Or Maypril 319 but who is counting.
Here's an OLD Visual Studio project that gets AES keys from running applications. Seems to still work!
https://github.com/mmozeiko/aes-finder
Another writeup on my current favorite bug, HTTP Request Smuggling.
https://labs.bishopfox.com/tech-blog/h2c-smuggling-request-smuggling-via-http/2-cleartext-h2c
Via Matt Groves, this tool tests CouchBase databases for injection. Pretty slick.
https://github.com/FSecureLABS/N1QLMap
Neat article on using Fuzzilli to fuzz JavaScript engines using an intermediate language.
https://blog.doyensec.com/2020/09/09/fuzzilli-jerryscript.html
Cool breakdown on using Mobile Device Management to get RCE on devices.
https://blog.orange.tw/2020/09/how-i-hacked-facebook-again-mobileiron-mdm-rce.html?m=1
That's the news folks. Stay safe.