"ThreatPro: Multi-Layer Threat Analysis in the Cloud", 2022.
#Cloud_Security
#Threat_Research

"Unmasking WindTape: an in-depth analysis of OSX.WindTape", 2022.
#Malware_analysis

📚 t.iss.one/Library_Sec

"DaNuoYi: Evolutionary Multi-Task Injection Testing on Web Application Firewalls", 2022.

]-> Multitask Injection Generation Tool:
https://github.com/yangheng95/DaNuoYi

"Practically-exploitable Cryptographic Vulnerabilities in Matrix Communication Protocol", 2022.

#cryptography

"CacheQL: Quantifying and Localizing Cache Side-Channel Vulnerabilities in Production Software", 2022.

📚 t.iss.one/Library_Sec

HTB CheatSheet Labs

#HTB
📚

руководство OWASP на русском.
#OWASP
📚

"Switch Attacks and Countermeasures"

#Hardware
#Security

📚 t.iss.one/Library_Sec

#Red_Team

RedTeam With OneNote Sections

1. Not affected by Protected View/ MOTW
2. Allows embedding Malicious Excel/Word/PPT files that will be played without protected view
3. Allows embedding HTA, LNK, EXE files and spoof extensions
4. Possible to format document in a way user are tricked into opening a malicious file or a link

#Research
"Decap: Deprivileging Programs by Reducing Their Capabilities", 2022.

]-> Tools for BPF-based Linux IO analysis, networking, monitoring, and more:
https://github.com/iovisor/bcc

"Native function and Assembly Code Invocation", 2022.
]-> https://research.checkpoint.com/2022/native-function-and-assembly-code-invocation

📚 t.iss.one/Library_Sec

"Go Offensive Building Blocks", 2022.

📚

"Windows 11 Security Book: Powerful security from chip to cloud", 2022.

📚

📚 t.iss.one/Library_Sec

📚 t.iss.one/Library_Sec