Alaid TechThread
@offensive_thread
677 subscribers
6 photos
1 video
83 files
1.31K links
Vulnerability discovery, threat intelligence, reverse engineering, AppSec
Download Telegram
About
Blog
Apps
Platform
Join
Alaid TechThread
677 subscribers
Alaid TechThread
Статья про угон поддоменов https://cody.su/blog/hostile-subdomain-takeovers/
Cody Zacharias
Hostile Subdomain Takeovers++
Advanced Hostile Subdomain Takeover discovery techniques and attack scenarios. This article is intended for people already familiar with subdomain takeovers.
35 views
Alaid TechThread
и инструмент для скана: https://github.com/haccer/subjack
GitHub
GitHub - haccer/subjack: Subdomain Takeover tool written in Go
Subdomain Takeover tool written in Go. Contribute to haccer/subjack development by creating an account on GitHub.
38 views
Alaid TechThread
https://techincidents.com/penetration-testing-cheat-sheet/
Tech
Penetration Testing Cheat Sheet For Windows Machine
In the event that your Windows machine has been compromised or for any other reason, this cheat sheet is intended to help.Penetration Testing Cheat Sheet
39 views
Alaid TechThread
Эксплуатация в .NET:
https://googleprojectzero.blogspot.ru/2017/04/exploiting-net-managed-dcom.html
Blogspot
Exploiting .NET Managed DCOM
Posted by James Forshaw, Project Zero One of the more interesting classes of security vulnerabilities are those affecting interoperabili...
42 viewsedited  
Alaid TechThread
Видео с DEFCON Packet Village: https://www.youtube.com/playlist?list=PL9fPq3eQfaaAxfsGhSV51abnG1LUir72x
YouTube
DEF CON 25 Packet Hacking Village - YouTube
40 views
Alaid TechThread
Wiki по атакам на принтеры https://hacking-printers.net/wiki/index.php/Main_Page
38 views
Alaid TechThread
https://twitter.com/fs0c131y/status/930115188988182531
Twitter
Elliot Alderson
Hey @OnePlus! I don't think this EngineerMode APK must be in an user build...🤦‍♂️ This app is a system app made by @Qualcomm and customised by @OnePlus. It's used by the operator in the factory to test the devices.
42 viewsedited  
Alaid TechThread
Apple iOS Host Pairing Bypass
https://labs.mwrinfosecurity.com/advisories/apple-ios-host-pairing-bypass/?t=1&cn=ZmxleGlibGVfcmVjc18y&refsrc=email&iid=a27eca4719334d5a92eb7091a5f7135b&uid=717932366&nid=244+272699400
47 viewsedited  
Alaid TechThread
Неплохой tutorial по z3 и реверсу:
https://yurichev.com/blog/CRC_find_poly/?t=1&cn=ZmxleGlibGVfcmVjc18y&refsrc=email&iid=a27eca4719334d5a92eb7091a5f7135b&uid=717932366&nid=244+293670920
51 views
Alaid TechThread
#AVGater: Getting Local Admin by Abusing the Anti-Virus Quarantine
https://bogner.sh/2017/11/avgater-getting-local-admin-by-abusing-the-anti-virus-quarantine/
46 viewsedited  
Alaid TechThread
yamaguchi2017.pdf
394.6 KB
43 views
Alaid TechThread
1702.06162.pdf
297.4 KB
45 views
Alaid TechThread
https://www.youtube.com/user/y0011langester/videos
42 views
Alaid TechThread
Канал про разработку драйверов в ОС Windows
42 views
Alaid TechThread
Также полезное по теме: https://www.youtube.com/watch?v=Xv9ckZ4PCmc
YouTube
Windows kernel: краткий курс молодого бойца (Артем Шишкин)
План мастер-класса:
- общая физическая подготовка (настройка ОС и инструментов отладки);
- инструкция по использованию оружия (навыки работы с WinDBG);
- ориентирование на местности (сбор информации в ядре);
- знай врага в лицо (механизмы защиты ядра ОС);…
47 views
Alaid TechThread
Forwarded from r0 Crew (Channel) (Darwin)
Vault8_HiveClientServer.zip
96 MB
Wikileaks опубликовал исходный код системы управления зараженными компьютерами
https://wikileaks.org/vault8/hive.png
https://wikileaks.org/vault8/document/repo_hive/
11 views
Alaid TechThread
ndss16_driller.pdf
351.3 KB
43 views
Alaid TechThread
Driller: Augmenting Fuzzing Through Selective Symbolic Execution
45 views
Alaid TechThread
https://docs.google.com/presentation/d/16BWLRm4aNdxToJO-_63s1gLlw-hbSXlQE-jSzzsHkIw/mobilepresent?slide=id.g294daa8e45_0_0
42 views
Alaid TechThread
Keynote Zeronights
41 views
Alaid TechThread
Forwarded from Записки админа
Ну что, Intel собрали в один список все (но это не точно) потенциальные проблемы безопасности в Intel ME, о которых сообщали различные исследователи. К списку подготовили обновление и утилиту для проверки, подвержена ли система уязвимостям.

Сам список доступен по ссылке:
https://goo.gl/BuLp6h

Информация об обновлениях:
https://goo.gl/GLijsg

Утилита для проверки наличия уязвимости (для Windows и Linux):
https://downloadcenter.intel.com/download/27150

Все ли бекдоры закрыли, завезли ли новые - история умалчивает.

#intel #security
Intel
Intel® Management Engine Critical Firmware Update (Intel-SA-00086)
Security Advisory (Intel-SA-00086), a critical firmware vulnerability in systems.
15 views