Facebook Messenger Worm
https://www.kernelmode.info/forum/viewtopic.php?p=32871
https://www.kernelmode.info/forum/viewtopic.php?p=32871
modDetective
modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity.
https://github.com/itsKindred/modDetective
modDetective is a small Python tool that chronologizes files based on modification time in order to investigate recent system activity.
https://github.com/itsKindred/modDetective
Awesome-Advanced-Windows-Exploitation-References
List of Awesome Advanced Windows Exploitation References
https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
List of Awesome Advanced Windows Exploitation References
https://github.com/yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
GitHub
GitHub - yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References: List of Awesome Advanced Windows Exploitation References
List of Awesome Advanced Windows Exploitation References - yeyintminthuhtut/Awesome-Advanced-Windows-Exploitation-References
Remote Code Execution on most Dell computers
https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/
https://d4stiny.github.io/Remote-Code-Execution-on-most-Dell-computers/
Bill Demirkapi's Blog
Remote Code Execution on most Dell computers
What computer do you use? Who made it? Have you ever thought about what came with your computer? When we think of Remote Code Execution (RCE) vulnerabilities in mass, we might think of vulnerabilities in the operating system, but another attack vector to…
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL)
https://github.com/jrentenaar/Office-365-Extractor
https://github.com/jrentenaar/Office-365-Extractor
GitHub
GitHub - JoeyRentenaar/Office-365-Extractor: The Office 365 Extractor is a tool that allows for complete and reliable extraction…
The Office 365 Extractor is a tool that allows for complete and reliable extraction of the Unified Audit Log (UAL) - JoeyRentenaar/Office-365-Extractor
Обзор инструментов и описание подходов для кластеризации зловредов
https://docs.google.com/presentation/d/1g8_9SKSDYtCaJgRw_cJd8a88KPKShhPZRnBB39ZQEIM/edit#slide=id.g511833902d_0_153
https://docs.google.com/presentation/d/1g8_9SKSDYtCaJgRw_cJd8a88KPKShhPZRnBB39ZQEIM/edit#slide=id.g511833902d_0_153
Google Docs
All malwares are equals, but some malware are more equals than others
All malwares are equals, but some malware are more equals than others Joxean Koret
Forwarded from Noise Security Bit
А вот и полная версия слайдов https://github.com/0xAlexei/INFILTRATE2019/blob/master/INFILTRATE%20Ghidra%20Slides.pdf
GitHub
INFILTRATE2019/INFILTRATE Ghidra Slides.pdf at master · 0xAlexei/INFILTRATE2019
INFILTRATE 2019 Demo Materials. Contribute to 0xAlexei/INFILTRATE2019 development by creating an account on GitHub.
EE | Android App Reverse Engineering 101 | https://maddiestone.github.io/AndroidAppRE/
Throwing 500 vm's at your fuzzing target being an individual security researcher
https://kciredor.com/throwing-500-vms-fuzzing-target-individual-security-researcher.html
https://kciredor.com/throwing-500-vms-fuzzing-target-individual-security-researcher.html
kciredor’s information security blog
Throwing 500 vm’s at your fuzzing target being an individual security researcher
Adobe Reader progress One year ago I blogged about my many attempts and failures at fuzzing Adobe Reader and finding exploitable security issues.
Армия обороны Израиля нанесла удар по зданию, откуда предположительно проводились кибер атаки со стороны ХАМАС.
https://twitter.com/idf/status/1125066395010699264?s=21
https://twitter.com/idf/status/1125066395010699264?s=21
Twitter
Israel Defense Forces
CLEARED FOR RELEASE: We thwarted an attempted Hamas cyber offensive against Israeli targets. Following our successful cyber defensive operation, we targeted a building where the Hamas cyber operatives work. HamasCyberHQ.exe has been removed.
VMware Fusion 11 - Guest VM RCE - CVE-2019-5514
https://theevilbit.github.io/posts/vmware_fusion_11_guest_vm_rce_cve-2019-5514/
https://theevilbit.github.io/posts/vmware_fusion_11_guest_vm_rce_cve-2019-5514/
theevilbit.github.io
CVE-2019-5514 - VMware Fusion 11 - Guest VM RCE
TL;DR Link to heading You can run an arbitrary command on a VMware Fusion guest VM through a website without any priory knowledge. Basically VMware Fusion is starting up a websocket listening only on the localhost. You can fully control all the VMs (also…
Evil Clippy: MS Office maldoc assistant
https://outflank.nl/blog/2019/05/05/evil-clippy-ms-office-maldoc-assistant/
https://outflank.nl/blog/2019/05/05/evil-clippy-ms-office-maldoc-assistant/
autoBOF: a Journey into Automation, Exploit Development, and Buffer Overflows
https://0x00sec.org/t/autobof-a-journey-into-automation-exploit-development-and-buffer-overflows/13415
https://0x00sec.org/t/autobof-a-journey-into-automation-exploit-development-and-buffer-overflows/13415