Juniper VPN client with remote desktop lets an attacking spawn Internet Explorer prior to authentication.

Secunia Security Advisory - A vulnerability has been reported in Juniper Networks Secure Access, which can be exploited by malicious people to bypass certain security restrictions.

An ICMPv6 router announcement flooding denial of service vulnerability affects multiple systems including Cisco, Juniper, Microsoft, and FreeBSD. Cisco has addressed the issue but Microsoft has decided to ignore it.

Secunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to cause a DoS (Denial of Service).

Secunia Security Advisory - A vulnerability has been reported in Juniper Junos, which can be exploited by malicious people to bypass certain security restrictions.

Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory - A vulnerability has been reported in Juniper IVE OS, which can be exploited by malicious people to conduct cross-site scripting attacks.

Secunia Security Advisory - Dell SecureWorks has reported a vulnerability in Juniper Networks Mobility System, which can be exploited by malicious people to conduct cross-site scripting attacks.

This is a presentation called Router Exploitation. It was given at BlackHat 2009. It discusses various vendors such as Cisco, Juniper, Huawei, and more.

Secunia Security Advisory - A vulnerability has been reported in Juniper JunosE, which can be exploited by malicious people to cause a DoS (Denial of Service).

Juniper Secure Access software suffers from a reflective cross site scripting vulnerability.

Juniper JunOS version 9.x suffers from a html injection vulnerability that allows for cross site scripting attacks.

A special crafted ICMP ECHO REQUEST can cause a denial of service condition on the Juniper SSG20.

Certain Secure Access SA Series SSL VPN products (originally developed by Juniper Networks but now sold and supported by Pulse Secure, LLC) allow privilege escalation, as demonstrated by Secure Access SSL VPN SA-4000 5.1R5 (build 9627) 4.2 Release (build 7631). This occurs because appropriate controls are not performed.

This whitepaper is a study that gives an overview about what methodology a hacker uses to hack into a system, discusses a theft of millions from the central bank of Bangladesh, and more.

Whitepaper called DevSecOps: A Secure Approach.

Whitepaper called Blue Team vs. Red Team: How to run your encrypted binaries in memory and go undetected. This paper discusses the golden frieza project.

This is a brief whitepaper that discusses fuzzing the VIM editor.

Whitepaper called Skippipe: Skipping the watermark in digital content.

Whitepaper called Windows User Accounts Penetration Testing. Written in Persian.

CarolinaCon, which was to be hosted in Charlotte at the Embassy Suites April 10th through the 11th, 2020, has been postponed due to COVID-19.

REVULN 20x3 is an international conference taking place on September 9th through the 10th, 2020 in Bangkok (Thailand) at Ibis Styles Bangkok Sukhumvit Phra Khanong.

This document illustrates the manual exploitation of the vulnerability found in the Intel Active Management Technology in 2017 that stripped off the primary authentication mechanism in the Intel AMT web interface.

Whitepaper called Solving Computer Forensic Case Using Autopsy.

The call for papers for H2HC 17th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 24th through the 25th of 2020.

This whitepaper is a quick tutorial on pentesting the Zen load balancer.

Whitepaper called From Zero Credentials to Full Domain Compromise. This paper covers techniques penetration testers can use in order to accomplish an initial foothold on target networks and achieve full domain compromise without executing third party applications or reusing clear text credentials.

This is a whitepaper that discusses using DCSync to pull password hashes from a domain controller.

This is a whitepaper tutorial that walks through creating a proof of concept exploit for a remote command execution vulnerability in NagiosXI version 5.6.

This is a whitepaper tutorial that walks through creating a proof of concept exploit for a pre-authentication remote command execution vulnerability in Symantec Web Gateway version 5.0.2.8.

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote command execution vulnerabilities in NagiosXI version 5.6.11.

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in ManageEngine version 14.

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote code execution vulnerabilities in Symantec Web Gateway version 5.0.2.8.

This is a whitepaper tutorial that describes steps taken to identify post-authentication remote SQL injection vulnerabilities in Centreon version 19.10-3.el7.

Whitepaper called Azure Cloud Penetration Testing.

Whitepaper called Exploiting CAN-Bus using Instrument Cluster Simulator.

Whitepaper called Bypassing Root Detection Mechanism. Written in Persian.