AESDDoS Botnet Malware Infiltrates Containers via Exposed Docker APIs
https://blog.trendmicro.com/trendlabs-security-intelligence/aesddos-botnet-malware-infiltrates-containers-via-exposed-docker-apis/
https://blog.trendmicro.com/trendlabs-security-intelligence/aesddos-botnet-malware-infiltrates-containers-via-exposed-docker-apis/
Trend Micro
AESDDoS Botnet, Containers, Exposed Docker APIs
An API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community allows attackers to infiltrate containers and run a variant of AESDDoS.
Реализация файловой системы поверх системных артефактов (Windows и macOS)
https://github.com/SafeBreach-Labs/AltFS
https://github.com/SafeBreach-Labs/AltFS
GitHub
GitHub - SafeBreach-Labs/AltFS: The Alternative Fileless File System
The Alternative Fileless File System. Contribute to SafeBreach-Labs/AltFS development by creating an account on GitHub.
How I Hacked the Microsoft Outlook Android App and Found CVE-2019-1105
https://www.f5.com/labs/articles/threat-intelligence/how-i-hacked-the-microsoft-outlook-android-app-and-found-cve-2019-1105#.XRCqdjj5OfA.twitter
https://www.f5.com/labs/articles/threat-intelligence/how-i-hacked-the-microsoft-outlook-android-app-and-found-cve-2019-1105#.XRCqdjj5OfA.twitter
F5 Labs
How I Hacked the Microsoft Outlook Android App and Found CVE-2019-1105
It looked like a simple XSS in the Outlook Android app, but the app developers couldn’t reproduce it so they didn’t fix it. Then things got interesting. Here’s the story of how I discovered CVE-2019-1105.
Немного о написании шеллкодов для Windows x64
https://nytrosecurity.com/2019/06/30/writing-shellcodes-for-windows-x64/
https://nytrosecurity.com/2019/06/30/writing-shellcodes-for-windows-x64/
Nytro Security
Writing shellcodes for Windows x64
Long time ago I wrote three detailed blog posts about how to write shellcodes for Windows (x86 – 32 bits). The articles are beginner friendly and contain a lot of details. First part explains…
amass — Automated Attack Surface Mapping
https://danielmiessler.com/study/amass/
https://danielmiessler.com/study/amass/
Danielmiessler
amass — Automated Attack Surface Mapping | Daniel Miessler
Security, technology, and humans
Инструмент для исследования сетей с помощью скомпрометированных машин
https://github.com/RedTeamOperations/PivotSuite/blob/master/README.md
https://github.com/RedTeamOperations/PivotSuite/blob/master/README.md
GitHub
RedTeamOperations/PivotSuite
Network Pivoting Toolkit. Contribute to RedTeamOperations/PivotSuite development by creating an account on GitHub.
Forwarded from r0 Crew (Channel)
Analyzing trigger-based malware with S2E https://speakerdeck.com/adrianherrera/analyzing-trigger-based-malware-with-s2e #malware #dukeBarman
Speaker Deck
Analyzing trigger-based malware with S2E
Slides from the ICSL Malware Reverse Engineering (MRE) conference 2019.
Исследование уязвимостей античит движков
https://www.immunityinc.com/downloads/Recon2019_Unveiling_the_Underground_World_of_Anti-Cheats.pdf
https://www.immunityinc.com/downloads/Recon2019_Unveiling_the_Underground_World_of_Anti-Cheats.pdf
Sodin ransomware exploits Windows vulnerability and processor architecture
https://securelist.com/sodin-ransomware/91473/
https://securelist.com/sodin-ransomware/91473/
Securelist
Sodin ransomware exploits Windows vulnerability and processor architecture
When Sodin appeared in the first half of 2019, it immediately caught our attention for distributing itself through an Oracle Weblogic vulnerability and carrying out attacks on MSP providers.
Understanding Docker container escapes
https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
https://blog.trailofbits.com/2019/07/19/understanding-docker-container-escapes/
The Trail of Bits Blog
Understanding Docker container escapes
Trail of Bits recently completed a security assessment of Kubernetes, including its interaction with Docker. Felix Wilhelm’s recent tweet of a Proof of Concept (PoC) “container escape” sparked our interest, since we performed similar research and were curious…
Local Privilege Escalation on Dell machines running Windows
https://d4stiny.github.io/Local-Privilege-Escalation-on-most-Dell-computers/
https://d4stiny.github.io/Local-Privilege-Escalation-on-most-Dell-computers/
d4stiny.github.io
Local Privilege Escalation on Dell machines running Windows
In May, I published a blog post detailing a Remote Code Execution vulnerability in Dell SupportAssist. Since then, my research has continued and I have been finding more and more vulnerabilities. I strongly suggest that you read my previous blog post, not…
COModo: From Sandbox to SYSTEM (CVE-2019–3969)
https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
Medium
COModo: From Sandbox to SYSTEM (CVE-2019–3969)
Antivirus (AV) is a great target for vulnerability hunting: Large attack surface, complex parsing, and various components executing with…
Интересные offensive наработки на C#
https://github.com/FuzzySecurity/Sharp-Suite
https://github.com/FuzzySecurity/Sharp-Suite
GitHub
GitHub - FuzzySecurity/Sharp-Suite: Also known by Microsoft as Knifecoat :hot_pepper:
Also known by Microsoft as Knifecoat :hot_pepper:. Contribute to FuzzySecurity/Sharp-Suite development by creating an account on GitHub.