ESFang - Exploring the macOS Endpoint Security Framework (ESF) for Threat Detection https://labs.f-secure.com/blog/esfang-exploring-the-macos-endpoint-security-framework-for-threat-detection/
Winning the Impossible Race – An Unintended Solution for Includer’s Revenge / Counter (hxp 2021) https://lewin.co.il/winning-the-impossible-race-an-unintended-solution-for-includers-revenge-counter-hxp-2021/
Nice introduction to ROP » A Gentle Intro to ROP and Bypassing DEP https://cwinfosec.org/Intro-ROP-DEP-Bypass/
cwinfosec
A Gentle Intro to ROP and Bypassing DEP
This post is intended as a soft introduction to return-oriented-programming and bypassing DEP. Nothing in this blog post is new or ground-breaking research; however, sometimes it helps to hear another point of view. Today we will be looking at a very basic…
WMEye: a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement https://github.com/pwn1sher/WMEye
GitHub
GitHub - pwn1sher/WMEye: WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement - pwn1sher/WMEye
PrintNightmare and SSH Tunnels for Fun https://marcusedmondson.com/2021/12/29/printnightmare-and-ssh-tunnels-for-fun/
Marcus Edmondson | Offensive Security | Information Security
PrintNightmare and SSH Tunnels for Fun
Today I wanted to cover a subject that has been covered many times before, but writing about the techniques and tools I am learning helps me solidify my knowledge so here we go. Today’s post …
Nice resources here » A curated list of awesome malware analysis tools and resources https://github.com/rshipp/awesome-malware-analysis
GitHub
GitHub - rshipp/awesome-malware-analysis: Defund the Police.
Defund the Police. Contribute to rshipp/awesome-malware-analysis development by creating an account on GitHub.
Reverse Engineering Yaesu FT-70D Firmware Encryption https://landaire.net/reversing-yaesu-firmware-encryption/
landaire.net
Reverse Engineering Yaesu FT-70D Firmware Encryption
nothing interesting
A Memory Visualiser Tool for iOS Security Research https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
Medium
A Memory Visualiser Tool for iOS Security Research
Happy New Year!🥳
Release of PTE Analysis plugins for Volatility 3 https://insinuator.net/2021/12/release-of-pte-analysis-plugins-for-volatility-3/
Insinuator.net
Release of PTE Analysis plugins for Volatility 3
I'm happy to announce the release of several plugins for Volatility 3 that allow you to dig deeper into the memory analysis. One of those plugins is PteMalfind, which is essentially an improved version of malfind. Another one is PteResolve which, similarly…
Malware repository, with analysis exercises for training https://github.com/jstrosch/malware-samples
GitHub
GitHub - jstrosch/malware-samples: Malware samples, analysis exercises and other interesting resources.
Malware samples, analysis exercises and other interesting resources. - jstrosch/malware-samples
How I found (and fixed) a vulnerability in Python https://www.tldr.engineering/how-i-found-and-fixed-a-vulnerability-in-python/
C++ Memory Corruption (std::vector) - part 2 https://blog.infosectcbr.com.au/2022/01/c-memory-corruption-stdvector-part-2.html
blog.infosectcbr.com.au
C++ Memory Corruption (std::vector) - part 2
Summary This is the 2nd part of the C++ memory corruption series*. In this post, we'll look at corrupting the std::vector class in Linux and...
Cache Poisoning at Scale https://youst.in/posts/cache-poisoning-at-scale/
CVE-2017-5816 HP iMC PLAT RCE Whitepaper https://oxagast.org/posts/CVE-2017-5816/
Source codes of Windows API Exploitation for Red and Blue teams from Pentester Academy https://github.com/tbhaxor/WinAPI-RedBlue
GitHub
GitHub - tbhaxor/WinAPI-RedBlue: Source code of exploiting windows API for red teaming series
Source code of exploiting windows API for red teaming series - tbhaxor/WinAPI-RedBlue
Exploring Token Members Part 1 https://jsecurity101.medium.com/exploring-token-members-part-1-48bce8004c6a
Medium
Exploring Token Members Part 1
Introduction
Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot” https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
Jamf
Jamf Threat Labs | Blog
The Mac Malware of 2021 👾 a comprehensive analysis of the year's new malware! https://objective-see.com/blog/blog_0x6B.html
objective-see.org
The Mac Malware of 2021 👾
a comprehensive analysis of the year's new malware!