secure_email_transmission_protocols.pdf
3 MB
#Whitepaper
"Secure Email Transmission Protocols - A New Architecture Design", 2022.
📚 t.iss.one/Library_Sec
"Secure Email Transmission Protocols - A New Architecture Design", 2022.
📚 t.iss.one/Library_Sec
DirtyCred.pdf
14.3 MB
#exploit
BlackHat USA 2022:
"Cautious! A New Exploitation Method! No Pipe but as Nasty as Dirty Pipe"
]-> https://github.com/markakd/DirtyCred
]-> Defense: https://github.com/Markakd/DirtyCred/tree/master/defense
📰
📚
BlackHat USA 2022:
"Cautious! A New Exploitation Method! No Pipe but as Nasty as Dirty Pipe"
]-> https://github.com/markakd/DirtyCred
]-> Defense: https://github.com/Markakd/DirtyCred/tree/master/defense
📰
📚
iPhone_Lightning_hacking.pdf
10.2 MB
#reversing
"The hitchhacker’s guide to iPhone Lightning & JTAG hacking", DEF CON 30.
]-> https://github.com/stacksmashing/tamarin-firmware
📰
📚
"The hitchhacker’s guide to iPhone Lightning & JTAG hacking", DEF CON 30.
]-> https://github.com/stacksmashing/tamarin-firmware
📰
📚
Titan_BHUSA.pdf
4.2 MB
#Hardware_Security
BlackHat USA 2022:
"Attack on Google Titan M, Reloaded: Vulnerability Research on a Modern Security Chip"
]-> https://github.com/quarkslab/titanm
📰
📚
BlackHat USA 2022:
"Attack on Google Titan M, Reloaded: Vulnerability Research on a Modern Security Chip"
]-> https://github.com/quarkslab/titanm
📰
📚
freebsd_escalate.pdf
389.2 KB
#Whitepaper
"FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug (CVE-2022-23090)", 2022.
]-> https://accessvector.net/2022/freebsd-aio-lpe
📰
📚
"FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug (CVE-2022-23090)", 2022.
]-> https://accessvector.net/2022/freebsd-aio-lpe
📰
📚
evil_plc_attack.pdf
610.9 KB
#SCADA_Security
"Evil PLC Attack: Using a Controller as Predator Rather than Prey", 2022.
]-> https://claroty.com/team82/research/evil-plc-attack-using-a-controller-as-predator-rather-than-prey
📰
📚
"Evil PLC Attack: Using a Controller as Predator Rather than Prey", 2022.
]-> https://claroty.com/team82/research/evil-plc-attack-using-a-controller-as-predator-rather-than-prey
📰
📚
Practical_Symbolic_Engine.pdf
10.4 MB
#Malware_analysis
BlackHat USA 2022:
"Using a Practical Symbolic Engine to Detect Evasive Forms of Malware/Ransomware"
📰
📚
BlackHat USA 2022:
"Using a Practical Symbolic Engine to Detect Evasive Forms of Malware/Ransomware"
📰
📚
Invisible_Finger.pdf
2.3 MB
#Research
"Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices", 2022.
📰
📚
"Invisible Finger: Practical Electromagnetic Interference Attack on Touchscreen-based Electronic Devices", 2022.
📰
📚
Breaking_Firmware_Trust_From_Pre-EFI.pdf
9.4 MB
#Hardware_Security
"Breaking Firmware Trust From Pre-EFI: Exploiting Early Boot Phases"
]-> Community FwHunt Scanner:
https://github.com/binarly-io/fwhunt-scan
]-> FwHunt detection rules:
https://github.com/binarly-io/FwHunt/tree/main/rules
📰
📚
"Breaking Firmware Trust From Pre-EFI: Exploiting Early Boot Phases"
]-> Community FwHunt Scanner:
https://github.com/binarly-io/fwhunt-scan
]-> FwHunt detection rules:
https://github.com/binarly-io/FwHunt/tree/main/rules
📰
📚
race_against_sandbox.pdf
1.9 MB
#Whitepaper
"Race against the Sandbox", 2022.
// Root cause analysis of a Tianfu Cup bug to escape the Google Chrome sandbox (CVE-2022-21881).
📰
📚
"Race against the Sandbox", 2022.
// Root cause analysis of a Tianfu Cup bug to escape the Google Chrome sandbox (CVE-2022-21881).
📰
📚
Antivirus_Event_Analysis_CheatSheet_1.10.pdf
55.3 KB
#Infographics
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.10.0.
]-> https://www.nextron-systems.com/2022/08/13/antivirus-event-analysis-cheat-sheet-v1-10-0
📰
📚
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.10.0.
]-> https://www.nextron-systems.com/2022/08/13/antivirus-event-analysis-cheat-sheet-v1-10-0
📰
📚
asa_trojans.pdf
6.4 MB
#Hardware_Security
BlackHat USA 2022:
"Do Not Trust the ASA, Trojans!"
]-> Cisco ASA Software and ASDM Security Research:
https://github.com/jbaines-r7/cisco_asa_research
📰
📚
BlackHat USA 2022:
"Do Not Trust the ASA, Trojans!"
]-> Cisco ASA Software and ASDM Security Research:
https://github.com/jbaines-r7/cisco_asa_research
📰
📚
Backdooring_hijacking_AzureAD_accounts.pdf
2.2 MB
#Cloud_Security
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚
Stalloris.pdf
810.5 KB
#Research
"Stalloris: RPKI Downgrade Attack", 2022.
]-> https://i.blackhat.com/USA-22/Wednesday/US-22-Jeitner-Stalloris-RPKI-Downgrade-Attack.pdf
📰
📚
"Stalloris: RPKI Downgrade Attack", 2022.
]-> https://i.blackhat.com/USA-22/Wednesday/US-22-Jeitner-Stalloris-RPKI-Downgrade-Attack.pdf
📰
📚