It's no secret that Artificial Intelligence and Large Language Models are dominating the technology industry in 2023. After years of speculation and predictions, ChatGPT burst onto the scene in November last year and quickly became an overnight sensation. This explosion in AI adoption and the seemingly endless possibilities inspired me to start building programs that … Continue reading Exploring The Integration of Artificial Intelligence and Cybersecurity with PhishText.Ai
Category: Research
Finding and Disclosing My First CVE’s
CVE’s, short for Common Vulnerabilities and Exposures, are a reference model for publicly known security vulnerabilities. Whenever a vulnerability is identified and disclosed, a new CVE can be requested and issued to document this vulnerability. Over time, as countless vulnerabilities have been discovered and documented, CVE’s have become the de facto method to classify vulnerabilities … Continue reading Finding and Disclosing My First CVE’s
CVE-2021-40444 PoC Demonstration
Introduction This week, a new zero-day vulnerability was disclosed affecting Microsoft Office applications. CVE-2021-40444 made waves throughout the cybersecurity industry for its ability to perform remote code execution on Windows operating systems with minimal interaction from the user. By simply opening a specially crafted Microsoft Office document, remote code execution could be obtained. Within a … Continue reading CVE-2021-40444 PoC Demonstration
Spoofing an Android Phone to Exploit the Razer Local Privilege Escalation Vulnerability
Intro Last Sunday, on a particularly lazy afternoon, I came across a Tweet that caught my attention. It was a demonstration of a local privilege escalation vulnerability that is possible when plugging in a Razer device to any Windows machine. The TL;DR of this vulnerability is that Windows identifies the drivers and software required for … Continue reading Spoofing an Android Phone to Exploit the Razer Local Privilege Escalation Vulnerability
KentoSec 