Hacker News
- CUPS Local Privilege Escalation and Sandbox Escapes https://blog.gdssecurity.com/labs/2018/7/11/cups-local-privilege-escalation-and-sandbox-escapes.html 13 comments
- Reviewing Ethereum Smart Contracts https://blog.gdssecurity.com/labs/2017/9/27/reviewing-ethereum-smart-contracts.html 28 comments
- An Analysis of CVE-2017-5638 – how Equifax was hacked https://blog.gdssecurity.com/labs/2017/3/27/an-analysis-of-cve-2017-5638.html 18 comments
- Apple and Linux CUPS Local Privilege Escalation and Sandbox Escapes https://blog.gdssecurity.com/labs/2018/7/11/cups-local-privilege-escalation-and-sandbox-escapes.html 8 comments netsec
- ICS/SCADA Systems for Penetration Testers (Part 2): A Typical ICS/SCADA Engagement http://blog.gdssecurity.com/labs/2017/5/25/icsscada-systems-for-penetration-testers-a-typical-engagemen.html 33 comments netsec
- VMware vCenter Unauthenticated RCE using CVE-2017-5638 (Apache Struts 2 RCE) http://blog.gdssecurity.com/labs/2017/4/13/vmware-vcenter-unauthenticated-rce-using-cve-2017-5638-apach.html 4 comments netsec
- An In-Depth Analysis (code review, alt. attack vector) of the Struts RCE Vulnerability CVE-2017-5638 https://blog.gdssecurity.com/labs/2017/3/27/an-analysis-of-cve-2017-5638.html 6 comments netsec
- Introducing EvilAbigail: Evil Maid attacks against Linux full disk encryption http://blog.gdssecurity.com/labs/2015/12/23/introducing-evilabigail.html 69 comments netsec
- GDS - Blog - Automated Data Exfiltration with XXE http://blog.gdssecurity.com/labs/2015/4/29/automated-data-exfiltration-with-xxe.html 3 comments netsec
- Node.js Server-Side JavaScript Injection Detection & Exploitation http://blog.gdssecurity.com/labs/2015/4/15/nodejs-server-side-javascript-injection-detection-exploitati.html 9 comments netsec
- JetLeak Vulnerability: Remote Leakage Of Shared Buffers In Jetty Web Server [CVE-2015-2080] http://blog.gdssecurity.com/labs/2015/2/25/jetleak-vulnerability-remote-leakage-of-shared-buffers-in-je.html 27 comments netsec
- Docker Secure Deployment Guidelines http://blog.gdssecurity.com/labs/2015/1/12/docker-secure-deployment-guidelines.html 3 comments netsec
- Introducing Windows Exploit Suggester http://blog.gdssecurity.com/labs/2014/7/11/introducing-windows-exploit-suggester.html 11 comments netsec
- So, you've got Domain Admin in a pentest? So what? http://blog.gdssecurity.com/labs/2013/9/18/when-domain-admin-is-not-enough.html 18 comments netsec
- Walkthrough of exploiting Integer-based SQL Injection in Nested SQL Queries, with a worked example against McAfee EPO http://blog.gdssecurity.com/labs/2013/10/8/exploiting-integer-based-sql-injection-in-nested-sql-queries.html 2 comments netsec
- Writing an XSS Worm http://blog.gdssecurity.com/labs/2013/5/8/writing-an-xss-worm.html 9 comments netsec
- Retrieving Crypto Keys Via IOS Runtime Hooking http://blog.gdssecurity.com/labs/2013/3/5/retrieving-crypto-keys-via-ios-runtime-hooking.html 5 comments netsec