Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug (CVE-2021-3560)
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
The GitHub Blog
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit.
d0zer
Elf binary infector written in Golang. It can be used for infecting executables of type ET_DYN and ET_EXEC with a payload of your creation. Utilizing the classic elf text segment padding algorithm by Silvio Cesar, your payload (parasite) will run before native functionality of the binary effectively backooring the binary.
https://github.com/sad0p/d0zer
Elf binary infector written in Golang. It can be used for infecting executables of type ET_DYN and ET_EXEC with a payload of your creation. Utilizing the classic elf text segment padding algorithm by Silvio Cesar, your payload (parasite) will run before native functionality of the binary effectively backooring the binary.
https://github.com/sad0p/d0zer
GitHub
GitHub - sad0p/d0zer: Elf binary infector written in Go.
Elf binary infector written in Go. Contribute to sad0p/d0zer development by creating an account on GitHub.
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
https://github.com/optiv/Dent
https://github.com/optiv/Dent
GitHub
GitHub - optiv/Dent: A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors. - GitHub - optiv/Dent: A framework for creating COM-based bypasses utilizing vulnerabil...
DarkLoadLibrary (Bypassing Image Load Kernel Callbacks)
https://github.com/bats3c/DarkLoadLibrary
LoadLibrary for offensive operations.https://github.com/bats3c/DarkLoadLibrary
GitHub
GitHub - bats3c/DarkLoadLibrary: LoadLibrary for offensive operations
LoadLibrary for offensive operations. Contribute to bats3c/DarkLoadLibrary development by creating an account on GitHub.
AutoHarness is a tool that automatically generates fuzzing harnesses for you
https://github.com/parikhakshat/autoharness
https://github.com/parikhakshat/autoharness
GitHub
GitHub - parikhakshat/autoharness: A tool that automatically creates fuzzing harnesses based on a library
A tool that automatically creates fuzzing harnesses based on a library - parikhakshat/autoharness
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.
https://github.com/0vercl0k/wtf
https://github.com/0vercl0k/wtf
GitHub
GitHub - 0vercl0k/wtf: wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed…
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m...
Details about four in-the-wild 0-day campaigns targeting four separate vulnerabilities we’ve discovered so far this year:
• CVE-2021-21166 and CVE-2021-30551 in Chrome,
• CVE-2021-33742 in Internet Explorer, and
• CVE-2021-1879 in WebKit (Safari).
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/
• CVE-2021-21166 and CVE-2021-30551 in Chrome,
• CVE-2021-33742 in Internet Explorer, and
• CVE-2021-1879 in WebKit (Safari).
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/
cve.mitre.org
CVE -
CVE-2021-21166
CVE-2021-21166
CVE® is a list of records — each containing an identification number, a description, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed…
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/amp/#click=https://t.co/zfXvokBcHW
https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/amp/#click=https://t.co/zfXvokBcHW
NCC Group Research
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
NCC Group’s Exploit Development Group look at exploiting CVE-2021-31956 – the Windows Kernel (NTFS with WNF)
OpenSecurityTraining2 public betas of refreshed classes on x86-64 assembly, x86-64 OS internals, and coreboot are now open - https://ost2.fyi
1-s2.0-S0140366421000426-main.pdf
1.3 MB
Deep Learning for Network Traffic Monitoring and Analysis (NTMA): A Survey
3405671.3405811.pdf
818.2 KB
SAM: Self-Attention based Deep Learning Method for Online Traffic Classification
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
https://github.com/lyft/cartography
https://github.com/lyft/cartography
GitHub
GitHub - cartography-cncf/cartography: Cartography is a Python tool that consolidates infrastructure assets and the relationships…
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. - cartography-cncf/cartography
Liang2021_Article_NeutronAnAttention-basedNeural.pdf
1.6 MB
Neutron: an attention-based neural decompiler
NeurIPS_2019_coda_an_end_to_end_neural_program_decompiler_Paper.pdf
389.8 KB
Coda: An End-to-End Neural Program Decompiler
s42400-021-00088-4.pdf
1.3 MB
Bin2vec: learning representations of binary executable programs for security tasks
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.
https://github.com/topotam/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.
https://github.com/topotam/PetitPotam
GitHub
GitHub - topotam/PetitPotam: PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw…
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions. - topotam/PetitPotam
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
https://github.com/yardenshafir/PoolViewer
https://github.com/yardenshafir/PoolViewer
GitHub
GitHub - yardenshafir/PoolViewer: An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+. - yardenshafir/PoolViewer
A Primer On Event Tracing For Windows (ETW)
https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
Medium
A Primer On Event Tracing For Windows (ETW)
The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…