HyperDbg.pdf
3.7 MB
#Hardware_Security
"HyperDbg: Reinventing Hardware-Assisted Debugging", 2022.
]-> Repo: https://github.com/HyperDbg/HyperDbg
📰
📚
"HyperDbg: Reinventing Hardware-Assisted Debugging", 2022.
]-> Repo: https://github.com/HyperDbg/HyperDbg
📰
📚
retbleed.pdf
473.1 KB
#Research
"RETBLEED: Arbitrary Speculative Code Execution with Return Instructions", 2022.
]-> https://comsec.ethz.ch/research/microarch/retbleed
]-> Repo: https://github.com/comsec-group/retbleed
📰
📚
"RETBLEED: Arbitrary Speculative Code Execution with Return Instructions", 2022.
]-> https://comsec.ethz.ch/research/microarch/retbleed
]-> Repo: https://github.com/comsec-group/retbleed
📰
📚
Neurotoxin.pdf
1.3 MB
#Research
"Neurotoxin: Durable Backdoors in Federated Learning", 2022.
]-> Repo: https://github.com/jhcknzzm/Federated-Learning-Backdoor
📰
📚
"Neurotoxin: Durable Backdoors in Federated Learning", 2022.
]-> Repo: https://github.com/jhcknzzm/Federated-Learning-Backdoor
📰
📚
fugio.pdf
589.6 KB
#Research
"FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities", USENIX 2022.
]-> Repo: https://github.com/WSP-LAB/FUGIO
📰
📚
"FUGIO: Automatic Exploit Generation for PHP Object Injection Vulnerabilities", USENIX 2022.
]-> Repo: https://github.com/WSP-LAB/FUGIO
📰
📚
link.pdf
962.1 KB
#Research
"Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning", 2022.
]-> Repo: https://github.com/WSP-LAB/Link
📰
📚
"Link: Black-Box Detection of Cross-Site Scripting Vulnerabilities Using Reinforcement Learning", 2022.
]-> Repo: https://github.com/WSP-LAB/Link
📰
📚
DeepAID.pdf
3.4 MB
#Research
"DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications", 2021.
]-> Repo: https://github.com/dongtsi/DeepAID
📰
📚
"DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications", 2021.
]-> Repo: https://github.com/dongtsi/DeepAID
📰
📚
8_ways_compromise_ADFS.pdf
1.8 MB
#hardening
#Cloud_Security
"Eight ways to compromise AD FS certificates", 2022.
]-> Best practices for securing Active Directory Federation Services:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs#enable-protection-to-prevent-by-passing-of-cloud-azure-ad-multi-factor-authentication-when-federated-with-azure-ad
📰
📚
#Cloud_Security
"Eight ways to compromise AD FS certificates", 2022.
]-> Best practices for securing Active Directory Federation Services:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs#enable-protection-to-prevent-by-passing-of-cloud-azure-ad-multi-factor-authentication-when-federated-with-azure-ad
📰
📚
poor_man's_obfuscator.pdf
5.7 MB
#Whitepaper
"The Poor Man's Obfuscator:
Pass The Salt 2022".
https://www.romainthomas.fr/publication/22-pst-the-poor-mans-obfuscator
// This paper is to present ELF/Mach-O transformations which impact or hinder disassemblers like IDA, BinaryNinja, Ghidra, Radare2
]-> Binary/scripts:
https://github.com/romainthomas/the-poor-mans-obfuscator
📰
📚
"The Poor Man's Obfuscator:
Pass The Salt 2022".
https://www.romainthomas.fr/publication/22-pst-the-poor-mans-obfuscator
// This paper is to present ELF/Mach-O transformations which impact or hinder disassemblers like IDA, BinaryNinja, Ghidra, Radare2
]-> Binary/scripts:
https://github.com/romainthomas/the-poor-mans-obfuscator
📰
📚
Machine_learning-based_ransomware_detect.pdf
1 MB
#Research
"Machine Learning-based Ransomware Detection Using Low-level Memory Access Patterns Obtained From Live-forensic Hypervisor", 2022.
📰
📚
"Machine Learning-based Ransomware Detection Using Low-level Memory Access Patterns Obtained From Live-forensic Hypervisor", 2022.
📰
📚
ebpf_offensive_rootkit.pdf
5.4 MB
#Research
#Malware_analysis
"An analysis of offensive capabilities of eBPF and implementation of a rootkit", 2022.
]-> A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities:
https://github.com/h3xduck/TripleCross
📰
📚
#Malware_analysis
"An analysis of offensive capabilities of eBPF and implementation of a rootkit", 2022.
]-> A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities:
https://github.com/h3xduck/TripleCross
📰
📚