"Important, Spoofing" - zero-click, wormable, cross-platform remote code execution in Microsoft Teams
https://github.com/oskarsve/ms-teams-rce/blob/main/README.md
https://github.com/oskarsve/ms-teams-rce/blob/main/README.md
GitHub
ms-teams-rce/README.md at main · oskarsve/ms-teams-rce
Contribute to oskarsve/ms-teams-rce development by creating an account on GitHub.
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function.
https://github.com/megadose/holehe
https://github.com/megadose/holehe
GitHub
GitHub - megadose/holehe: holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve…
holehe allows you to check if the mail is used on different sites like twitter, instagram and will retrieve information on sites with the forgotten password function. - megadose/holehe
4 Free easy wins that make Red Teams harder
https://www.trustedsec.com/blog/4-free-easy-wins-that-make-red-teams-harder/
https://www.trustedsec.com/blog/4-free-easy-wins-that-make-red-teams-harder/
TrustedSec
4 Free Easy Wins That Make Red Teams Harder - TrustedSec
TrustedSec's blog is an expert source of information on information security trends and best practices for strategic risk management.
CVE-2020-17049: Kerberos Bronze Bit Attack - Overview
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
https://blog.netspi.com/cve-2020-17049-kerberos-bronze-bit-overview/
NetSPI
CVE-2020-17049: Kerberos Bronze Bit Attack - Overview
Read a helpful overview of the Bronze Bit attack (CVE-2020-17049) against Kerberos implementations in Windows Active Directory.
CVE-2020-9967 - Apple macOS XNU 6LowPan Kernel RCE Write-up https://alexplaskett.github.io/CVE-2020-9967/
Amit Merchant - Software Engineer
CVE-2020-9967 - Apple macOS 6LowPAN Vulnerability
Inspired by Kevin Backhouse’s great work on finding XNU remote vulnerabilities I decided to spend some time looking at CodeQL and performing some variant analysis. This lead to the discovery of a local root to kernel (although documented by Apple as remote)…
Гиперотладка. Разбираем отладку Microsoft Hyper-V с самого начала
https://xakep.ru/2020/12/25/hyperv-hyperdebug/
https://xakep.ru/2020/12/25/hyperv-hyperdebug/
xakep.ru
Гиперотладка. Разбираем отладку Microsoft Hyper-V с самого начала
Гипервизор производства корпорации Microsoft содержит определенное количество ошибок. Поиск этих ошибок — занятие не только увлекательное, но и полезное: во-первых, Microsoft располагает собственной программой Bug Bounty, а во-вторых, знания о недокументированных…
Visualize the virtual address space of a Windows process on a Hilbert curve.
https://github.com/0vercl0k/clairvoyance
https://github.com/0vercl0k/clairvoyance
GitHub
GitHub - 0vercl0k/clairvoyance: Visualize the virtual address space of a Windows process on a Hilbert curve.
Visualize the virtual address space of a Windows process on a Hilbert curve. - 0vercl0k/clairvoyance
Forwarded from r0 Crew (Channel)
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation https://github.com/ant4g0nist/Vulnerable-Kext #exploitation #ios #macos #dukeBarman
GitHub
GitHub - ant4g0nist/Vulnerable-Kext: A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation
A WIP "Vulnerable by Design" kext for iOS/macOS to play & learn *OS kernel exploitation - ant4g0nist/Vulnerable-Kext
[email protected]
12.3 MB
Asm2Vec: Boosting Static Representation Robustness for Binary Clone Search against Code Obfuscation and Compiler Optimization
Using Windows Disposable VMs for test and research
https://rolando.anton.sh/blog/2021/01/01/using-windows-disposable-vms-for-test-and-research/
https://rolando.anton.sh/blog/2021/01/01/using-windows-disposable-vms-for-test-and-research/
A 'Novel' Way to Bypass Executable Signature Checks with Electron
https://parsiya.net/blog/2021-01-08-a-novel-way-to-bypass-executable-signature-checks-with-electron/
https://parsiya.net/blog/2021-01-08-a-novel-way-to-bypass-executable-signature-checks-with-electron/
Operation ‘Kremlin’
The file contains an obfuscated URL to a remote template which contains malicious VBA, eventually leading to the execution of VBS on the infected machine. The attack’s purpose is to stealthily exfiltrate information without running any external executables on the system.
https://www.clearskysec.com/operation-kremlin/
The file contains an obfuscated URL to a remote template which contains malicious VBA, eventually leading to the execution of VBS on the infected machine. The attack’s purpose is to stealthily exfiltrate information without running any external executables on the system.
https://www.clearskysec.com/operation-kremlin/
Building an RDP Credential Catcher for Threat Intelligence
https://research.nccgroup.com/2021/01/10/building-an-rdp-credential-catcher-for-threat-intelligence/
https://research.nccgroup.com/2021/01/10/building-an-rdp-credential-catcher-for-threat-intelligence/