Seclog - #109

RosecurifyRosecurify
2 min read

📚 SecMisc

  • Tetris in a PDF - A fascinating way to play Tetris right inside a PDF document. Read More

  • Exploiting Number Parsers in JavaScript - Discover vulnerabilities in JavaScript number parsers. Read More

  • Gitxray: a Security X-Ray for GitHub Repositories - Insights into Gitxray's repository scanning capabilities. Read More

  • Labs and Semgrep Rules - Diving into unsafe unpacking and secure coding with Semgrep. Read More

  • AWS re:Invent 2024: Security Recap - Key takeaways from AWS’s security, identity, and compliance updates. Read More

  • Fast Unauthenticated Role Scanning - Techniques for identifying unauthenticated roles. Read More

  • Deep Dive - AWS Organization Policies (Part 1) - Analyzing AWS Organization Policies in detail. Read More

  • 2024 CVE Data Review - Comprehensive review of CVE data from 2024. Read More

  • OSV - Open Source Vulnerabilities - A review of 2024's open-source vulnerability landscape. Read More

  • How Google Does It: Modernizing Threat Detection - Learn Google's approach to advanced threat detection. Read More

  • 3 Takeaways from Red Teaming 100 Generative AI Products - Insights into generative AI security challenges. Read More

  • Passkeys: Simpler and Safer Alternative to Passwords - Exploring the future of authentication with passkeys. Read More

  • The First Password on the Internet - A look back at the origins of internet passwords. Read More

  • Discovering Hidden Vulnerabilities in Portainer with CodeQL - Using CodeQL to identify hidden vulnerabilities in Portainer. Read More

  • 2024 CVEs in Review - Detailed review of significant CVEs from 2024. Read More

  • Finding SSRFs in Azure DevOps - Identifying server-side request forgery vulnerabilities in Azure DevOps. Read More

🎥 SecVideo

  • BLOB Based Phishing Scams - Learn about innovative phishing tactics using BLOB files. Watch Here

💻 SecGit

  • 100DaysofYARA/2025 - Community-shared YARA rules from the 100 Days of YARA 2025 challenge. Explore on GitHub

  • TURROKS/CVE_Prioritizer - A tool to prioritize CVEs using CVSS, EPSS, and CISA data. Explore on GitHub

  • utkusen/baitroute - A web honeypot library for detecting and misleading attackers. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com

0
Subscribe to my newsletter

Read articles from Rosecurify directly inside your inbox. Subscribe to the newsletter, and don't miss out.

seclogSecurity

Written by

Rosecurify
Rosecurify