AutoHarness is a tool that automatically generates fuzzing harnesses for you
https://github.com/parikhakshat/autoharness
https://github.com/parikhakshat/autoharness
GitHub
GitHub - parikhakshat/autoharness: A tool that automatically creates fuzzing harnesses based on a library
A tool that automatically creates fuzzing harnesses based on a library - parikhakshat/autoharness
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.
https://github.com/0vercl0k/wtf
https://github.com/0vercl0k/wtf
GitHub
GitHub - 0vercl0k/wtf: wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed…
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m...
Details about four in-the-wild 0-day campaigns targeting four separate vulnerabilities we’ve discovered so far this year:
• CVE-2021-21166 and CVE-2021-30551 in Chrome,
• CVE-2021-33742 in Internet Explorer, and
• CVE-2021-1879 in WebKit (Safari).
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/
• CVE-2021-21166 and CVE-2021-30551 in Chrome,
• CVE-2021-33742 in Internet Explorer, and
• CVE-2021-1879 in WebKit (Safari).
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/
cve.mitre.org
CVE -
CVE-2021-21166
CVE-2021-21166
CVE® is a list of records — each containing an identification number, a description, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed…
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/amp/#click=https://t.co/zfXvokBcHW
https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/amp/#click=https://t.co/zfXvokBcHW
NCC Group Research
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
NCC Group’s Exploit Development Group look at exploiting CVE-2021-31956 – the Windows Kernel (NTFS with WNF)
OpenSecurityTraining2 public betas of refreshed classes on x86-64 assembly, x86-64 OS internals, and coreboot are now open - https://ost2.fyi
1-s2.0-S0140366421000426-main.pdf
1.3 MB
Deep Learning for Network Traffic Monitoring and Analysis (NTMA): A Survey
3405671.3405811.pdf
818.2 KB
SAM: Self-Attention based Deep Learning Method for Online Traffic Classification
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
https://github.com/lyft/cartography
https://github.com/lyft/cartography
GitHub
GitHub - cartography-cncf/cartography: Cartography is a Python tool that consolidates infrastructure assets and the relationships…
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. - cartography-cncf/cartography
Liang2021_Article_NeutronAnAttention-basedNeural.pdf
1.6 MB
Neutron: an attention-based neural decompiler
NeurIPS_2019_coda_an_end_to_end_neural_program_decompiler_Paper.pdf
389.8 KB
Coda: An End-to-End Neural Program Decompiler
s42400-021-00088-4.pdf
1.3 MB
Bin2vec: learning representations of binary executable programs for security tasks
PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.
https://github.com/topotam/PetitPotam
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw function.
https://github.com/topotam/PetitPotam
GitHub
GitHub - topotam/PetitPotam: PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw…
PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions. - topotam/PetitPotam
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
https://github.com/yardenshafir/PoolViewer
https://github.com/yardenshafir/PoolViewer
GitHub
GitHub - yardenshafir/PoolViewer: An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+. - yardenshafir/PoolViewer
A Primer On Event Tracing For Windows (ETW)
https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
Medium
A Primer On Event Tracing For Windows (ETW)
The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…
FROM PWN2OWN 2021: A NEW ATTACK SURFACE ON MICROSOFT EXCHANGE - PROXYSHELL
https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Zero Day Initiative
Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!
In April 2021, Orange Tsai from DEVCORE Research Team demonstrated a remote code execution vulnerability in Microsoft Exchange during the Pwn2Own Vancouver 2021 contest. In doing so, he earned himself $200,000. Since then, he has disclosed several other…
corCTF 2021 Fire of Salvation Writeup: Utilizing msg_msg Objects for Arbitrary Read and Arbitrary Write in the Linux Kernel
https://www.willsroot.io/2021/08/corctf-2021-fire-of-salvation-writeup.html?m=1
https://www.willsroot.io/2021/08/corctf-2021-fire-of-salvation-writeup.html?m=1
www.willsroot.io
corCTF 2021 Fire of Salvation Writeup: Utilizing msg_msg Objects for Arbitrary Read and Arbitrary Write in the Linux Kernel
A blog about pentesting, CTFs, and security
secml-malware: Pentesting Windows Malware Classifiers with Adversarial EXEmples in Python
https://arxiv.org/pdf/2104.12848v2.pdf
https://arxiv.org/pdf/2104.12848v2.pdf