DeepAID.pdf
3.4 MB
#Research
"DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications", 2021.
]-> Repo: https://github.com/dongtsi/DeepAID
📰
📚
"DeepAID: Interpreting and Improving Deep Learning-based Anomaly Detection in Security Applications", 2021.
]-> Repo: https://github.com/dongtsi/DeepAID
📰
📚
8_ways_compromise_ADFS.pdf
1.8 MB
#hardening
#Cloud_Security
"Eight ways to compromise AD FS certificates", 2022.
]-> Best practices for securing Active Directory Federation Services:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs#enable-protection-to-prevent-by-passing-of-cloud-azure-ad-multi-factor-authentication-when-federated-with-azure-ad
📰
📚
#Cloud_Security
"Eight ways to compromise AD FS certificates", 2022.
]-> Best practices for securing Active Directory Federation Services:
https://docs.microsoft.com/en-us/windows-server/identity/ad-fs/deployment/best-practices-securing-ad-fs#enable-protection-to-prevent-by-passing-of-cloud-azure-ad-multi-factor-authentication-when-federated-with-azure-ad
📰
📚
poor_man's_obfuscator.pdf
5.7 MB
#Whitepaper
"The Poor Man's Obfuscator:
Pass The Salt 2022".
https://www.romainthomas.fr/publication/22-pst-the-poor-mans-obfuscator
// This paper is to present ELF/Mach-O transformations which impact or hinder disassemblers like IDA, BinaryNinja, Ghidra, Radare2
]-> Binary/scripts:
https://github.com/romainthomas/the-poor-mans-obfuscator
📰
📚
"The Poor Man's Obfuscator:
Pass The Salt 2022".
https://www.romainthomas.fr/publication/22-pst-the-poor-mans-obfuscator
// This paper is to present ELF/Mach-O transformations which impact or hinder disassemblers like IDA, BinaryNinja, Ghidra, Radare2
]-> Binary/scripts:
https://github.com/romainthomas/the-poor-mans-obfuscator
📰
📚
Machine_learning-based_ransomware_detect.pdf
1 MB
#Research
"Machine Learning-based Ransomware Detection Using Low-level Memory Access Patterns Obtained From Live-forensic Hypervisor", 2022.
📰
📚
"Machine Learning-based Ransomware Detection Using Low-level Memory Access Patterns Obtained From Live-forensic Hypervisor", 2022.
📰
📚
ebpf_offensive_rootkit.pdf
5.4 MB
#Research
#Malware_analysis
"An analysis of offensive capabilities of eBPF and implementation of a rootkit", 2022.
]-> A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities:
https://github.com/h3xduck/TripleCross
📰
📚
#Malware_analysis
"An analysis of offensive capabilities of eBPF and implementation of a rootkit", 2022.
]-> A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities:
https://github.com/h3xduck/TripleCross
📰
📚
AMSI_Bypass.pdf
1.3 MB
#Offensive_security
Black Hat Asia 2022:
"AMSI Unchained: Review of Known AMSI Bypass Techniques and Introducing a New One".
📰
📚
Black Hat Asia 2022:
"AMSI Unchained: Review of Known AMSI Bypass Techniques and Introducing a New One".
📰
📚
DKIM.pdf
1.5 MB
#Research
"A Large-scale and Longitudinal Measurement Study of DKIM Deployment", ВUSENIX Security, 2022.
📰
📚
⌨
"A Large-scale and Longitudinal Measurement Study of DKIM Deployment", ВUSENIX Security, 2022.
📰
📚
⌨
TG1021 - Praying Mantis Threat Actor (2021).pdf
797.2 KB
#Research
"HDiff: A Semi-automatic Framework for Discovering Semantic Gap Attack in HTTP Implementations", IEEE/IFIP 2022.
]-> Repo: https://github.com/mo-xiaoxi/HDiff
📰
📚
"HDiff: A Semi-automatic Framework for Discovering Semantic Gap Attack in HTTP Implementations", IEEE/IFIP 2022.
]-> Repo: https://github.com/mo-xiaoxi/HDiff
📰
📚