An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
https://github.com/yardenshafir/PoolViewer
https://github.com/yardenshafir/PoolViewer
GitHub
GitHub - yardenshafir/PoolViewer: An application to view and filter pool allocations from a dmp file on Windows 10 RS5+.
An application to view and filter pool allocations from a dmp file on Windows 10 RS5+. - yardenshafir/PoolViewer
A Primer On Event Tracing For Windows (ETW)
https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
Medium
A Primer On Event Tracing For Windows (ETW)
The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…
FROM PWN2OWN 2021: A NEW ATTACK SURFACE ON MICROSOFT EXCHANGE - PROXYSHELL
https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
https://www.zerodayinitiative.com/blog/2021/8/17/from-pwn2own-2021-a-new-attack-surface-on-microsoft-exchange-proxyshell
Zero Day Initiative
Zero Day Initiative — From Pwn2Own 2021: A New Attack Surface on Microsoft Exchange - ProxyShell!
In April 2021, Orange Tsai from DEVCORE Research Team demonstrated a remote code execution vulnerability in Microsoft Exchange during the Pwn2Own Vancouver 2021 contest. In doing so, he earned himself $200,000. Since then, he has disclosed several other…
corCTF 2021 Fire of Salvation Writeup: Utilizing msg_msg Objects for Arbitrary Read and Arbitrary Write in the Linux Kernel
https://www.willsroot.io/2021/08/corctf-2021-fire-of-salvation-writeup.html?m=1
https://www.willsroot.io/2021/08/corctf-2021-fire-of-salvation-writeup.html?m=1
www.willsroot.io
corCTF 2021 Fire of Salvation Writeup: Utilizing msg_msg Objects for Arbitrary Read and Arbitrary Write in the Linux Kernel
A blog about pentesting, CTFs, and security
secml-malware: Pentesting Windows Malware Classifiers with Adversarial EXEmples in Python
https://arxiv.org/pdf/2104.12848v2.pdf
https://arxiv.org/pdf/2104.12848v2.pdf
2101.05102.pdf
428.5 KB
ProFuzzBench: A Benchmark for Stateful Protocol Fuzzing
CVE-2021-26084 Remote Code Execution on Confluence Servers
https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
GitHub
writeups/Confluence-RCE.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
Now Patched Vulnerability in WhatsApp could have led to data exposure of users
https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
https://research.checkpoint.com/2021/now-patched-vulnerability-in-whatsapp-could-have-led-to-data-exposure-of-users/
Check Point Research
Now Patched Vulnerability in WhatsApp could have led to data exposure of users - Check Point Research
Research by Dikla Barda & Gal Elbaz As of 2021, WhatsApp is the most popular global mobile messenger app worldwide with approximately two billion monthly active users. It allows users to send text and voice messages, make voice and video calls, and share…
Use NtCreateProcessEx to spawn a child process, and create the main thread manually.
miniCreateProcessEx
https://github.com/aaaddress1/PR0CESS/tree/main/miniCreateProcessEx
miniCreateProcessEx
https://github.com/aaaddress1/PR0CESS/tree/main/miniCreateProcessEx
GitHub
PR0CESS/miniCreateProcessEx at main · aaaddress1/PR0CESS
some gadgets about windows process and ready to use :) - PR0CESS/miniCreateProcessEx at main · aaaddress1/PR0CESS
iOS Wi-Fi Demon: From iOS Format String to Zero-Click RCE
https://ictexpertsluxembourg.lu/technical-corner/ios-wi-fi-demon-from-ios-format-string-to-zero-click-rce/
https://ictexpertsluxembourg.lu/technical-corner/ios-wi-fi-demon-from-ios-format-string-to-zero-click-rce/
www.deep.eu
Technical Corner - DEEP
Articles de l'équipe de sécurité offensive de POST Cyberforce
Do you like to read? I can take over your Kindle with an e-book
https://research.checkpoint.com/2021/i-can-take-over-your-kindle/
https://research.checkpoint.com/2021/i-can-take-over-your-kindle/
Check Point Research
Do you like to read? I can take over your Kindle with an e-book - Check Point Research
Research By: Slava Makkaveev Introduction Since 2007, Amazon has sold tens of millions of Kindles, which is impressive. But this also means that tens of millions of people could have potentially been hacked through a software bug in those same Kindles. Their…
Chrome in-the-wild bug analysis: CVE-2021-30632
https://securitylab.github.com/research/in_the_wild_chrome_cve_2021_30632/
https://securitylab.github.com/research/in_the_wild_chrome_cve_2021_30632/
GitHub Security Lab
Chrome in-the-wild bug analysis: CVE-2021-30632
This post is a technical analysis of a recently disclosed Chrome JIT vulnerability (CVE-2021-30632) that was believed to be exploited in the wild. This vulnerability was reported by an anonymous researcher and was patched on September 13, 2021 in Chrome version…
A Closer Look at NSA/CISA Kubernetes Hardening Guidance
https://kubernetes.io/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/
https://kubernetes.io/blog/2021/10/05/nsa-cisa-kubernetes-hardening-guidance/
Kubernetes
A Closer Look at NSA/CISA Kubernetes Hardening Guidance
Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and Infrastructure…
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting technique. Also, launchers are totally anti-copy and naturally broken when got submitted.
https://github.com/aaaddress1/Skrull
https://github.com/aaaddress1/Skrull
GitHub
GitHub - aaaddress1/Skrull: Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning…
Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting...
A plugin to introduce a generic API for Decompiler support in GEF
https://github.com/mahaloz/decomp2gef
https://github.com/mahaloz/decomp2gef
GitHub
GitHub - mahaloz/decomp2dbg: A plugin to introduce interactive symbols into your debugger from your decompiler
A plugin to introduce interactive symbols into your debugger from your decompiler - mahaloz/decomp2dbg
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration
https://github.com/p0dalirius/LDAPmonitor
https://github.com/p0dalirius/LDAPmonitor
GitHub
GitHub - p0dalirius/LDAPmonitor: Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration!
Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! - GitHub - p0dalirius/LDAPmonitor: Monitor creation, deletion and changes to LDAP objects ...
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
https://www.microsoft.com/security/blog/2021/10/28/microsoft-finds-new-macos-vulnerability-shrootless-that-could-bypass-system-integrity-protection/
Microsoft News
Microsoft finds new macOS vulnerability, Shrootless, that could bypass System Integrity Protection
Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.
Detection Lab
Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices
https://medium.com/@clong/introducing-detection-lab-61db34bed6ae
Collection of Packer & Vagrant scripts that quickly bring a Windows AD online, complete with a collection of endpoint security tooling & logging best practices
https://medium.com/@clong/introducing-detection-lab-61db34bed6ae
Medium
Introducing: Detection Lab
Detection Lab is a collection of Packer and Vagrant scripts that allow you to quickly bring a Windows Active Directory online, complete…