#OSINT Email-Enum searches mainstream websites and tells you if an #email is registered! https://github.com/Frint0/email-enum
Forwarded from r0 Crew (Channel)
Ghidra Plugin Development for Vulnerability Research - Part-1 https://www.somersetrecon.com/blog/2019/ghidra-plugin-development-for-vulnerability-research-part-1 #ghidra #dukeBarman
Somerset Recon
Ghidra Plugin Development for Vulnerability Research - Part-1 — Somerset Recon
Overview On March 5th at the RSA security conference, the National Security Agency (NSA) released a reverse engineering tool called Ghidra. Similar to IDA Pro, Ghidra is a disassembler and decompiler with many powerful features (e.g., plugin support,…
A Pentester's Guide - Part 3 (OSINT, Breach Dumps, & Password Spraying)
https://delta.navisec.io/osint-for-pentesters-part-3-password-spraying-methodology/
https://delta.navisec.io/osint-for-pentesters-part-3-password-spraying-methodology/
Analysis of a targeted attack exploiting the WinRar CVE-2018-20250 vulnerability
https://www.microsoft.com/security/blog/2019/04/10/analysis-of-a-targeted-attack-exploiting-the-winrar-cve-2018-20250-vulnerability/
https://www.microsoft.com/security/blog/2019/04/10/analysis-of-a-targeted-attack-exploiting-the-winrar-cve-2018-20250-vulnerability/
Microsoft Security Blog
Analysis of a targeted attack exploiting the WinRAR CVE-2018-20250 vulnerability | Microsoft Security Blog
A complex attack chain incorporating the CVE-2018-20250 exploit and multiple code execution techniques attempted to run a fileless PowerShell backdoor that could allow an adversary to take full control of compromised machines.
DACL Permissions Overwrite Privilege Escalation (CVE-2019-0841)
https://krbtgt.pw/dacl-permissions-overwrite-privilege-escalation-cve-2019-0841/
https://krbtgt.pw/dacl-permissions-overwrite-privilege-escalation-cve-2019-0841/
got 0day?
DACL Permissions Overwrite Privilege Escalation (CVE-2019-0841)
TL;DR This vulnerability allows low privileged users to hijack file that are owned by NT AUTHORITY\SYSTEM by overwriting permissions on the targeted file. Successful exploitation results in "Full Control" permissions for the low privileged user. Intro…
Dragonblood: A Security Analysis of WPA3’s SAE Handshake
https://papers.mathyvanhoef.com/dragonblood.pdf
https://papers.mathyvanhoef.com/dragonblood.pdf
Forwarded from r0 Crew (Channel)
Chrome 1-day RCE PoC (Array.prototype.map)
https://blog.exodusintel.com/2019/04/03/a-window-of-opportunity/
#re #expdev #rce #1day #browser #darw1n
https://blog.exodusintel.com/2019/04/03/a-window-of-opportunity/
#re #expdev #rce #1day #browser #darw1n
Exodus Intelligence
A window of opportunity: exploiting a Chrome 1day vulnerability
This post explores the possibility of developing a working exploit for a vulnerability already patched in the v8 source tree before the fix makes it into a stable Chrome release.
AV WARS: Fighting fire with fire [AV Bypass Technique]
https://www.komodosec.com/post/av-wars-fighting-fire-with-fire
https://www.komodosec.com/post/av-wars-fighting-fire-with-fire
Komodo Cyber
AV WARS: Fighting fire with fire [AV Bypass Technique]
Back when I started doing red team engagements for Komodo, bypassing AV solutions was quick and trivial, almost a ‘non-brainer.’ Just change some strings, recompile and you’re golden. However, over the last few years, things have changed. AV’s and other endpoint…