This post is a technical analysis of a recently disclosed Chrome JIT vulnerability (CVE-2021-30632) that was believed to be exploited in the wild. This vulnerability was reported by an anonymous researcher and was patched on September 13, 2021 in Chrome version…

Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and Infrastructure…

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting...

A plugin to introduce interactive symbols into your debugger from your decompiler - mahaloz/decomp2dbg

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! - GitHub - p0dalirius/LDAPmonitor: Monitor creation, deletion and changes to LDAP objects ...

Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.

Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…

Move CS beacon to GPU memory when sleeping. Contribute to oXis/GPUSleep development by creating an account on GitHub.

To protect our users, TAG routinely hunts for 0-day vulnerabilities exploited in-the-wild. In late August 2021, TAG discovered watering hole attacks targeting visitors t…

A step by step approach to reverse engineer Hyper-V and have a low level insight into Virtual Trust Levels.

During the last two weeks of my summer (as of writing, summer 2021), I decided to try and take a crack at iOS 14 kernel exploitation with the IOMobileFramebuffer OOB pointer read (CVE-2021-30807). Unfortunately, a couple days after I moved back into school…

During my summer internship, I had the wonderful opportunity to work on the Manticore User Interface (MUI). The MUI project aims to combine the strength of both Manticore, a powerful symbolic execution library, and Binary Ninja, a popular binary analysis…

USENIX Security '21 - SyzVegas: Beating Kernel Fuzzing Odds with Reinforcement Learning

Daimeng Wang, Zheng Zhang, Hang Zhang, Zhiyun Qian, Srikanth V. Krishnamurthy, and Nael Abu-Ghazaleh, University of California, Riverside

Fuzzing embeds a large number…

Shellcode injection technique. Given as C++ header, standalone Rust program or library. - Idov31/FunctionStomping

$100,500 Apple Bug Bounty for hacking the webcam via a Safari Universal Cross-Site Scripting (UXSS) bug. CVE-2021-30861, CVE-2021-30975

Cuckoo and CAPE sandbox evasion in one legitimate Windows API function call? It is possible due to issues we found in Cuckoo and CAPE monitor.