EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

A new ongoing campaign dubbed EleKtra-Leak has set its eyes on exposed Amazon Web Service AWS identity and access management IAM credentials within public GitHub repositories to facilitate cryptojacking activities. "As a result of this, the threat actor associated with the campaign was able to...

Apple’s notarization process fails to protect

In macOS Mojave, Apple introduced the concept of notarization, a process that developers can go through to ensure that their software is malware-free and must go through for their software to run on macOS Catalina. This is meant to be another layer in Apples protection against malware...

laravelN00b - Automated Scan .env Files And Checking Debug Mode In Victim Host

Incorrect configuration allows you to access .env files or reading env variables. LaravelN00b automated scan .env files and checking debug mode in victim host. Scan rationale Scan host. Resolve IP adress and check .env file in IP Adress Checking debug mode Laravel Read .env variables Installation...

Netvolution CMS 2.x - SQL Injection Script

Netvolution CMS 2.x - SQL Injection Script !/usr/bin/perl Exploit Title: Netvolution exploit script for CMS Version = 2.xx.xx.xx Date: 10/6/2010 Sotware Link: www.netvolution.net Bug found : amquen, krumel Exploited by: krumel Exploit Coded: mr.pr0n Many thanks to icesurfer author of SQLNINJA and...