How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
Fuzzing exotic arch with AFL using ghidra emulator
https://airbus-cyber-security.com/fuzzing-exotic-arch-with-afl-using-ghidra-emulator/
https://airbus-cyber-security.com/fuzzing-exotic-arch-with-afl-using-ghidra-emulator/
Know Your Enemy: Exploiting the Dell BIOS Driver Vulnerability to Defend Against It
https://www.crowdstrike.com/blog/cve-2021-21551-learning-through-exploitation/
https://www.crowdstrike.com/blog/cve-2021-21551-learning-through-exploitation/
CrowdStrike.com
CVE-2021-21551: Learning Through Exploitation | CrowdStrike
Using CVE-2021-21551 as an example, learn how adversaries approach weaponizing vulnerabilities, and the technologies that work best to mitigate their tactics.
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug (CVE-2021-3560)
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
https://github.blog/2021-06-10-privilege-escalation-polkit-root-on-linux-with-bug/
The GitHub Blog
Privilege escalation with polkit: How to get root on Linux with a seven-year-old bug
polkit is a system service installed by default on many Linux distributions. It’s used by systemd, so any Linux distribution that uses systemd also uses polkit.
d0zer
Elf binary infector written in Golang. It can be used for infecting executables of type ET_DYN and ET_EXEC with a payload of your creation. Utilizing the classic elf text segment padding algorithm by Silvio Cesar, your payload (parasite) will run before native functionality of the binary effectively backooring the binary.
https://github.com/sad0p/d0zer
Elf binary infector written in Golang. It can be used for infecting executables of type ET_DYN and ET_EXEC with a payload of your creation. Utilizing the classic elf text segment padding algorithm by Silvio Cesar, your payload (parasite) will run before native functionality of the binary effectively backooring the binary.
https://github.com/sad0p/d0zer
GitHub
GitHub - sad0p/d0zer: Elf binary infector written in Go.
Elf binary infector written in Go. Contribute to sad0p/d0zer development by creating an account on GitHub.
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
https://github.com/optiv/Dent
https://github.com/optiv/Dent
GitHub
GitHub - optiv/Dent: A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors.
A framework for creating COM-based bypasses utilizing vulnerabilities in Microsoft's WDAPT sensors. - GitHub - optiv/Dent: A framework for creating COM-based bypasses utilizing vulnerabil...
DarkLoadLibrary (Bypassing Image Load Kernel Callbacks)
https://github.com/bats3c/DarkLoadLibrary
LoadLibrary for offensive operations.https://github.com/bats3c/DarkLoadLibrary
GitHub
GitHub - bats3c/DarkLoadLibrary: LoadLibrary for offensive operations
LoadLibrary for offensive operations. Contribute to bats3c/DarkLoadLibrary development by creating an account on GitHub.
AutoHarness is a tool that automatically generates fuzzing harnesses for you
https://github.com/parikhakshat/autoharness
https://github.com/parikhakshat/autoharness
GitHub
GitHub - parikhakshat/autoharness: A tool that automatically creates fuzzing harnesses based on a library
A tool that automatically creates fuzzing harnesses based on a library - parikhakshat/autoharness
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows.
https://github.com/0vercl0k/wtf
https://github.com/0vercl0k/wtf
GitHub
GitHub - 0vercl0k/wtf: wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed…
wtf is a distributed, code-coverage guided, customizable, cross-platform snapshot-based fuzzer designed for attacking user and / or kernel-mode targets running on Microsoft Windows and Linux user-m...
Details about four in-the-wild 0-day campaigns targeting four separate vulnerabilities we’ve discovered so far this year:
• CVE-2021-21166 and CVE-2021-30551 in Chrome,
• CVE-2021-33742 in Internet Explorer, and
• CVE-2021-1879 in WebKit (Safari).
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/
• CVE-2021-21166 and CVE-2021-30551 in Chrome,
• CVE-2021-33742 in Internet Explorer, and
• CVE-2021-1879 in WebKit (Safari).
https://blog.google/threat-analysis-group/how-we-protect-users-0-day-attacks/
cve.mitre.org
CVE -
CVE-2021-21166
CVE-2021-21166
CVE® is a list of records — each containing an identification number, a description, and at least one public reference — for publicly known cybersecurity vulnerabilities. The mission of the CVE Program is to identify, define, and catalog publicly disclosed…
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/amp/#click=https://t.co/zfXvokBcHW
https://research.nccgroup.com/2021/07/15/cve-2021-31956-exploiting-the-windows-kernel-ntfs-with-wnf-part-1/amp/#click=https://t.co/zfXvokBcHW
NCC Group Research
CVE-2021-31956 Exploiting the Windows Kernel (NTFS with WNF) – Part 1
NCC Group’s Exploit Development Group look at exploiting CVE-2021-31956 – the Windows Kernel (NTFS with WNF)
OpenSecurityTraining2 public betas of refreshed classes on x86-64 assembly, x86-64 OS internals, and coreboot are now open - https://ost2.fyi
1-s2.0-S0140366421000426-main.pdf
1.3 MB
Deep Learning for Network Traffic Monitoring and Analysis (NTMA): A Survey
3405671.3405811.pdf
818.2 KB
SAM: Self-Attention based Deep Learning Method for Online Traffic Classification
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database.
https://github.com/lyft/cartography
https://github.com/lyft/cartography
GitHub
GitHub - cartography-cncf/cartography: Cartography is a Python tool that consolidates infrastructure assets and the relationships…
Cartography is a Python tool that consolidates infrastructure assets and the relationships between them in an intuitive graph view powered by a Neo4j database. - cartography-cncf/cartography
Liang2021_Article_NeutronAnAttention-basedNeural.pdf
1.6 MB
Neutron: an attention-based neural decompiler
NeurIPS_2019_coda_an_end_to_end_neural_program_decompiler_Paper.pdf
389.8 KB
Coda: An End-to-End Neural Program Decompiler