A medley of PoCs and exploits. Contribute to tarafans/collections development by creating an account on GitHub.

Implementation of TraFix (automatic trainable decompiler based on NMT) as published in ArXiv - omerktz/TraFix

A while ago I started a project for managing real-word web honeypots. I initially built it to manage some WordPress honeypots but after…

MemoryRanger protects kernel data and code by running drivers and hosting data in isolated kernel enclaves using VT-x and EPT features. MemoryRanger has been presented at the BlackHat, HITB, CDFSL....

Leaders in Information Security

Proof of concept for CVE-2019-0708. Contribute to Ekultek/BlueKeep development by creating an account on GitHub.

This blog post describes an example practical application of the ‘HTTP 301 Cache Poisoning” attack that can be used by a malicious Tor exit node to disclose real IP address of chosen clients.

A vulnerability in all versions of the Docker platform can give an attacker full read and write access to the host file system.

This tutorial forms a part of a new series which will concentrate on some of the non-GUI related issues in Windows programming. The subject of this tutorial will be the CreateProcess win32 API call. The tutorial is split into several sections, each one describing…

In this post, we’re going to take a quick look at Frida and use it to steel credentials from KeePass.

Reverse engineering software using a full system simulator - mfthomps/RESim

New #APT34 tool leaked. “Jason” #infosec #malware

This post walks through the discovery process of the NVIDIA GeForce Experience OS command injection vulnerability, assigned to CVE-2019-5678.

Introduction Previous Research AMSI Example in C AMSI Context AMSI Initialization AMSI Scanning CLR Implementation of AMSI AMSI Bypass A (Patching Data) AMSI Bypass B (Patching Code 1) AMSI Bypass …

Backward Compatibility is Hard, and so is Stacked Impersonation by Simon Raner and Mitja Kolsek, the 0patch Team [Update 6/12/201...