Websec Cybersecurity Blog
Expert insights, trends, research findings, and best practices from our security team to help you strengthen your organization's security posture.
Featured Article
Our most important cybersecurity insight
A Comparison Between the Real User ID and the Effective User ID is not Enough to Prevent Privilege Escalation
In Unix-like systems, processes have a real and effective user ID determining their access permissions. While usually identical, they can differ in situations like when the setuid bit is activated in executables.
Ncrack and Nmap NSE development for offense and defense - DEFCON CHINA
Paulino Calderon (@calderpwn) represented Websec in the first edition in China of the world-renowned DEFCON event. Here we share all the material of your workshop.
Belkin Wemo Switch NMap Scripts
Belkin Wemo Switch Smart Plug is a network controlled power outlet. The current firmware version does not requiere authentication to switch the power ON or OFF or to gather information such as nearby wireless networks. Two NMap scripts have been published
New publication: Mastering the Nmap Scripting Engine
We invite you to learn more about the latest publication from our team, "Mastering the Nmap Scripting Engine".
Remote credential and configuration disclosure of Huawei HG5XX devices using Nmap.
A new NSE script called "http-huawei-hg5xx-vuln" has been added to Nmap which exploits a couple of vulnerabilities found in Huawei HG5XX modems.