Antivirus_Event_Analysis_CheatSheet_1.10.pdf
55.3 KB
#Infographics
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.10.0.
]-> https://www.nextron-systems.com/2022/08/13/antivirus-event-analysis-cheat-sheet-v1-10-0
📰
📚
#Malware_analysis
Antivirus Event Analysis Cheat Sheet, ver. 1.10.0.
]-> https://www.nextron-systems.com/2022/08/13/antivirus-event-analysis-cheat-sheet-v1-10-0
📰
📚
asa_trojans.pdf
6.4 MB
#Hardware_Security
BlackHat USA 2022:
"Do Not Trust the ASA, Trojans!"
]-> Cisco ASA Software and ASDM Security Research:
https://github.com/jbaines-r7/cisco_asa_research
📰
📚
BlackHat USA 2022:
"Do Not Trust the ASA, Trojans!"
]-> Cisco ASA Software and ASDM Security Research:
https://github.com/jbaines-r7/cisco_asa_research
📰
📚
Backdooring_hijacking_AzureAD_accounts.pdf
2.2 MB
#Cloud_Security
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚
Stalloris.pdf
810.5 KB
#Research
"Stalloris: RPKI Downgrade Attack", 2022.
]-> https://i.blackhat.com/USA-22/Wednesday/US-22-Jeitner-Stalloris-RPKI-Downgrade-Attack.pdf
📰
📚
"Stalloris: RPKI Downgrade Attack", 2022.
]-> https://i.blackhat.com/USA-22/Wednesday/US-22-Jeitner-Stalloris-RPKI-Downgrade-Attack.pdf
📰
📚
Pulling_Psw_out_of_Configuration_Mng.pdf
8.5 MB
#tools
#Offensive_security
"Pulling Passwords out of Configuration Manager: Practical Attacks against Microsoft's Endpoint Management Software", 2022.
]-> PXEThief - set of tooling that can extract passwords from the OS Deployment functionality in MS Endpoint Conf. Manager:
https://github.com/MWR-CyberSec/PXEThief
📰
📚
#Offensive_security
"Pulling Passwords out of Configuration Manager: Practical Attacks against Microsoft's Endpoint Management Software", 2022.
]-> PXEThief - set of tooling that can extract passwords from the OS Deployment functionality in MS Endpoint Conf. Manager:
https://github.com/MWR-CyberSec/PXEThief
📰
📚
SSH_Analysis.pdf
506.6 KB
#Research
"Oh SSH-it, what's my fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS", 2022.
📰
📚
"Oh SSH-it, what's my fingerprint? A Large-Scale Analysis of SSH Host Key Fingerprint Verification Records in the DNS", 2022.
📰
📚
comrace.pdf
923.3 KB
#Research
"COMRACE: Detecting Data Race Vulnerabilities in COM Objects", 2022.
]-> Slides (.pdf): https://www.usenix.org/system/files/sec22_slides-gu-fangming.pdf
📰
📚
"COMRACE: Detecting Data Race Vulnerabilities in COM Objects", 2022.
]-> Slides (.pdf): https://www.usenix.org/system/files/sec22_slides-gu-fangming.pdf
📰
📚
Detect_kernel_exploits.pdf
1 MB
#Offensive_security
BlackHat USA 2022:
"Return to sender - Detecting kernel exploits with eBPF"
]-> Tool: https://github.com/Gui774ume/krie
📰
📚
BlackHat USA 2022:
"Return to sender - Detecting kernel exploits with eBPF"
]-> Tool: https://github.com/Gui774ume/krie
📰
📚
Save_the_Environment.pdf
3.1 MB
#Research
"Save The Environment (Variable):
Hijacking Legitimate Applications With a Minimal Footprint", DEF CON 30.
]-> https://www.wietzebeukema.nl/blog/save-the-environment-variables
📰
📚
"Save The Environment (Variable):
Hijacking Legitimate Applications With a Minimal Footprint", DEF CON 30.
]-> https://www.wietzebeukema.nl/blog/save-the-environment-variables
📰
📚
WebAssembly_Really_Safe.pdf
1.3 MB
#Research
"Is WebAssembly Really Safe? --Wasm VM Escape and RCE Vulnerabilities Have Been Found in New Way"
]-> Tool: https://github.com/ha1vk/blackhat_wasm
📰
📚
"Is WebAssembly Really Safe? --Wasm VM Escape and RCE Vulnerabilities Have Been Found in New Way"
]-> Tool: https://github.com/ha1vk/blackhat_wasm
📰
📚