знаете что мне в голову пришло, на обложке hybrid theory изображен человек с крыльями бабочки стреокозы (?? у стрекозы четыре крыла), и в клипе papercut вылетают стрекозы. интересно связано ли это както или хуйня.
Abusing Liftoff assembly and efficiently escaping from sbx
https://retr0.zip/blog/abusing-Liftoff-assembly-and-efficiently-escaping-from-sbx.html
https://retr0.zip/blog/abusing-Liftoff-assembly-and-efficiently-escaping-from-sbx.html
Extracting Strings from Go and Rust Executables
https://www.mandiant.com/resources/blog/extracting-strings-go-rust-executables
https://www.mandiant.com/resources/blog/extracting-strings-go-rust-executables
Google Cloud Blog
FLOSS for Gophers and Crabs: Extracting Strings from Go and Rust Executables | Google Cloud Blog
Reverse engineering Android 2FA OTP application
https://marcoguerri.github.io/2023/09/09/android-home-banking.html
https://marcoguerri.github.io/2023/09/09/android-home-banking.html
marcoguerri
Reverse engineering Android 2FA OTP application
As part of my disaster recovery plan, I want to have offline backup of 2FA codes for online banking to generate OTPs without my phone in case of emergency. This required reverse engineering my bank’s Android OTP application, that I expected would reveal some…
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
https://gist.github.com/testanull/dac6029d306147e6cc8dce9424d09868
Gist
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC
SharePoint Pre-Auth Code Injection RCE chain CVE-2023-29357 & CVE-2023-24955 PoC - SharePwn_public.py
Bad Zip and new Packer for Android/BianLian
https://cryptax.medium.com/bad-zip-and-new-packer-for-android-bianlian-5bdad4b90aeb
https://cryptax.medium.com/bad-zip-and-new-packer-for-android-bianlian-5bdad4b90aeb
Medium
Bad Zip and new Packer for Android/BianLian
I got my hands on a new sample of Android/BianLian (sha256: 0070bc10699a982a26f6da48452b8f5e648e1e356a7c1667f393c5c3a1150865), a banking…
Mapping Virtual to Physical Adresses Using Superfetch
https://www.outflank.nl/blog/2023/12/14/mapping-virtual-to-physical-adresses-using-superfetch/
https://www.outflank.nl/blog/2023/12/14/mapping-virtual-to-physical-adresses-using-superfetch/
Deep Dive: Qualcomm MSM Linux Kernel & ARM Mali GPU 0-day Exploit Attacks of October 2023
https://zerodayengineering.com/insights/qualcomm-msm-arm-mali-0days.html
https://zerodayengineering.com/insights/qualcomm-msm-arm-mali-0days.html
Introducing a novel technique for e-mail spoofing
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
https://sec-consult.com/blog/detail/smtp-smuggling-spoofing-e-mails-worldwide/
SEC Consult
SMTP Smuggling - Spoofing E-Mails Worldwide
Introducing a novel technique for e-mail spoofing
DriveFS Sleuth — Your Ultimate Google Drive File Stream Investigator!
https://amgedwageh.medium.com/drivefs-sleuth-investigating-google-drive-file-streams-disk-artifacts-0b5ea637c980
https://amgedwageh.medium.com/drivefs-sleuth-investigating-google-drive-file-streams-disk-artifacts-0b5ea637c980
Medium
DriveFS Sleuth — Your Ultimate Google Drive File Stream Investigator!
File syncing applications, while providing convenient solutions for seamless collaboration and data access within organizations, also pose…
By combining Frida with an enhanced version of Tenet, Frinet facilitates the study of large programs, vulnerability research and root-cause analysis on iOS, Android, Windows and most architectures.
https://www.synacktiv.com/publications/frinet-reverse-engineering-made-easier
https://www.synacktiv.com/publications/frinet-reverse-engineering-made-easier
Synacktiv
Frinet: reverse-engineering made easier