless Solution

Abusing Azure AD SSO with the Primary Refresh Token Posted: 22 Jul 2020 01:35 AM PDT submitted by /u/dirkjanm [link] [comments]

HTML sanitization bypass in Ruby Sanitize < 5.2.1 Posted: 22 Jul 2020 10:23 AM PDT submitted by /u/albinowax [link] [comments]

Sinking U-Boots with Depthcharge - an extensible Python 3 toolkit designed to aid security researchers when analyzing a customized, product-specific build of the U-Boot bootloader Posted: 22 Jul 2020 11:01 AM PDT submitted by /u/digicat [link] [comments]

Zero Knowledge Proofs: An illustrated primer Posted: 22 Jul 2020 02:01 PM PDT submitted by /u/unofishtank [link] [comments]

Raining SYSTEM Shells with Citrix Workspace app Posted: 22 Jul 2020 02:42 AM PDT submitted by /u/ZephrX112 [link] [comments]

AVAST SecureLine VPN - Arbitrary File Creation Vulnerability Posted: 22 Jul 2020 01:46 AM PDT submitted by /u/nafiez [link] [comments]

harbian-qa: State-based target directed fuzzer based on syzkaller Posted: 22 Jul 2020 01:14 AM PDT submitted by /u/citypw [link] [comments]

From APEX to Super-Admin | Salesforce Privilege Escalation Technique | Polyrize Threat Labs Posted: 21 Jul 2020 11:39 AM PDT submitted by /u/PolyrizeThreatLabs [link] [comments]

AVAIN - A Framework for the Automated Vulnerability Analysis in IP-based Networks Posted: 22 Jul 2020 06:06 AM PDT submitted by /u/ra1nb0rn [link] [comments]

Writeup: Pwnable.kr: Toddler's Bottle: Leg (FR) Posted: 22 Jul 2020 09:03 AM PDT submitted by /u/AGS42 [link] [comments]

dazzleUP -Windows Privilege Escalation Checker Posted: 21 Jul 2020 03:16 PM PDT submitted by /u/hlldz [link] [comments]

Learning Linux Binary Exploitation Series (with pwnable.kr) Posted: 21 Jul 2020 06:57 AM PDT submitted by /u/0xd3xt3r [link] [comments]

Protecting Your Serverless Solution Posted: 20 Jul 2020 06:47 AM PDT submitted by /u/alwaysResponsible [link] [comments]

You are subscribed to email updates from /r/netsec - Information Security News & Discussion. To stop receiving these emails, you may unsubscribe now.	Email delivery powered by Google
Google, 1600 Amphitheatre Parkway, Mountain View, CA 94043, United States