ResearchHow to Handle Development Projects in a Pentest CompanyWhat’s in a Name? Writing custom DNS tunnelling protocol, exploiting unexpected AWS Lambda misconfiguration – in a web app Pen test (Part 2)<strong>Advisory CVE-2023-43042 – IBM Backup Products Superuser Information Disclosure</strong>Advisory: IDOR in Microsoft Teams Allows for External Tenants to Introduce MalwareOnline Machine Learning: how to integrate user feedbackImplementation and Dynamic Generation for Tasks in Apache Airflow</strong>Advisory CVE-2021-41550 Leostream Connection Broker - Authenticated Remote Code ExecutionAdvisory CVE-2021-41551 Leostream Connection Broker - Authenticated Zip SlipBurp Suite and Beyond: Exploring non-HTTP protocols using MITM_RELAYAdvisory CVE-2020-13769 – Ivanti Unified Endpoint Manager SQL injectionAdvisory CVE-2020-13772 - Ivanti Unified Endpoint Manager system information disclosureAdvisory CVE-2020-13773 - Ivanti Unified Endpoint Manager Reflected XSSDetecting known DLL hijacking and named pipe token impersonation attacks with SysmonAdvisory CVE-2020-13774 - Ivanti Unified Endpoint Manager authenticated RCE via file uploadAdvisory CVE-2020-13770 - Ivanti Unified Endpoint Manager named pipe token impersonation privilege escalationAdvisory CVE-2020-13771 - Ivanti Unified Endpoint Manager DLL search order hijacking privilege escalationShort introduction to Network Forensics and Indicators of Compromise (IoC)CVE 2015-7547 glibc getaddrinfo() DNS VulnerabilityResearch and Development