Alaid TechThread
@offensive_thread
676 subscribers
6 photos
1 video
83 files
1.31K links
Vulnerability discovery, threat intelligence, reverse engineering, AppSec
Download Telegram
About
Blog
Apps
Platform
Join
Alaid TechThread
676 subscribers
Alaid TechThread
https://atr-blog.gigamon.com/2018/12/05/adobe-flash-zero-day-exploited-in-the-wild/
33 views
Alaid TechThread
https://ti.360.net/blog/articles/flash-0day-hacking-team-rat-activities-of-exploiting-latest-flash-0day-vulnerability-and-correlation-analysis-en/
35 views
Alaid TechThread
https://blogs.360.cn/post/PoisonNeedles_CVE-2018-15982_EN
34 views
Alaid TechThread
Исследования 0day в Adobe
35 views
Alaid TechThread
https://twitter.com/olafhartong/status/1069664316411076610?s=21
Twitter
Olaf Hartong
Super excited to present my ThreatHunting app in 2 days at #BlackHatEU, I'll release it right after on @Splunkbase and https://t.co/7VD87s0px3 #dfir #splunk #sysmon
46 views
Alaid TechThread
BadUSB кабель и другое (видео в посте)
https://twitter.com/_MG_/status/1069759065104932864
Twitter
_MG_
I am officially looking for work! All things offensive/red, research, & teaching (classes, talks, media, etc). SF Bay Area or remote. Me: https://t.co/W11wOeMBso I’ve been flirting with this, but now I’m all in. Here’s a ridiculous “highlight reel” because…
49 viewsedited  
Alaid TechThread
https://github.com/LinusHenze/WebKit-RegEx-Exploit/blob/master/README.md
GitHub
LinusHenze/WebKit-RegEx-Exploit
Contribute to LinusHenze/WebKit-RegEx-Exploit development by creating an account on GitHub.
58 views
Alaid TechThread
https://twitter.com/aionescu/status/1070821886312046593?s=21
Twitter
Alex Ionescu
The scripts and tools that @pwissenlit and I used to learn and pwn the Windows Notification Facility (WNF) at Black Hat 2018 this year are now posted on our repository: https://t.co/Vm425XNVFo. Please remember to apply November's Patch Tuesday patches!
42 views
Alaid TechThread
Подборка ссылок на тему эксплеатации продуктов VMware
https://github.com/xairy/vmware-exploitation
GitHub
GitHub - xairy/vmware-exploitation: A collection of links related to VMware escape exploits
A collection of links related to VMware escape exploits - xairy/vmware-exploitation
45 views
Alaid TechThread
0927_track1_am_massivescaleusbde.pdf
1 MB
43 views
Alaid TechThread
Forwarded from Noise Security Bit
Один из докладов, который меня заинтересовал с прошедшего BH Europe, это "BLEEDINGBIT: Your APs Belong to Us", где исследователи нашли уязвимости непосредственно в Bluetooth Low Energy (BLE) микроконтроллерах и продемонстрировали удаленную эксплуатацию этого вектора.

Slides: https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-Seri-BleedingBit.pdf

Paper: https://i.blackhat.com/eu-18/Thu-Dec-6/eu-18-Seri-BleedingBit-wp.pdf

Demo: https://www.youtube.com/watch?v=D5FIIqLWtYw
6 views
Alaid TechThread
Курсы MIT по ИБ
https://ocw.mit.edu/courses/electrical-engineering-and-computer-science/6-858-computer-systems-security-fall-2014/video-lectures/
41 views
Alaid TechThread
https://securelist.com/zero-day-in-windows-kernel-transaction-manager-cve-2018-8611/89253/
Securelist
Zero-day in Windows Kernel Transaction Manager (CVE-2018-8611)
In October 2018, our AEP systems detected an attempt to exploit a vulnerability in the Microsoft Windows. Further analysis led us to uncover a zero-day vulnerability in ntoskrnl.exe.
37 views
Alaid TechThread
https://www.youtube.com/watch?v=egVK-S--GxU&list=PLHlFrzuFU1EVtUOZ3k7f7Nw6CoUnOm4RF&index=16
YouTube
Rancho Han - From Graphic Mode To God Mode, Discovery Vulnerabilities of GPU Virtualization
For most major virtualization platforms, GPU virtualization is an important component. Different vendors have different implementations. In this talk, I will...
38 views
Alaid TechThread
https://www.synacktiv.com/posts/exploit/kinibi-tee-trusted-application-exploitation.html
40 views
Alaid TechThread
https://research.checkpoint.com/50-adobe-cves-in-50-days/
Check Point Research
50 CVEs in 50 Days: Fuzzing Adobe Reader - Check Point Research
Research By: Yoav Alon, Netanel Ben-Simon Introduction The year 2017 was an inflection point in the vulnerability landscape. The number of new vulnerabilities reported that year was around 14,000, which is over twice the number from the year before (see table…
46 views
Alaid TechThread
https://rubygems.registry.github.com/hackersql/carbanak_source_code_leak_maybe/tree/master/group_ib_smart_boys/Pegasus исходники Pegasus
GitHub
hackersql/carbanak_source_code_leak_maybe
Contribute to hackersql/carbanak_source_code_leak_maybe development by creating an account on GitHub.
41 views
Alaid TechThread
https://www.zdnet.com/article/sqlite-bug-impacts-thousands-of-apps-including-all-chromium-based-browsers/
ZDNet
SQLite bug impacts thousands of apps, including all Chromium-based browsers | ZDNet
New 'Magellan' vulnerability will haunt the app ecosystem for years to come.
44 views
Alaid TechThread
https://github.com/nospaceships/raw-socket-sniffer - сниффер по Windows без необходимости установки драйвера
GitHub
GitHub - nospaceships/raw-socket-sniffer: Packet capture on Windows without a kernel driver
Packet capture on Windows without a kernel driver. Contribute to nospaceships/raw-socket-sniffer development by creating an account on GitHub.
49 views
Alaid TechThread
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/december/beware-of-deserialisation-in-.net-methods-and-classes-code-execution-via-paste/
46 views