Cfg.pdf
1.2 MB
#Research
"Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis", 2022.
]-> A generic seed scheduler for fuzzers (LibFuzzer and AFL) and concolic execution engine (qsym):
https://github.com/Dongdongshe/K-Scheduler
📰
📚
"Effective Seed Scheduling for Fuzzing with Graph Centrality Analysis", 2022.
]-> A generic seed scheduler for fuzzers (LibFuzzer and AFL) and concolic execution engine (qsym):
https://github.com/Dongdongshe/K-Scheduler
📰
📚
privacy_google_dialer_sms.pdf
1.1 MB
#Research
"What Data Do The Google Dialer And Messages Apps On Android Send To Google?", 2022.
// In-depth whitepaper that casts light on the actual telemetry data sent by Google Play Services, which to date has largely been opaque
📰
📚
"What Data Do The Google Dialer And Messages Apps On Android Send To Google?", 2022.
// In-depth whitepaper that casts light on the actual telemetry data sent by Google Play Services, which to date has largely been opaque
📰
📚
Not_so_fast.pdf
525.4 KB
#compilers
"Not So Fast: Understanding and Mitigating Negative Impacts of Compiler Optimizations on Code Reuse Gadget Sets", 2021.
]-> Towards Practical Security Optimizations for Binaries:
https://blog.trailofbits.com/2022/03/25/towards-practical-security-optimizations-for-binaries
📰
📚
"Not So Fast: Understanding and Mitigating Negative Impacts of Compiler Optimizations on Code Reuse Gadget Sets", 2021.
]-> Towards Practical Security Optimizations for Binaries:
https://blog.trailofbits.com/2022/03/25/towards-practical-security-optimizations-for-binaries
📰
📚
Delegating_Kerberos.pdf
14.4 MB
#Offensive_security
Delegating Kerberos to bypass Kerberos delegation limitation
https://www.thehacker.recipes/ad/movement/kerberos/delegations
📰
📚
Delegating Kerberos to bypass Kerberos delegation limitation
https://www.thehacker.recipes/ad/movement/kerberos/delegations
📰
📚
PIM_YUPANA.pdf
542.5 KB
#Whitepaper
"Passive Inter-Modulation Sources and Cancellation Methods", 2022.
// Also, a review of PIM mitigation techniques is presented in the article
📰
📚
"Passive Inter-Modulation Sources and Cancellation Methods", 2022.
// Also, a review of PIM mitigation techniques is presented in the article
📰
📚
ICPS_Perspective.pdf
596.5 KB
#SCADA_Security
"Cybersecurity Challenges in the Offshore Oil and Gas Industry: An Industrial Cyber-Physical Systems (ICPS) Perspective", 2022.
📰
📚
"Cybersecurity Challenges in the Offshore Oil and Gas Industry: An Industrial Cyber-Physical Systems (ICPS) Perspective", 2022.
📰
📚
Webhook_Security.pdf
95.7 KB
#Whitepaper
"Webhook Security Guidelines".
]-> Simple webhook to block exploitation of CVE-2022-0811:
https://github.com/spiarh/webhook-cve-2022-0811
📰
📚
"Webhook Security Guidelines".
]-> Simple webhook to block exploitation of CVE-2022-0811:
https://github.com/spiarh/webhook-cve-2022-0811
📰
📚
Relaying_RPC_DCOM.pdf
2.2 MB
"Relaying to Greatness:
Windows Privilege Escalation by abusing the RPC/DCOM protocols", 2022.
#privilege
📰
📚
Windows Privilege Escalation by abusing the RPC/DCOM protocols", 2022.
#privilege
📰
📚