OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
https://github.com/ic3qu33n/OffensiveCon24-uefi-task-of-the-translator
https://github.com/ic3qu33n/OffensiveCon24-uefi-task-of-the-translator
GitHub
GitHub - ic3qu33n/OffensiveCon24-uefi-task-of-the-translator: OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI…
OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator" - ic3qu33n/OffensiveCon24-uefi-task-of-the-translator
Introducing LLM-based harness synthesis for unfuzzed projects
https://blog.oss-fuzz.com/posts/introducing-llm-based-harness-synthesis-for-unfuzzed-projects/
https://blog.oss-fuzz.com/posts/introducing-llm-based-harness-synthesis-for-unfuzzed-projects/
OSS-Fuzz blog
Introducing LLM-based harness synthesis for unfuzzed projects
Introducing LLM-based harness generation for unfuzzed projects.
Getting Started with Debugging Hyper-V for Vulnerability Research, Part 2.
https://www.youtube.com/watch?v=9utI4qKCWH4&t=2961s
https://www.youtube.com/watch?v=9utI4qKCWH4&t=2961s
YouTube
Getting Started with Debugging Hyper-V for Vulnerability Research, Part 2.
We recently had on Daniel Fernandez, one of my co-authors of Gray Hat Hacking 6th Ed... In this continuation on that topic area, join me with special guest "Alan Sguigna" from ASSET InterTech. JTAG debugging on affordable, commercially available Intel targets…
Compromised WordPress site serves malware | LNK file MALWARE ANALYSIS and HTA Deobfuscation
https://www.youtube.com/watch?v=XxHFr2xvPFc
https://www.youtube.com/watch?v=XxHFr2xvPFc
YouTube
MALWARE on WordPress site | LNK file MALWARE ANALYSIS and HTA Deobfuscation
Analysis of a malicious LNK file which uses a compromised Uzbekistan website to launch a malicious HTA file, that in turn downloads and runs FormBook malware.
** Find me at **
Twitter/X - https://twitter.com/CyberRaiju
Blog - https://www.jaiminton.com/
Mastodon…
** Find me at **
Twitter/X - https://twitter.com/CyberRaiju
Blog - https://www.jaiminton.com/
Mastodon…
Electron Math: 8 Million User Note App Stored XSS -> RCE bypassing nodeintegration via preload.js in electron
https://0reg.dev/blog/electron-math
https://0reg.dev/blog/electron-math
0reg.dev
Retr0's Register
Retr0's Threat Research
Democratizing Fuzzing at Scale
https://drive.google.com/file/d/1lUFIugzEy1eBBWkLDHC_hzRfahZUCZYR/view
https://drive.google.com/file/d/1lUFIugzEy1eBBWkLDHC_hzRfahZUCZYR/view
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
https://pwning.tech/nftables/
https://pwning.tech/nftables/
Pwning Tech
Flipping Pages: An analysis of a new Linux vulnerability in nf_tables and hardened exploitation techniques
A tale about exploiting KernelCTF Mitigation, Debian, and Ubuntu instances with a double-free in nf_tables in the Linux kernel, using novel techniques like Dirty Pagedirectory. All without even having to recompile the exploit for different kernel targets…
A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files
https://github.com/SafeBreach-Labs/DoubleDrive
https://github.com/SafeBreach-Labs/DoubleDrive
GitHub
GitHub - SafeBreach-Labs/DoubleDrive: A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local…
A fully-undetectable ransomware that utilizes OneDrive & Google Drive to encrypt target local files - SafeBreach-Labs/DoubleDrive
"Всё нижеизложенное является компиляцией собственного опыта и общедоступных наработок связанных со взломом Linux."
https://reeves0x0.gitbook.io/linux-under-attack/
https://reeves0x0.gitbook.io/linux-under-attack/
reeves0x0.gitbook.io
Предисловие | Linux under attack
Owasp level 4 Android Reversing Anti-Debugging/Root checks: r2pay 1.0.
https://medium.com/@ndsetobol/owasp-level-4-android-reversing-anti-debugging-root-checks-r2pay-1-0-239e224ec649
https://medium.com/@ndsetobol/owasp-level-4-android-reversing-anti-debugging-root-checks-r2pay-1-0-239e224ec649
Medium
Owasp level 4 Android Reversing Anti-Debugging/Root checks: r2pay 1.0.
This was one of the most challenging crackmes I’ve ever attempted to decipher. It took an extensive amount of time and effort, spanning…
слайды
Rhadamanthys & the 40 thieves
https://download.scrt.ch/insomnihack/ins24-slides/Rhadamanthys%20and%20the%2040%20thieves.pdf
Rhadamanthys & the 40 thieves
https://download.scrt.ch/insomnihack/ins24-slides/Rhadamanthys%20and%20the%2040%20thieves.pdf
слайды
From the Vulnerability to the Victory: A Chrome Renderer 1-Day Exploit’s Journey to v8CTF Glory
https://kaist-hacking.github.io/pubs/2024/lee:v8-ctf-slides.pdf
exploit
https://github.com/kaist-hacking/CVE-2023-6702
From the Vulnerability to the Victory: A Chrome Renderer 1-Day Exploit’s Journey to v8CTF Glory
https://kaist-hacking.github.io/pubs/2024/lee:v8-ctf-slides.pdf
exploit
https://github.com/kaist-hacking/CVE-2023-6702
Интересная тема - хукинг голанг функций. Он отличается. В сети нашел всего две статьи =*( В первой рассматривается очень частный случай, когда намеренно импортируется libc, во второй я потерялся в исходниках (очень интересно, но нихуя непонятно)
https://blog.quarkslab.com/lets-go-into-the-rabbit-hole-part-1-the-challenges-of-dynamically-hooking-golang-program.html#
https://metalbear.co/blog/hooking-go-from-rust-hitchhikers-guide-to-the-go-laxy/
https://blog.quarkslab.com/lets-go-into-the-rabbit-hole-part-1-the-challenges-of-dynamically-hooking-golang-program.html#
https://metalbear.co/blog/hooking-go-from-rust-hitchhikers-guide-to-the-go-laxy/
Quarkslab
Let’s Go into the rabbit hole (part 1) — the challenges of dynamically hooking Golang programs - Quarkslab's blog
Golang is the most used programming language for developing cloud technologies. Tools such as Kubernetes, Docker, Containerd and gVisor are written in Go. Despite the fact that the code of these programs is open source, there is no way to analyze and extend…
Molding lies into reality || Exploiting CVE-2024-4358
https://summoning.team/blog/progress-report-server-rce-cve-2024-4358-cve-2024-1800/
https://summoning.team/blog/progress-report-server-rce-cve-2024-4358-cve-2024-1800/
Summoning Team
Molding lies into reality || Exploiting CVE-2024-4358
Discovering a zero-day authentication bypass and chaining a .NET deserialization to achieve pre-auth RCE on Progress Report Server