The real slim shady || Ivanti Endpoint Manager (EPM) Pre-Auth RCE
CVE-2024-29847
https://summoning.team/blog/ivanti-epm-cve-2024-29847-deserialization-rce/
CVE-2024-29847
https://summoning.team/blog/ivanti-epm-cve-2024-29847-deserialization-rce/
Summoning Team
The real slim shady || Ivanti Endpoint Manager (EPM) Pre-Auth RCE
ivanti just pushed a patch for a Critical CVSS 9.8 Remote Code Execution Vulnerability that I reported on May 1st 2024, impacting Ivanti Endpoint Manager (EPM). in the following blog post I will be publishing the fully working unauthenticated exploit and…
Пью кофе каждый день, решил сделать перерыв в два дня. А вы делаете специально перерывы в употреблении кофе?
Anonymous Poll
42%
Да
58%
Нет
document the process of reverse engineering and devirtualising a binary protected with virtualisation obfuscation and various anti-debugging techniques
https://blog.deobfuscate.io/reversing-vmcrack
https://blog.deobfuscate.io/reversing-vmcrack
Reverse Engineering Blog
Reversing VMCrack
Reverse engineering a binary obfuscated with virtual machine obfuscation. The challenge is vmcrack from Hack The Box.
Binary Ninja plugin for extracting files from container formats
https://github.com/Vector35/blob_extractor
https://github.com/Vector35/blob_extractor
GitHub
GitHub - Vector35/blob_extractor: Identify and extract files from container formats using unblob.
Identify and extract files from container formats using unblob. - Vector35/blob_extractor
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support
https://github.com/BlackSnufkin/NyxInvoke
https://github.com/BlackSnufkin/NyxInvoke
GitHub
GitHub - BlackSnufkin/NyxInvoke: NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless…
NyxInvoke is a Rust CLI tool for running .NET assemblies, PowerShell, and BOFs with Patchless AMSI and ETW bypass features. with Dual-build support - BlackSnufkin/NyxInvoke
Using AI-assisted decompilation of Radare2
https://cryptax.medium.com/using-ai-assisted-decompilation-of-radare2-e81a882863c9
https://cryptax.medium.com/using-ai-assisted-decompilation-of-radare2-e81a882863c9
Medium
Using AI-assisted decompilation of Radare2
A few months ago, Radare2 (aka r2), an open source disassembler which can be entirely used by command line, started implementing AI plugins…
Reverse Engineering the Eufy Ecosystem: A Deep Dive into Security Vulnerabilities and Proprietary Protocols
https://www.usenix.org/system/files/woot24-goeman.pdf
https://www.usenix.org/system/files/woot24-goeman.pdf
Через два дня стартует FLARE ON, а пока можно чекнуть инфу и врайтапы по предыдущему году:
https://cloud.google.com/blog/topics/threat-intelligence/flareon10-challenge-solutions/
https://cloud.google.com/blog/topics/threat-intelligence/flareon10-challenge-solutions/
.NET Crash Dump Analysis
ML for binary diffing (слайды)
A step-by-step guide to writing an iOS kernel exploit
The Art of Fuzzing: A Deep Dive into Software Security
Learning Binary Ninja for Reverse Engineering
Opaque Predicates and How to Hunt Them
PoC Windows kernel driver for detect DMA devices
Improve Your Forensic Analyses with hashlookup
Блог
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
Windows Kernel Pool Exploitation CVE-2021-31956 - Part 2
Linux RCU internal
Unidbg to production
Hunting for CVE-2024-38063 by diffing Tcpip.sys with Ghidra
ML for binary diffing (слайды)
A step-by-step guide to writing an iOS kernel exploit
The Art of Fuzzing: A Deep Dive into Software Security
Learning Binary Ninja for Reverse Engineering
Opaque Predicates and How to Hunt Them
PoC Windows kernel driver for detect DMA devices
Improve Your Forensic Analyses with hashlookup
Блог
Windows kernel debugger for Linux hosts running Windows under KVM/QEMU
Windows Kernel Pool Exploitation CVE-2021-31956 - Part 2
Linux RCU internal
Unidbg to production
Hunting for CVE-2024-38063 by diffing Tcpip.sys with Ghidra
Охуенная статья
Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation
https://blog.fox-it.com/2024/09/25/red-teaming-in-the-age-of-edr-evasion-of-endpoint-detection-through-malware-virtualisation/
Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation
https://blog.fox-it.com/2024/09/25/red-teaming-in-the-age-of-edr-evasion-of-endpoint-detection-through-malware-virtualisation/
Fox-IT International blog
Red Teaming in the age of EDR: Evasion of Endpoint Detection Through Malware Virtualisation
Authors: Boudewijn Meijer && Rick Veldhoven Introduction As defensive security products improve, attackers must refine their craft. Gone are the days of executing malicious binaries from di…
Deciphering Ransomware in Virtual Machines
UEFI Reverse Engineering, Vulnerability Discovery, and Exploit Development: Part 0
Malware Analysis - ConfuserEx 2 Deobfuscation with Python and dnlib, BBTok Loader
Identifying Human-operated Ransomware through Windows Event Logs
APT-C-00 (OceanLotus) Dual Loader and Homologous VMP Loader
poc for CVE-2024-45383
Collection of Docker honeypot logs from 2021 - 2024
UEFI Reverse Engineering, Vulnerability Discovery, and Exploit Development: Part 0
Malware Analysis - ConfuserEx 2 Deobfuscation with Python and dnlib, BBTok Loader
Identifying Human-operated Ransomware through Windows Event Logs
APT-C-00 (OceanLotus) Dual Loader and Homologous VMP Loader
poc for CVE-2024-45383
Collection of Docker honeypot logs from 2021 - 2024
Low-Level Development on Retail Android Hardware - Reconnaissance and Prototyping a Bootloader
https://blog.timschumi.net/2024/10/05/lldorah-bootloader-prototype.html
https://blog.timschumi.net/2024/10/05/lldorah-bootloader-prototype.html
timschumi’s low-traffic blog
Low-Level Development on Retail Android Hardware - Reconnaissance and Prototyping a Bootloader
Many months ago, a slightly younger Tim thought that porting mainline Linux to his old Android phone for the purpose of experimentation would be a great way to pass time. (In hindsight it was, but not for the reasons imagined.)