COModo: From Sandbox to SYSTEM (CVE-2019–3969)
https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
https://medium.com/tenable-techblog/comodo-from-sandbox-to-system-cve-2019-3969-b6a34cc85e67
Medium
COModo: From Sandbox to SYSTEM (CVE-2019–3969)
Antivirus (AV) is a great target for vulnerability hunting: Large attack surface, complex parsing, and various components executing with…
Интересные offensive наработки на C#
https://github.com/FuzzySecurity/Sharp-Suite
https://github.com/FuzzySecurity/Sharp-Suite
GitHub
GitHub - FuzzySecurity/Sharp-Suite: Also known by Microsoft as Knifecoat :hot_pepper:
Also known by Microsoft as Knifecoat :hot_pepper:. Contribute to FuzzySecurity/Sharp-Suite development by creating an account on GitHub.
Forwarded from r0 Crew (Channel)
Apple bleee. Everyone knows What Happens on Your iPhone https://hexway.io/blog/apple-bleee/ #pentest #ios
A Deep Dive into XXE Injection
https://www.synack.com/blog/a-deep-dive-into-xxe-injection/
https://www.synack.com/blog/a-deep-dive-into-xxe-injection/
11 Zero Day Vulnerabilities Impacting VxWorks, the Most Widely Used Real-Time Operating System (RTOS)
https://armis.com/urgent11/
https://armis.com/urgent11/
A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting
https://github.com/AdrianVollmer/PowerHub/
https://github.com/AdrianVollmer/PowerHub/
GitHub
GitHub - AdrianVollmer/PowerHub: A post exploitation tool based on a web application, focusing on bypassing endpoint protection…
A post exploitation tool based on a web application, focusing on bypassing endpoint protection and application whitelisting - AdrianVollmer/PowerHub
Forwarded from r0 Crew (Channel)
All videos from "Objective by the Sea, v2.0" were uploaded https://www.youtube.com/playlist?list=PLliknDIoYszvTDaWyTh6SYiTccmwOsws8 #conference #obts #dukeBarman
YouTube
Objective by the Sea, v2.0
Monaco, June 2019
iMessage URL Deserializing Heap Overflow
https://blog.firosolutions.com/exploits/imessage/
https://blog.firosolutions.com/exploits/imessage/
Firo Solutions
iMessage URL Deserializing Heap Overflow
Исследование бортовой авионики Boeing
https://i.blackhat.com/USA-19/Wednesday/us-19-Santamarta-Arm-IDA-And-Cross-Check-Reversing-The-787-Core-Network.pdf
https://i.blackhat.com/USA-19/Wednesday/us-19-Santamarta-Arm-IDA-And-Cross-Check-Reversing-The-787-Core-Network.pdf
Bypassing the Maginot Line:
Remotely Exploit the Hardware Decoder
on Smartphone
https://i.blackhat.com/USA-19/Wednesday/us-19-Gong-Bypassing-The-Maginot-Line-Remotely-Exploit-The-Hardware-Decoder-On-Smartphone.pdf
Remotely Exploit the Hardware Decoder
on Smartphone
https://i.blackhat.com/USA-19/Wednesday/us-19-Gong-Bypassing-The-Maginot-Line-Remotely-Exploit-The-Hardware-Decoder-On-Smartphone.pdf
Forwarded from r0 Crew (Channel)
Building a custom malware sandbox with PANDA - Part 1 https://adalogics.com/blog/Building-a-custom-malware-sandbox-with-PANDA-Part-1 #reverse #malware #dukeBarman