Linux systems running LXD are vulnerable to privilege escalation via multiple attack paths, two of which are published in my “lxd_root” GitHub repository. This blog will go into the details of what I think is a very interesting path - abusing relayed UNIX…

Abstract I was recently busy doing some reverse on an antivirus solution. During this review, I figured out the Windows 10 Task Schedul...

TL;DR Link to heading You can run an arbitrary command on a VMware Fusion guest VM through a website without any priory knowledge. Basically VMware Fusion is starting up a websocket listening only on the localhost. You can fully control all the VMs (also…

Hi everyone,

ESET sheds light on commands used by the favorite backdoor of the Sednit group

Machinae Security Intelligence Collector. Contribute to HurricaneLabs/machinae development by creating an account on GitHub.

In this article we will explain how to develop Apache modules to be used in Red Team operations. Backdoors in Apache2.

🧠 🦠 An artificial neural network and API to detect Windows malware, based on Ergo and LIEF. - GitHub - evilsocket/ergo-pe-av: 🧠 🦠 An artificial neural network and API to detect Windows malware, bas...

INTRODUCTION

A medley of PoCs and exploits. Contribute to tarafans/collections development by creating an account on GitHub.

Implementation of TraFix (automatic trainable decompiler based on NMT) as published in ArXiv - omerktz/TraFix

A while ago I started a project for managing real-word web honeypots. I initially built it to manage some WordPress honeypots but after…

MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. MemoryRanger has been presented at the BlackHat, HITB, CDFSL....

Leaders in Information Security

Proof of concept for CVE-2019-0708. Contribute to Ekultek/BlueKeep development by creating an account on GitHub.