Let's Make Windows Defender Angry: Antivirus can be an oracle!
https://speakerdeck.com/icchy/lets-make-windows-defender-angry-antivirus-can-be-an-oracle
https://speakerdeck.com/icchy/lets-make-windows-defender-angry-antivirus-can-be-an-oracle
Speaker Deck
Let's Make Windows Defender Angry: Antivirus can be an oracle!
A presentation about AVOracle (AntiVirus Oracle) at CODE BLUE 2019 U25 track (https://codeblue.jp/2019/en/talks/?content=talks_23)
Japanese version: ht…
Japanese version: ht…
Forwarded from r0 Crew (Channel)
Solving iOS UnCrackable 1 Crackme Without Using an iOS Device https://serializethoughts.com/2019/10/28/solving-mstg-crackme-angr #ios #CTF #dukeBarman
serializethoughts
Solving iOS UnCrackable 1 Crackme Without Using an iOS Device
TL;DR: iOS UnCrackable Level 1 crackme application can be solved without using an iOS device using Angr’s dynamic execution engine.
Разбор и IOC'и Lazarus (Северная Корея) за октябрь 2019
https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/North%20Korea/APT/Lazarus/23-10-19/analysis.md
https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/North%20Korea/APT/Lazarus/23-10-19/analysis.md
GitHub
StrangerealIntel/CyberThreatIntel
Analysis of malware and Cyber Threat Intel of APT and cybercriminals groups - StrangerealIntel/CyberThreatIntel
Описание устройства AppLocker
https://tyranidslair.blogspot.com/2019/11/the-internals-of-applocker-part-1.html
https://tyranidslair.blogspot.com/2019/11/the-internals-of-applocker-part-1.html
www.tiraniddo.dev
The Internals of AppLocker - Part 1 - Overview and Setup
This is part 1 in a short series on the internals of AppLocker (AL). Part 2 is here , part 3 here and part 4 here . AppLocker (AL) is...
Разбор LPE в Symantec Endpoint Protection
https://posts.specterops.io/cve-2019-12757-local-privilege-escalation-in-symantec-endpoint-protection-1f7fd5c859c6
https://posts.specterops.io/cve-2019-12757-local-privilege-escalation-in-symantec-endpoint-protection-1f7fd5c859c6
Medium
CVE-2019–12757: Local Privilege Escalation in Symantec Endpoint Protection
Symantec Endpoint Protection Version: 14.2 RU1 Build 3335 (14.2.3335.1000) and below Operating System Tested On: Windows 10 1803 x64
Forwarded from r0 Crew (Channel)
A Collection of Chrome Sandbox Escape POCs/Exploits for learning https://github.com/allpaca/chrome-sbx-db #exploit #dukeBarman
GitHub
GitHub - allpaca/chrome-sbx-db: A Collection of Chrome Sandbox Escape POCs/Exploits for learning
A Collection of Chrome Sandbox Escape POCs/Exploits for learning - allpaca/chrome-sbx-db
fzero_fuzzer
A fast Rust-based safe and thead-friendly grammar-based fuzz generator
https://github.com/gamozolabs/fzero_fuzzer
A fast Rust-based safe and thead-friendly grammar-based fuzz generator
https://github.com/gamozolabs/fzero_fuzzer
GitHub
GitHub - gamozolabs/fzero_fuzzer: A fast Rust-based safe and thead-friendly grammar-based fuzz generator
A fast Rust-based safe and thead-friendly grammar-based fuzz generator - gamozolabs/fzero_fuzzer
DEEPWARE SCANNER - сканер deepfake'ов
https://www.deepware.ai
https://www.deepware.ai
deepware.ai
Deepware | Scan & Detect Deepfake Videos
Scan & Detect Deepfake Videos Scan a suspicious video to find out if it's synthetically manipulated.Contact Us for on-premise solutions. GO TO SCANNER Enemy at the Gates Cybersecurity faces an emerging threat generally known as deepfakes. Malicious uses of…
Forwarded from r0 Crew (Channel)
Extending Ghidra: from Script to Plugins and Beyond https://vimeo.com/377180466 #ghidra #reverse #dukeBarman
Vimeo
Mike Bell: Extending Ghidra: from Script to Plugins and Beyond
Mike Bell speaking at the Jailbreak Brewing Company Security Summit on Friday, October 11, 2019. In this talk, Mike will explore the many ways to extend Ghidra.…
What I Learned from Reverse Engineering Windows Containers
https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/
https://unit42.paloaltonetworks.com/what-i-learned-from-reverse-engineering-windows-containers/
Unit 42
What I Learned from Reverse Engineering Windows Containers
Our researcher provides an overview on containers - starting with their Linux history - and shows the different implementations of containers in Windows, how they work and the security pitfalls that may occur.
From iPhone to NT AUTHORITY\SYSTEM
https://decoder.cloud/2019/12/12/from-iphone-to-nt-authoritysystem/
https://decoder.cloud/2019/12/12/from-iphone-to-nt-authoritysystem/
Decoder's Blog
From iPhone to NT AUTHORITY\SYSTEM
As promised in my previous post , I will show you how to exploit the “Printconfig” dll with a real world example. But what does Apple’s iPhone have to do with it?? Well, keep on r…
Persistence – Office Application Startup
https://pentestlab.blog/2019/12/11/persistence-office-application-startup/
https://pentestlab.blog/2019/12/11/persistence-office-application-startup/
Penetration Testing Lab
Persistence – Office Application Startup
Microsoft Office is the most popular product in Windows operating systems since it allows users to write and edit documents, create and present slides, gather notes, sent emails and perform calcula…