📚 t.iss.one/Library_Sec

#Whitepaper
"Abusing Windows Implementation of Fork() for Stealthy Memory Operations", 2021.
https://billdemirkapi.me/abusing-windows-implementation-of-fork-for-stealthy-memory-operations
]-> An implementation and PoC of Process Forking:
https://github.com/D4stiny/ForkPlayground

📚

#Research
"Testability Tarpits: the Impact of Code Patterns on the Security Testing of Web Applications", NDSS 2022.

]-> Repo: https://github.com/enferas/TestabilityTarpits

📚

#hardening
#exploit
Email Authentication Recommended Best Practices (.pdf) + The Gmail SMTP Relay Service Exploit:
https://www.avanan.com/blog/the-gmail-smtp-relay-service-exploit

📚

#Threat_Research
Threat research report:
"The origin story of APT32 macros: The StrikeSuit Gift that keeps giving", 2022.

📰
📚

#exploit
#Whitepaper
"Finding 0days in Enterprise Software".

📰
📚

#Research
"Awakening the Web's Sleeper Agents: Misusing Service Workers for Privacy Leakage", 2021.

📚

#SANS also released a poster with an application security #checklist, as well as a poster with useful links in 9 areas for protecting, monitoring and controlling the three main cloud platforms - #AWS, #Azure and Google. These areas include DevSecOps, infrastructure security, IAM, architecture, threat detection and response, governance, application protection, computing protection, data protection.


Password :

📚

#Research
#cryptography
"Implementing Post-quantum Cryptography for Developers", 2022.

📰
📚

#Threat_Research
"RW-Fuzzer: A Fuzzing Method for Vulnerability Mining on Router Web Interface", 2022.

📰
📚

#Forensics

Practical Windows Forensics

📰
📚

📚 t.iss.one/Library_Sec

#Research
#Cloud_Security
"Breaking Formation: From an Error Message to AWS Infrastructure", 2022.

📰
📚

Security Operation Center 40 Tools

📰
📚

#Research
#BlueTeam
"A flow-based IDS using Machine Learning in eBPF", 2022.
]-> https://github.com/CN-TU/machine-learning-in-ebpf

📰
📚

📚 t.iss.one/Library_Sec