Nice summary of iOS network monitoring techniques https://twitter.com/ddouhine/status/1430881952559685633
Twitter
Davy Douhine
Proxying is not the only way to monitor network traffic on your iOS mobile apps 📲 Different techniques for different use cases. Here's an attempt to summarize them. If you know other techniques plz tell me 🙏#mobilesecurity
Good reading » The Android Platform Security Model https://dl.acm.org/doi/10.1145/3448609
ACM Transactions on Privacy and Security
The Android Platform Security Model | ACM Transactions on Privacy and Security
Android is the most widely deployed end-user focused operating system. With its growing
set of use cases encompassing communication, navigation, media consumption, entertainment,
finance, health, and access to sensors, actuators, cameras, or microphones,...
set of use cases encompassing communication, navigation, media consumption, entertainment,
finance, health, and access to sensors, actuators, cameras, or microphones,...
Fuzzing RDP: Holding the Stick at Both Ends https://www.cyberark.com/resources/threat-research-blog/fuzzing-rdp-holding-the-stick-at-both-ends
Cyberark
Fuzzing RDP: Holding the Stick at Both Ends
Introduction This post describes the work we’ve done on fuzzing the Windows RDP client and server, the challenges of doing so, and some of the results. The Remote Desktop Protocol (RDP) by...
Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit https://www.blackhillsinfosec.com/admins-nightmare-combining-hivenightmare-serioussam-and-ad-cs-attack-paths-for-profit/
Black Hills Information Security
Admin’s Nightmare: Combining HiveNightmare/SeriousSAM and AD CS Attack Path’s for Profit - Black Hills Information Security
Stephan Borosh // The year of 2021 has presented some interesting challenges to securing Windows and Active Directory environments with new flaws that Microsoft has been slow to address. In June, @Harmj0y and @tifkin_ […]
A repository of DFIR-related Mind Maps https://github.com/rathbuna/DFIRMindMaps
GitHub
GitHub - AndrewRathbun/DFIRMindMaps: A repository of DFIR-related Mind Maps geared towards the visual learners!
A repository of DFIR-related Mind Maps geared towards the visual learners! - AndrewRathbun/DFIRMindMaps
Black-Box Attacks on Perceptual Image Hashes with GANs https://towardsdatascience.com/black-box-attacks-on-perceptual-image-hashes-with-gans-cc1be11f277
Medium
Black-Box Attacks on Perceptual Image Hashes with GANs
tldr: This post demonstrates that GANs are capable of breaking image hash algorithms in two key ways: (1) Reversal Attack: Synthesizing the…
good old times! » Reverse engineering software licensing from early-2000s abandonware – Part 1 https://yingtongli.me/blog/2021/08/29/drm5-1.html
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters https://www.kitploit.com/2020/10/awesome-android-security-curated-list.html
KitPloit - PenTest & Hacking Tools
Awesome Android Security - A Curated List Of Android Security Materials And Resources For Pentesters And Bug Hunters
ProxyToken: An Authentication Bypass in Microsoft Exchange Server https://www.zerodayinitiative.com/blog/2021/8/30/proxytoken-an-authentication-bypass-in-microsoft-exchange-server
Zero Day Initiative
Zero Day Initiative — ProxyToken: An Authentication Bypass in Microsoft Exchange Server
Continuing with the theme of serious vulnerabilities that have recently come to light in Microsoft Exchange Server, in this article we present a new vulnerability we call ProxyToken. It was reported to the Zero Day Initiative in March 2021 by researcher Le…
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors https://www.domaintools.com/resources/blog/domain-blooms-identifying-domain-name-themes-targeted-by-threat-actors
DomainTools | Start Here. Know Now.
Domain Blooms: Identifying Domain Name Themes Targeted By Threat Actors - DomainTools | Start Here. Know Now.
Learn about research recently conducted into “Domain Blooms”, our attempt to identify new and trending themes in domain names that highlights which events.
6 Pro Tricks for Rapid macOS Malware Triage with Radare2 https://labs.sentinelone.com/6-pro-tricks-for-rapid-macos-malware-triage-with-radare2/
SentinelOne
6 Pro Tricks for Rapid macOS Malware Triage with Radare2 - SentinelLabs
Learn more about reversing real-world macOS malware in this new series for intermediate to advanced analysts, starting with these r2 tips!
Go Fuzz Yourself – How to Find More Vulnerabilities in APIs Through Fuzzing [Whitepaper download] https://labs.detectify.com/2021/08/31/go-fuzz-yourself-how-to-find-more-vulnerabilities-in-apis-through-fuzzing-whitepaper-download/
DNS Rebinding Attack: How Malicious Websites Exploit Private Networks https://unit42.paloaltonetworks.com/dns-rebinding/
Unit 42
DNS Rebinding Attack: How Malicious Websites Exploit Private Networks
DNS rebinding allows attackers to take advantage of web-based consoles to exploit internal networks by abusing the domain name system.
CVE-2021-34486: Event Tracing for Windows (ETW) TimerCallbackContext Object Use-After-Free Vulnerability https://www.pixiepointsecurity.com/blog/cve-2021-34486.html
Deception in Depth - LSASS Injection https://blog.spookysec.net/DnD-LSASS-Injection/
Ronnie's Blog
Deception in Depth - LSASS Injection
root@PandorasBox:~#
npmにも影響があるnode-tarのパストラバーサルの脆弱性 CVE-2021-32804 https://yamory.io/blog/cve-2021-32804-node-tar-reproduce/
yamory.io
npmにも影響があるnode-tarのパストラバーサルの脆弱性 CVE-2021-32804 | yamory Blog
npmにも影響を与える node-tarの脆弱性(CVE-2021-32804)について解説します。
Internal of the Android kernel backdoor vulnerability https://vul.360.net/archives/263
vul.360.net
Internal of the Android kernel backdoor vulnerability
回顾Android内核漏洞史可以发现,大部分Android内核漏洞属于内存漏洞,而逻辑漏洞相对少见。由于内存漏洞具有典型的漏洞模式、明显的副作用以及较完善的检测方法,因此这类漏洞较容易发现。对应地,逻辑漏洞没有典型的漏洞模式(往往与功能紧密相关)、不确定的副作用以及缺乏普适的检测方法,因此,挖掘这类漏洞相对困难。正因为如此,逻辑漏洞有它独特的魅力。
CVE-2021-26084 Remote Code Execution on Confluence Servers https://github.com/httpvoid/writeups/blob/main/Confluence-RCE.md
GitHub
writeups/Confluence-RCE.md at main · httpvoid/writeups
Contribute to httpvoid/writeups development by creating an account on GitHub.
Anubis Android Malware Analysis https://0x1c3n.tech/anubis-android-malware-analysis
Nice datasets » DDoS Packet Capture Collection https://github.com/StopDDoS/packet-captures
GitHub
GitHub - StopDDoS/packet-captures: packet captures of real-world ddos attacks
packet captures of real-world ddos attacks. Contribute to StopDDoS/packet-captures development by creating an account on GitHub.