Подборка однострочников для проведения атак в Windows инфраструктуре
https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/amp/
https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/amp/
arno0x0x
Windows oneliners to download remote payload and execute arbitrary code
In the wake of the recent buzz and trend in using DDE for executing arbitrary command lines and eventually compromising a system, I asked myself « what are the coolest command lines an a…
Forwarded from Noise Security Bit (dukeBarman)
Автор capstone анонсировал новый проект Qiling https://github.com/qilingframework/qiling Это фреймворк на базе Unicorn для эмуляции в изолированной среде исполняемых файлов популярных форматов: PE, MachO, ELF. Помимо этого заявлена поддержка следующих архитектур: X86, X86_64, Arm, Arm64, Mips. В комплекте к фреймворку идет утилита qltool, которую можно использовать для эмуляции тех же шеллкодов.
GitHub
GitHub - qilingframework/qiling: A True Instrumentable Binary Emulation Framework
A True Instrumentable Binary Emulation Framework. Contribute to qilingframework/qiling development by creating an account on GitHub.
C++ библиотка с техниками внедрения кода в процессы для Windows 10 x64
https://github.com/SafeBreach-Labs/pinjectra
https://github.com/SafeBreach-Labs/pinjectra
GitHub
GitHub - SafeBreach-Labs/pinjectra: Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus…
Pinjectra is a C/C++ OOP-like library that implements Process Injection techniques (with focus on Windows 10 64-bit) - SafeBreach-Labs/pinjectra
Откртый инструмент для отслеживания изменений и новых образцов различных угроз. Для работы требуется описать протокол сетевого взаимодействия вредоноса.
https://github.com/intezer/MoP/
https://github.com/intezer/MoP/
GitHub
GitHub - intezer/MoP: MoP - "Master of Puppets" - Advanced malware tracking framework
MoP - "Master of Puppets" - Advanced malware tracking framework - GitHub - intezer/MoP: MoP - "Master of Puppets" - Advanced malware tracking framework
Forwarded from r0 Crew (Channel)
BinDiff wrapper script for multiple binary diffing https://github.com/TakahiroHaruyama/ida_haru/tree/master/bindiff #reverse #dukeBarman
GitHub
ida_haru/bindiff at master · TakahiroHaruyama/ida_haru
scripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.
Forwarded from r0 Crew (Channel)
lpe is a collection of verified Linux kernel exploits https://github.com/jollheef/lpe #exploit #dukeBarman
GitHub
GitHub - jollheef/lpe: collection of verified Linux kernel exploits
collection of verified Linux kernel exploits. Contribute to jollheef/lpe development by creating an account on GitHub.
Forwarded from r0 Crew (Channel)
DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables https://github.com/googleprojectzero/DrSancov #fuzzing #dukeBarman
GitHub
GitHub - googleprojectzero/DrSancov: DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables
DynamoRIO plugin to get ASAN and SanitizerCoverage compatible output for closed-source executables - googleprojectzero/DrSancov
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits
https://github.com/mwrlabs/c3
https://github.com/mwrlabs/c3
GitHub
GitHub - WithSecureLabs/C3: Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still…
Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits. - WithSecureLabs/C3
Применение SMT решателей для аудита веб-приложений
https://alephsecurity.com/2019/09/02/Z3-for-webapp-security/
https://alephsecurity.com/2019/09/02/Z3-for-webapp-security/
Alephsecurity
Breaking Algorithms - SMT Solvers for WebApp Security
(0Day) Google Android v4l2 Double Free Privilege Escalation Vulnerability
| https://www.zerodayinitiative.com/advisories/ZDI-19-780/
| https://www.zerodayinitiative.com/advisories/ZDI-19-780/
Zerodayinitiative
ZDI-19-780
(0Day) Google Android v4l2 Double Free Privilege Escalation Vulnerability
Разбор эксплоита для уязвимости BlueKeep
https://www.malwaretech.com/2019/09/bluekeep-a-journey-from-dos-to-rce-cve-2019-0708.html
https://www.malwaretech.com/2019/09/bluekeep-a-journey-from-dos-to-rce-cve-2019-0708.html
Malwaretech
BlueKeep: A Journey from DoS to RCE (CVE-2019-0708) – MalwareTech
Due to the serious risk of a BlueKeep based worm, I’ve held back this write-up to avoid advancing the timeline. Now that a proof-of-concept for RCE (remote code execution) has been release as part of Metasploit, i feel it’s now safe for me to post this.
Forwarded from r0 Crew (Channel)
CPP+Dynamic+Type+Recovery.pdf
1.1 MB
Automation Techniques in C++ Reverse Engineering https://www.msreverseengineering.com/blog/2019/8/5/automation-techniques-in-c-reverse-engineering #re #cpp #darw1n
Using TensorFlow / machine learning for automated RF side-channel attack classification
https://leveldown.de/blog/tensorflow-sidechannel-analysis/
https://leveldown.de/blog/tensorflow-sidechannel-analysis/
leveldown.de
Using TensorFlow / machine learning for automated RF side-channel attack classification
In the wallet.fail presentation at 35C3 we (Thomas Roth, Josh Datko, Dmitry Nedospasov) presented multiple vulnerabilities in modern hardware wallets, one of which was an RF side-channel attack on the Ledger Blue cryptocurrency wallet: It was found that when…
Анализ последних сэмплов, используемых в атаках APT OceanLotus на Китай
https://www.antiy.net/p/the-latest-sample-analysis-of-oceanlotus-apt-attacks-against-china/
https://www.antiy.net/p/the-latest-sample-analysis-of-oceanlotus-apt-attacks-against-china/