#WLAN_Security
BlackHat USA 2022:
"New Attack Surfaces of Bluetooth Mesh"
📰
📚

📚 t.iss.one/Library_Sec

#Tech_book
"Database Security: Problems and Solutions", 2022.
📰
📚

#Research
"Save The Environment (Variable):
Hijacking Legitimate Applications With a Minimal Footprint", DEF CON 30.
]-> https://www.wietzebeukema.nl/blog/save-the-environment-variables
📰
📚

#Research
"Is WebAssembly Really Safe? --Wasm VM Escape and RCE Vulnerabilities Have Been Found in New Way"

]-> Tool: https://github.com/ha1vk/blackhat_wasm
📰
📚

📚 t.iss.one/Library_Sec

Download Albanian Databases: Name, Surname, National Code, Phone Numbers

HomeLandJustice.ru

#Offensive_security
BlackHat USA 2022:
"Let's Dance in the Cache: Destabilizing Hash Table on Microsoft IIS"
📰
📚

#Research
#reversing
"RE-Mind: a First Look Inside the Mind of a Reverse Engineer", 31st USENIX, 2022.

]-> Code for UI, backend, engine and statistical analysis for RE:
https://github.com/elManto/REmind
📰
📚

📚 t.iss.one/Library_Sec

#Threat_Research
BlackHat USA 2022:
"Internal Server Error: Exploiting Inter-Process Communication in SAP's HTTP Server"

]-> Whitepaper (.pdf): https://i.blackhat.com/USA-22/Wednesday/US-22-Doyhenard-Internal-Server-Error-wp.pdf
📰
📚

#Offensive_security
BlackHat USA 2022:
"ELF Section Docking Revisiting Stageless Payload Delivery"

]-> ELF Sectional docking payload injector system:
https://github.com/xforcered/elfpack
📰
📚

#tools
#Blue_Team
BlackHat USA 2022:
"Taking Kerberos To The Next Level"

]-> Set of tools to analyze Windows sandboxes for exposed attack surface:
https://github.com/googleprojectzero/sandbox-attacksurface-analysis-tools
📰
📚

📚 t.iss.one/Library_Sec

#tools
BlackHat USA 2022:
"Blasting Event-Driven Cornucopia: WMI-based User-Space Attacks Blind SIEMs and EDRs"

]-> MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x/EPT features:
https://github.com/IgorKorkin/MemoryRanger
📰
📚