Alaid TechThread
@offensive_thread
676 subscribers
6 photos
1 video
83 files
1.31K links
Vulnerability discovery, threat intelligence, reverse engineering, AppSec
Download Telegram
About
Blog
Apps
Platform
Join
Alaid TechThread
676 subscribers
Alaid TechThread
https://rubygems.registry.github.com/hackersql/carbanak_source_code_leak_maybe/tree/master/group_ib_smart_boys/Pegasus исходники Pegasus
GitHub
hackersql/carbanak_source_code_leak_maybe
Contribute to hackersql/carbanak_source_code_leak_maybe development by creating an account on GitHub.
41 views
Alaid TechThread
https://www.zdnet.com/article/sqlite-bug-impacts-thousands-of-apps-including-all-chromium-based-browsers/
ZDNet
SQLite bug impacts thousands of apps, including all Chromium-based browsers | ZDNet
New 'Magellan' vulnerability will haunt the app ecosystem for years to come.
44 views
Alaid TechThread
https://github.com/nospaceships/raw-socket-sniffer - сниффер по Windows без необходимости установки драйвера
GitHub
GitHub - nospaceships/raw-socket-sniffer: Packet capture on Windows without a kernel driver
Packet capture on Windows without a kernel driver. Contribute to nospaceships/raw-socket-sniffer development by creating an account on GitHub.
49 views
Alaid TechThread
https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2018/december/beware-of-deserialisation-in-.net-methods-and-classes-code-execution-via-paste/
46 views
Alaid TechThread
https://github.com/fboldewin/FastCashMalwareDissected/blob/master/Operation%20Fast%20Cash%20-%20Hidden%20Cobra‘s%20AIX%20PowerPC%20malware%20dissected.pdf - разбор Lazarus
47 views
Alaid TechThread
https://sandboxescaper.blogspot.com/2018/12/readfile-0day.html
41 views
Alaid TechThread
https://twitter.com/deresz666/status/1076568980712837121
Twitter
deresz
Using #qb_triton, #IDA Python and #Hexrays Decompiler to deobfuscate code - still lots to be done but starting getting readable results !
45 views
Alaid TechThread
https://speakerdeck.com/ntddk/the-art-of-de-obfuscation - Доклад по обфускации и деобфускации программ
Speaker Deck
The Art of De-obfuscation
第51回 情報科学若手の会 若手特別講演 https://wakate.org/2018/07/28/51th-general/
53 viewsedited  
Alaid TechThread
https://github.com/scanfsec/CVE-2018-15982
52 views
Alaid TechThread
https://blog.technitium.com/2018/12/configuring-dns-over-tls-and-dns-over.html?m=1
Technitium
Configuring DNS-over-TLS and DNS-over-HTTPS with any DNS Server
The new DNS-over-TLS (DoT) and DNS-over-HTTPS (DoH) protocols are available for enabling end user's privacy and security given the fact t...
50 views
Alaid TechThread
https://artemonsecurity.blogspot.com/2016/10/remsec-driver-analysis-agnitum-driver.html
Blogspot
Remsec driver analysis - Agnitum driver exploitation
In previous three parts of "Remsec driver analysis" research I've tried to show, how Remsec (aka Cremes) Ring 0 code works and how it is loa...
42 views
Alaid TechThread
Forwarded from OFFZONE
Записи выступлений #OFFZONE 2018 https://www.youtube.com/channel/UCv-eZGMbMt-L6nHabgUasHQ
YouTube
OFFZONE MOSCOW
OFFZONE — международная конференция по практической кибербезопасности, которая проходит в Москве с 2018 года. Она объединяет безопасников, разработчиков, инженеров, исследователей, преподавателей и студентов из десятков стран мира. В центре внимания — только…
3 views
Alaid TechThread
https://github.com/saaramar/35C3_Modern_Windows_Userspace_Exploitation
GitHub
GitHub - saaramar/35C3_Modern_Windows_Userspace_Exploitation
Contribute to saaramar/35C3_Modern_Windows_Userspace_Exploitation development by creating an account on GitHub.
44 views
Alaid TechThread
https://www.politico.com/story/2019/01/09/russia-kaspersky-lab-nsa-cybersecurity-1089131
POLITICO
Exclusive: How a Russian firm helped catch an alleged NSA data thief
The U.S. has accused Kaspersky Lab of working with Russian spies. But sources say the company exposed a massive breach that U.S. authorities missed.
43 views
Alaid TechThread
Интересная уязвимость в Microsoft Visual Studio C++ Compiler https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2019-0546
48 views
Alaid TechThread
https://0x00sec.org/t/bypassing-crowdstrike-falcon-detection-from-phishing-email-to-reverse-shell/10802
0x00sec - The Home of the Hacker
Bypassing Crowdstrike Falcon detection, from phishing email to reverse shell
Update 2019/01/14: Crowdstrike asked me to share an official statement: “We appreciate you reporting this detection miss to us and allowing us to rapidly address this gap on January 11th. We do have a bug bounty program www.hackerone.com/crowdstrike or via…
46 views
Alaid TechThread
https://sintonen.fi/advisories/scp-client-multiple-vulnerabilities.txt
40 views
Alaid TechThread
https://twitter.com/pythonarsenal/status/1085077789919842304?s=21
Twitter
PythonArsenal
Virtuailor - IDAPython tool for creating automatic C++ virtual tables in IDA Pro. https://t.co/3XgMMWRdtQ
44 views
Alaid TechThread
Avoid AV with DLL Side-Loading for fun and advantage with Cobaltstrike
https://medium.com/@viniciuskmax/burlando-antivirus-com-dll-side-loading-por-diversão-e-vantagem-parte-2-ko-d0b40629d810
Medium
Burlando antivirus com DLL Side-Loading por diversão e vantagem — parte 2: KO
Alguns meses atrás, escrevi sobre o ataque de DLL Side-Loading, mostrando um exemplo real envolvendo um binário legítimo e digitalmente…
51 views
Alaid TechThread
https://github.com/m1ghtym0/browser-pwn
GitHub
GitHub - m1ghtym0/browser-pwn: An updated collection of resources targeting browser-exploitation.
An updated collection of resources targeting browser-exploitation. - m1ghtym0/browser-pwn
41 views