Forwarded from r0 Crew (Channel)
"Leveraging KVM as a debugging platform" https://drive.google.com/file/d/1nFoCM62BWKSz2TKhNkrOjVwD8gP51VGK/view #debugger #hacklu #dukeBarman
pythonfuzz
coverage guided fuzz testing for python https://fuzzit.dev
https://github.com/fuzzitdev/pythonfuzz
coverage guided fuzz testing for python https://fuzzit.dev
https://github.com/fuzzitdev/pythonfuzz
Gitlab
Security Compliance
GitLab application security testing for SAST, DAST, Dependency scanning, Container Scanning and more within the DevSecOps CI pipeline with vulnerability management and compliance.
Proof of Concept for "Wordpress <=5.2.3: viewing unauthenticated posts"
https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/
https://0day.work/proof-of-concept-for-wordpress-5-2-3-viewing-unauthenticated-posts/
0day.work
Proof of Concept for \
A couple of days Wordpress released 5.2.4 with a few security patches. Props to J.D. Grimes who found and disclosed a method of viewing unauthenticated posts. caught my attention, but I couldn’t find a public Proof of Concept, so I set out to reverse engineer…
Let's Make Windows Defender Angry: Antivirus can be an oracle!
https://speakerdeck.com/icchy/lets-make-windows-defender-angry-antivirus-can-be-an-oracle
https://speakerdeck.com/icchy/lets-make-windows-defender-angry-antivirus-can-be-an-oracle
Speaker Deck
Let's Make Windows Defender Angry: Antivirus can be an oracle!
A presentation about AVOracle (AntiVirus Oracle) at CODE BLUE 2019 U25 track (https://codeblue.jp/2019/en/talks/?content=talks_23)
Japanese version: ht…
Japanese version: ht…
Forwarded from r0 Crew (Channel)
Solving iOS UnCrackable 1 Crackme Without Using an iOS Device https://serializethoughts.com/2019/10/28/solving-mstg-crackme-angr #ios #CTF #dukeBarman
serializethoughts
Solving iOS UnCrackable 1 Crackme Without Using an iOS Device
TL;DR: iOS UnCrackable Level 1 crackme application can be solved without using an iOS device using Angr’s dynamic execution engine.
Разбор и IOC'и Lazarus (Северная Корея) за октябрь 2019
https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/North%20Korea/APT/Lazarus/23-10-19/analysis.md
https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/North%20Korea/APT/Lazarus/23-10-19/analysis.md
GitHub
StrangerealIntel/CyberThreatIntel
Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups - StrangerealIntel/CyberThreatIntel
Описание устройства AppLocker
https://tyranidslair.blogspot.com/2019/11/the-internals-of-applocker-part-1.html
https://tyranidslair.blogspot.com/2019/11/the-internals-of-applocker-part-1.html
www.tiraniddo.dev
The Internals of AppLocker - Part 1 - Overview and Setup
This is part 1 in a short series on the internals of AppLocker (AL). Part 2 is here , part 3 here and part 4 here . AppLocker (AL) is...
Разбор LPE в Symantec Endpoint Protection
https://posts.specterops.io/cve-2019-12757-local-privilege-escalation-in-symantec-endpoint-protection-1f7fd5c859c6
https://posts.specterops.io/cve-2019-12757-local-privilege-escalation-in-symantec-endpoint-protection-1f7fd5c859c6
Medium
CVE-2019–12757: Local Privilege Escalation in Symantec Endpoint Protection
Symantec Endpoint Protection Version: 14.2 RU1 Build 3335 (14.2.3335.1000) and below Operating System Tested On: Windows 10 1803 x64
Forwarded from r0 Crew (Channel)
A Collection of Chrome Sandbox Escape POCs/Exploits for learning https://github.com/allpaca/chrome-sbx-db #exploit #dukeBarman
GitHub
GitHub - allpaca/chrome-sbx-db: A Collection of Chrome Sandbox Escape POCs/Exploits for learning
A Collection of Chrome Sandbox Escape POCs/Exploits for learning - allpaca/chrome-sbx-db
fzero_fuzzer
A fast Rust-based safe and thead-friendly grammar-based fuzz generator
https://github.com/gamozolabs/fzero_fuzzer
A fast Rust-based safe and thead-friendly grammar-based fuzz generator
https://github.com/gamozolabs/fzero_fuzzer
GitHub
GitHub - gamozolabs/fzero_fuzzer: A fast Rust-based safe and thead-friendly grammar-based fuzz generator
A fast Rust-based safe and thead-friendly grammar-based fuzz generator - gamozolabs/fzero_fuzzer
DEEPWARE SCANNER - сканер deepfake'ов
https://www.deepware.ai
https://www.deepware.ai
deepware.ai
Deepware | Scan & Detect Deepfake Videos
Scan & Detect Deepfake Videos Scan a suspicious video to find out if it's synthetically manipulated.Contact Us for on-premise solutions. GO TO SCANNER Enemy at the Gates Cybersecurity faces an emerging threat generally known as deepfakes. Malicious uses of…
Forwarded from r0 Crew (Channel)
Extending Ghidra: from Script to Plugins and Beyond https://vimeo.com/377180466 #ghidra #reverse #dukeBarman
Vimeo
Mike Bell: Extending Ghidra: from Script to Plugins and Beyond
Mike Bell speaking at the Jailbreak Brewing Company Security Summit on Friday, October 11, 2019. In this talk, Mike will explore the many ways to extend Ghidra.…