An exploitation case study of CVE-2020-1062, a use-after-free vulnerability in IE11
https://www.accenture.com/us-en/blogs/cyber-defense/exploitation-case-study-cve-2020-1062-vulnerability-in-ie11
https://www.accenture.com/us-en/blogs/cyber-defense/exploitation-case-study-cve-2020-1062-vulnerability-in-ie11
Accenture
Accenture | Security Solutions
Make every part of your business more resilient.
Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints
https://github.com/securesystemslab/agamotto
https://github.com/securesystemslab/agamotto
GitHub
GitHub - securesystemslab/agamotto: Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints
Agamotto: Accelerating Kernel Driver Fuzzing with Lightweight Virtual Machine Checkpoints - securesystemslab/agamotto
Order of Six Angles
How to make a Kernel Driver - Setup & Hello World (Windows) https://www.youtube.com/watch?utm_campaign=buffer&utm_source=twitter.com&utm_content=buffer5a033&utm_medium=social&v=9h1FsOISwX0&app=desktop
Вторая часть появилась
Usermode Communication - IOCTL Tutorial
https://www.youtube.com/watch?v=eumG222Efzs&list=PLt9cUwGw6CYHWuMtGHSgdLUaTo7aa2lEr&index=2
Usermode Communication - IOCTL Tutorial
https://www.youtube.com/watch?v=eumG222Efzs&list=PLt9cUwGw6CYHWuMtGHSgdLUaTo7aa2lEr&index=2
YouTube
Kernel Cheat Tutorial - IOCTL Communication Tutorial - Kernel2
Support us on Patreon: https://bit.ly/38mnveC
Learn how to use PsSetLoadImageNotifyRoutine() to detect when a DLL is loaded, get it's base address from kernel mode, output it with DbgPrintEx() and then how to pass that variable to a usermode process using…
Learn how to use PsSetLoadImageNotifyRoutine() to detect when a DLL is loaded, get it's base address from kernel mode, output it with DbgPrintEx() and then how to pass that variable to a usermode process using…
Чувака кинул майкрософт, обещает опубликовать все найденные уязвимости, оцениваемые 100к
https://twitter.com/jonasLyk/status/1282945750746509313?s=09
https://twitter.com/jonasLyk/status/1282945750746509313?s=09
X (formerly Twitter)
Jonas L (@jonasLyk) on X
As Microsoft have no intensions of ever paying me for all my submitted vulnerabilities I am forced to do this.
Countdown starts today- then I will post them all public.
Ms is just trying to get time to patch them then never pay me.
I have for over 100.000$…
Countdown starts today- then I will post them all public.
Ms is just trying to get time to patch them then never pay me.
I have for over 100.000$…
GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its forkserver siblings). It allows to fuzz OS kernels like simple applications.
https://github.com/airbus-seclab/gustave
https://github.com/airbus-seclab/gustave
GitHub
GitHub - airbus-seclab/gustave: GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of…
GUSTAVE is a fuzzing platform for embedded OS kernels. It is based on QEMU and AFL (and all of its forkserver siblings). It allows to fuzz OS kernels like simple applications. - airbus-seclab/gustave
Ten process injection techniques: A technical survey of common and trending process injection techniques
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
https://www.elastic.co/blog/ten-process-injection-techniques-technical-survey-common-and-trending-process
Elastic Blog
Ten process injection techniques: A technical survey of common and trending process injection techniques
Process injection is a widespread defense evasion technique employed often within malware and fileless adversary tradecraft, and entails running custom code within the address space of another process...
SIGRed – Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers
17-year-old vulnerability in all of Windows DNS Servers.
SIGRed (CVE-2020-1350) is a wormable, critical vulnerability that can be used to achieve full Domain Administrator privileges.
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/
17-year-old vulnerability in all of Windows DNS Servers.
SIGRed (CVE-2020-1350) is a wormable, critical vulnerability that can be used to achieve full Domain Administrator privileges.
https://research.checkpoint.com/2020/resolving-your-way-into-domain-admin-exploiting-a-17-year-old-bug-in-windows-dns-servers/
Check Point Research
SIGRed - Resolving Your Way into Domain Admin: Exploiting a 17 Year-old Bug in Windows DNS Servers - Check Point Research
Research by: Sagi Tzadik Introduction DNS, which is often described as the “phonebook of the internet”, is a network protocol for translating human-friendly computer hostnames into IP addresses. Because it is such a core component of the internet, there are…
Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips
https://blog.talosintelligence.com/2020/07/vuln-spotlight-intel-amd-microsoft-july-2020.html?m=1
https://blog.talosintelligence.com/2020/07/vuln-spotlight-intel-amd-microsoft-july-2020.html?m=1
Talosintelligence
Vulnerability Spotlight: Multiple vulnerabilities in RemoteFX affects, AMD, Intel chips
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Bug in New Function ExAllocatePoolZero Results in Security Vulnerability and Crashes
https://www.osr.com/blog/2020/07/14/bug-in-new-function-exallocatepoolzero-results-in-security-vulnerability-and-crashes/
https://www.osr.com/blog/2020/07/14/bug-in-new-function-exallocatepoolzero-results-in-security-vulnerability-and-crashes/
OSR
Bug in New Function ExAllocatePoolZero Results in Security Vulnerability and Crashes
Update: Late in December 2020 Microsoft issued an update to the WDK/EWDK that includes mitigations for this security issue. See our blog post describing these updates. tl;dr Last week (week of 5 Ju…
Exploit Development: Playing ROP’em COP’em Robots with WriteProcessMemory()
https://connormcgarr.github.io/ROP2/
https://connormcgarr.github.io/ROP2/
Connor McGarr’s Blog
Exploit Development: Playing ROP’em COP’em Robots with WriteProcessMemory()
Gaining code execution with WriteProcessMemory() via ROP and outlining the occasional need for Call-Oriented Programming.