Simple type confusion bug in an Intel GPU COM service which is accessible from Edge LPAC + Chrome GPU. Shows how a type confused SAFEARRAY leads to arbitrary code execution.
a critical vulnerability that allows for a complete, silent man-in-the-middle of PGP traffic in Enigmail(Pentest-Report Enigmail by Cure53)
tools Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
tools alerting-detection-strategy-framework(ADS)：A framework for developing alerting and detection strategies for incident response.