Hacking GitHub with Unicode's dotless 'i'.
https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/
https://eng.getwisdom.io/hacking-github-with-unicode-dotless-i/
Operation Wocao: Shining a light on one of China’s hidden hacking groups
https://www.fox-it.com/en/news/whitepapers/operation-wocao-shining-a-light-on-one-of-chinas-hidden-hacking-groups/
https://www.fox-it.com/en/news/whitepapers/operation-wocao-shining-a-light-on-one-of-chinas-hidden-hacking-groups/
POPPOPRET-nullbyte-DLL-bypass
A method to bypass a null byte in a POP-POP-RETN address for exploiting local SEH overflows via DLL injection
https://github.com/FULLSHADE/POPPOPRET-nullbyte-DLL-bypass
A method to bypass a null byte in a POP-POP-RETN address for exploiting local SEH overflows via DLL injection
https://github.com/FULLSHADE/POPPOPRET-nullbyte-DLL-bypass
From dropbox(updater) to NT AUTHORITY\SYSTEM
https://decoder.cloud/2019/12/18/from-dropboxupdater-to-nt-authoritysystem/
https://decoder.cloud/2019/12/18/from-dropboxupdater-to-nt-authoritysystem/
Decoder's Blog
From dropbox(updater) to NT AUTHORITY\SYSTEM
Hardlinks again! Yes, there are plenty of opportunities to raise your privileges due to incorrect permissions settings when combined with hardlinks in many softwares (MS included) ;-) In this post…
Using WebRTC ICE Servers for Port Scanning in Chrome
https://medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474
https://medium.com/tenable-techblog/using-webrtc-ice-servers-for-port-scanning-in-chrome-ce17b19dd474
Medium
Using WebRTC ICE Servers for Port Scanning in Chrome
To everything (TURN! TURN! TURN!)
Powershell for exploitation and post exploitation
https://www.peerlyst.com/posts/powershell-for-exploitation-and-post-exploitation-david-dunmore
https://www.peerlyst.com/posts/powershell-for-exploitation-and-post-exploitation-david-dunmore
Forwarded from r0 Crew (Channel)
fn_fuzzy.py - IDAPython script for fast multiple binary diffing triage https://github.com/TakahiroHaruyama/ida_haru/tree/master/fn_fuzzy #reverse #ida #dukeBarman
GitHub
ida_haru/fn_fuzzy at master · TakahiroHaruyama/ida_haru
scripts/plugins for IDA Pro. Contribute to TakahiroHaruyama/ida_haru development by creating an account on GitHub.
Active Directory Visualization for Blue Teams and Threat Hunters
https://www.praetorian.com/blog/active-directory-visualization-for-blue-teams-and-threat-hunters
https://www.praetorian.com/blog/active-directory-visualization-for-blue-teams-and-threat-hunters
Praetorian
Active Directory Visualization for Blue Teams and Threat Hunters | Praetorian
As a network defender, it can be easy to attribute a certain degree of omnipotence to attackers. Advanced threats have an uncanny knack for figuring out how to move through an environment without regards for passwords, roles, permissions, or what “should”…
Automated Tactics Techniques & Procedures. Re-running complex sequences manually for regression tests, product evaluations, generate data for researchers & so on can be tedious
https://github.com/jymcheong/AutoTTP/blob/master/README.md
https://github.com/jymcheong/AutoTTP/blob/master/README.md
GitHub
jymcheong/AutoTTP
Automated Tactics Techniques & Procedures. Contribute to jymcheong/AutoTTP development by creating an account on GitHub.
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
https://googleprojectzero.blogspot.com/2020/01/remote-iphone-exploitation-part-1.html
Blogspot
Remote iPhone Exploitation Part 1: Poking Memory via iMessage and CVE-2019-8641
Posted by Samuel Groß, Project Zero Introduction This is the first blog post in a three-part series that will detail how a vulnerability...
Игровые античит движки начали внедрять техники определения работы под гипервизором на основе временных лагов
https://vmcall.blog/battleye-hypervisor-detection/
https://vmcall.blog/battleye-hypervisor-detection/