#tools
#Offensive_security
"Exploring Widevine for Fun and Profit", 2022.

]-> Widevine Key Ladder Script (Python3):
https://github.com/Avalonswanderer/widevine_key_ladder
]-> A tool to trace Widevine execution in Android and dump buffers: https://github.com/Avalonswanderer/wideXtractor

Nowadays, people prefer media consumption on over-the￾top platforms (OTT), such as Netflix and Amazon Prime, that distribute multimedia content over the Internet, allowing users to play them whenever they wish. Such ease of viewing the same videos across devices creates challenges for content producers and owners.

#Offensive_security
"Device Tracking via Linux’s New TCP Source Port Selection Algorithm", 2022.

Online browser-based device tracking is a widespread prac￾tice, employed by many Internet websites and advertisers. It allows identifying users across multiple sessions and websites on the Internet.
]-> Repo: https://github.com/0xkol/rfc6056-device-tracker

📚 t.iss.one/Library_Sec

#Offensive_security
"Virtual Machine Detection In The Browser"
]-> https://bannedit.github.io/Virtual-Machine-Detection-In-The-Browser.html

Virtual Machine (VM) detection is nothing new. Malware has been doing it for over a decade now. Over time the techniques have advanced as defenders learned new ways of avoiding VM detection.

📚 t.iss.one/Library_Sec

#Offensive_security
"Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection"


Process Injection is a technique to hide code behind benign and/or system processes. This technique is usually used by malwares to gain stealthiness while performing malicious operations on the system. AVs/EDR solutions are aware of this technique and create detection patterns to identify and kill this "class" of attacks.

📚

#Offensive_security
BlackHat USA 2022:
"Living Off the Walled Garden: Abusing the Features of the Early Launch Antimalware Ecosystem"
]-> https://gist.github.com/mattifestation/660d7e17e43e8f32c38d820115274d2e

#Cloud_Security
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚

#tools
#Offensive_security
"Pulling Passwords out of Configuration Manager: Practical Attacks against Microsoft's Endpoint Management Software", 2022.

]-> PXEThief - set of tooling that can extract passwords from the OS Deployment functionality in MS Endpoint Conf. Manager:
https://github.com/MWR-CyberSec/PXEThief
📰
📚

#Offensive_security
BlackHat USA 2022:
"Return to sender - Detecting kernel exploits with eBPF"

]-> Tool: https://github.com/Gui774ume/krie
📰
📚

#Offensive_security
BlackHat USA 2022:
"Let's Dance in the Cache: Destabilizing Hash Table on Microsoft IIS"
📰
📚

#Offensive_security
BlackHat USA 2022:
"ELF Section Docking Revisiting Stageless Payload Delivery"

]-> ELF Sectional docking payload injector system:
https://github.com/xforcered/elfpack
📰
📚