Forwarded from r0 Crew (Channel)
All videos from "Objective by the Sea, v2.0" were uploaded https://www.youtube.com/playlist?list=PLliknDIoYszvTDaWyTh6SYiTccmwOsws8 #conference #obts #dukeBarman
YouTube
Objective by the Sea, v2.0
Monaco, June 2019
iMessage URL Deserializing Heap Overflow
https://blog.firosolutions.com/exploits/imessage/
https://blog.firosolutions.com/exploits/imessage/
Firo Solutions
iMessage URL Deserializing Heap Overflow
Исследование бортовой авионики Boeing
https://i.blackhat.com/USA-19/Wednesday/us-19-Santamarta-Arm-IDA-And-Cross-Check-Reversing-The-787-Core-Network.pdf
https://i.blackhat.com/USA-19/Wednesday/us-19-Santamarta-Arm-IDA-And-Cross-Check-Reversing-The-787-Core-Network.pdf
Bypassing the Maginot Line:
Remotely Exploit the Hardware Decoder
on Smartphone
https://i.blackhat.com/USA-19/Wednesday/us-19-Gong-Bypassing-The-Maginot-Line-Remotely-Exploit-The-Hardware-Decoder-On-Smartphone.pdf
Remotely Exploit the Hardware Decoder
on Smartphone
https://i.blackhat.com/USA-19/Wednesday/us-19-Gong-Bypassing-The-Maginot-Line-Remotely-Exploit-The-Hardware-Decoder-On-Smartphone.pdf
Forwarded from r0 Crew (Channel)
Building a custom malware sandbox with PANDA - Part 1 https://adalogics.com/blog/Building-a-custom-malware-sandbox-with-PANDA-Part-1 #reverse #malware #dukeBarman
Gaining code execution using a malicious SQLite database
https://research.checkpoint.com/select-code_execution-from-using-sqlite/
https://research.checkpoint.com/select-code_execution-from-using-sqlite/
Check Point Research
SELECT code_execution FROM * USING SQLite; - Check Point Research
Gaining code execution using a malicious SQLite database Research By: Omer Gull tl;dr SQLite is one of the most deployed software in the world. However, from a security perspective, it has only been examined through the lens of WebSQL and browser exploitation.…
Поиск уязвимых драйверов в Windows
https://eclypsium.com/wp-content/uploads/2019/08/EXTERNAL-Get-off-the-kernel-if-you-cant-drive-DEFCON27.pdf
https://eclypsium.com/wp-content/uploads/2019/08/EXTERNAL-Get-off-the-kernel-if-you-cant-drive-DEFCON27.pdf
Инструмент для поиска уязвимостей с помощью символьного исполнения. Ориентирован на работу с прошивками и небольшим объемом анализируемого кода.
https://github.com/ChrisTheCoolHut/Firmware_Slap
https://github.com/ChrisTheCoolHut/Firmware_Slap
GitHub
GitHub - ChrisTheCoolHut/Firmware_Slap: Discovering vulnerabilities in firmware through concolic analysis and function clustering.
Discovering vulnerabilities in firmware through concolic analysis and function clustering. - ChrisTheCoolHut/Firmware_Slap
Alaid TechThread
Инструмент для поиска уязвимостей с помощью символьного исполнения. Ориентирован на работу с прошивками и небольшим объемом анализируемого кода. https://github.com/ChrisTheCoolHut/Firmware_Slap
Техника обхода CIG в Windows путем манипуляции c хэндлами
https://tyranidslair.blogspot.com/2019/08/windows-code-injection-bypassing-cig.html
https://tyranidslair.blogspot.com/2019/08/windows-code-injection-bypassing-cig.html
Blogspot
Windows Code Injection: Bypassing CIG Through KnownDlls
TL;DR; This blog post describes a technique to inject a DLL into a process using only Duplicate Handle process access (caveats apply) which ...
Очередной инструмент для автоматизации OSINT. Работает на основе https://opendata.rapid7.com
https://github.com/tg12/rapid7_OSINT
https://github.com/tg12/rapid7_OSINT
Rapid7 Open Data
Offering researchers and partners access to data from Project Sonar, which conducts internet-wide surveys to gain insights into global exposure to common vulnerabilities.