Polypyus learns to locate functions in raw binaries by extracting known functions from similar binaries. Thus, it is a firmware historian. Polypyus works without disassembling these binaries, which is an advantage for binaries that are complex to disassemble and where common tools miss functions. In addition, the binary-only approach makes it very fast and run within a few seconds.
https://github.com/seemoo-lab/polypyus
https://github.com/seemoo-lab/polypyus
GitHub
GitHub - seemoo-lab/polypyus
Contribute to seemoo-lab/polypyus development by creating an account on GitHub.
Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia
https://www.offensiveosint.io/offensive-osint-s01e03-intelligence-gathering-on-critical-infrastructure-in-southeast-asia/
https://www.offensiveosint.io/offensive-osint-s01e03-intelligence-gathering-on-critical-infrastructure-in-southeast-asia/
Offensive OSINT
Offensive OSINT s01e04 - Intelligence gathering on critical infrastructure in Southeast Asia
This is the second part of my investigation into critical infrastructure around
the world. This article should have been a presentation on ICS Conference in
Singapore, however due to Coronavirus it will be a virtual event. I'm not
interested in participating…
the world. This article should have been a presentation on ICS Conference in
Singapore, however due to Coronavirus it will be a virtual event. I'm not
interested in participating…
Defeating ASLR Part 1
https://bkaraceylan.github.io/hack/binary-exploitation/2020/05/01/defeating-aslr-part-1.html
https://bkaraceylan.github.io/hack/binary-exploitation/2020/05/01/defeating-aslr-part-1.html
Your awesome title
Defeating ASLR Part I
Second part of this series contains the exploitation process. This is the first post of a two part series. In this post we’re going to learn a bit about virtual memory, dynamic linking, position indepentend code, and ASLR protection. All of these topics are…
Splunk Attack Range in a virtualized Ubuntu Guest VM — Guide
https://medium.com/@julian.wieg/splunk-attack-range-in-a-virtualized-ubuntu-guest-vm-guide-c6587f43c15
https://medium.com/@julian.wieg/splunk-attack-range-in-a-virtualized-ubuntu-guest-vm-guide-c6587f43c15
Medium
Splunk Attack Range in a virtualized Ubuntu Guest VM — Guide
A quick helper to get this fantastic project running locally: https://github.com/splunk/attack_range
Privilege escalation (UAC bypass) in ChangePK
https://medium.com/@mattharr0ey/privilege-escalation-uac-bypass-in-changepk-c40b92818d1b
https://medium.com/@mattharr0ey/privilege-escalation-uac-bypass-in-changepk-c40b92818d1b
Medium
Privilege escalation (UAC bypass) in ChangePK
Introduction It’s been a long time since I decided to to be away from Twitter for a while for self-improvements reasons and finding…
Analyzing a trio of RCE bugs in Intel wireless adapters
https://www.thezdi.com/blog/2020/5/4/analyzing-a-trio-of-remote-code-execution-bugs-in-intel-wireless-adapters
https://www.thezdi.com/blog/2020/5/4/analyzing-a-trio-of-remote-code-execution-bugs-in-intel-wireless-adapters
Zero Day Initiative
Zero Day Initiative — Analyzing a Trio of Remote Code Execution Bugs in Intel Wireless Adapters
Earlier this month, we published three memory corruption bugs ( ZDI-20-494 , ZDI-20-495 , and ZDI-20-496 - collectively referred to as CVE-2020-0558) affecting two Windows Wi-Fi drivers for various Intel dual-band wireless adapters. According to the vendor…
Bugs on the Windshield: Fuzzing the Windows Kernel
https://research.checkpoint.com/2020/bugs-on-the-windshield-fuzzing-the-windows-kernel/
https://research.checkpoint.com/2020/bugs-on-the-windshield-fuzzing-the-windows-kernel/
Check Point Research
Bugs on the Windshield: Fuzzing the Windows Kernel - Check Point Research
Research By: Netanel Ben-Simon and Yoav Alon Background: In our previous research, we used WinAFL to fuzz user-space applications running on Windows, and found over 50 vulnerabilities in Adobe Reader and Microsoft Edge. For our next challenge, we decided…
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
https://github.com/outflanknl/RedELK
https://github.com/outflanknl/RedELK
GitHub
GitHub - outflanknl/RedELK: Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well…
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations. - outflanknl/RedELK
PrintDemon: Print Spooler Privilege Escalation, Persistence & Stealth (CVE-2020-1048 & more)
https://windows-internals.com/printdemon-cve-2020-1048/
https://windows-internals.com/printdemon-cve-2020-1048/
Using Intel PT for Vulnerability Triaging with IPTAnalyzer
https://darungrim.com/research/2020-05-07-UsingIntelPTForVulnerabilityTriagingWithIPTAnalyzer.html
https://darungrim.com/research/2020-05-07-UsingIntelPTForVulnerabilityTriagingWithIPTAnalyzer.html
HugeDomains
DaRunGrim.com is for sale | HugeDomains
Find a domain name today. We make it easy.
PlumHound - BloodHoundAD Report Engine for Security Teams
https://github.com/DefensiveOrigins/PlumHound
https://github.com/DefensiveOrigins/PlumHound
GitHub
DefensiveOrigins/PlumHound
Bloodhound for Blue and Purple Teams. Contribute to DefensiveOrigins/PlumHound development by creating an account on GitHub.
Windows C# LLMNR/mDNS/NBNS/DNS/DHCPv6 spoofer/man-in-the-middle tool
https://github.com/Kevin-Robertson/InveighZero
https://github.com/Kevin-Robertson/InveighZero
GitHub
GitHub - Kevin-Robertson/InveighZero: .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers - Kevin-Robertson/InveighZero