GoSecure Blog

FindSecBugs officially an OWASP project

Contribute to Open Source with Hacktoberfest at GoSecure!

Butor Portal Arbitrary File Download Vulnerability (CVE-2019-13343)

Drugs, Guns, Fake documents, Hitmen... What I expected and much more!

Fuzzing Closed Source PDF Viewers

Automating local DTD discovery for XXE exploitation

Java Remote Code Execution Potpourri

ESI Injection Part 2: Abusing specific implementations

Abusing Unsafe Defaults in Active Directory Domain Services: A Real-World Case Study

RDP Man-in-the-Middle - Smile! You're on Camera

Summary of Statistics Canada's Survey on Cyber Security and Cybercrime

The Supply Chain behind the Market for Fake "Likes"

Large Scale Vulnerability Scanning with Jenkins

Throwing it out the Windows: Exfiltrating Active Directory credentials through DNS

Upcoming WEIS presentation: Ransomware Payment in the Bitcoin Ecosystem

GoSecure Merges with CounterTack

Beware of the Magic SpEL(L) - Part 2 (CVE-2018-1260)

Beware of the Magic SpEL(L) - Part 1 (CVE-2018-1273)

How I Indexed the Darknet and Pastebin During My First University Internship

Beyond XSS: Edge Side Include Injection

IDC Technology and Customer Spotlights

Chaos: a Stolen Backdoor Rising Again

Our Experience around Fake Follower Factories

Why you should consider Kotlin for Burp extension development

VMware Horizon (V4H/V4PA) desktop agent privilege escalation vulnerability (CVE-2017-4946)

Can We Trust Social Media Data? Social Network Manipulation by an IoT Botnet

Building a Content Security Policy configuration with CSP Auditor

Opinion: Petya, NotPetya and what's wrong with our industry?

An Introduction to Application Security

Detecting deserialization bugs with DNS exfiltration

Introducing Malboxes: a Tool to Build Malware Analysis Virtual Machines

Cisco2Checkpoint - a Cisco to Checkpoint Conversion Tool

Embedded Prank: Christmas Spirit Injection for your VoIP Phone

BlackHat Europe 2016: Ego-Market

Modern Static Analysis for .NET

Exposing the EGO MARKET: the cybercrime performed by the Linux/Moose botnet

Find Security Bugs: the open-source Java static analysis tool

Our blog moved!

Auditing CSP headers with Burp and ZAP

Detecting Hidden Backdoors in PHP OPcache

Oracle PeopleSoft: still a threat for enterprises

Binary Webshell Through OPcache in PHP 7

Your credentials at risk with Lansweeper 5

On the road to AtlSecCon

XSS for ASP.net developers

GoSecure proud to support AtlSecCon and NorthSec 2016

Internet of Threats, an OWASP Montreal Presentation

Subscribe to Email Updates

Recent Posts