Malware repository, with analysis exercises for training https://github.com/jstrosch/malware-samples
GitHub
GitHub - jstrosch/malware-samples: Malware samples, analysis exercises and other interesting resources.
Malware samples, analysis exercises and other interesting resources. - jstrosch/malware-samples
How I found (and fixed) a vulnerability in Python https://www.tldr.engineering/how-i-found-and-fixed-a-vulnerability-in-python/
C++ Memory Corruption (std::vector) - part 2 https://blog.infosectcbr.com.au/2022/01/c-memory-corruption-stdvector-part-2.html
blog.infosectcbr.com.au
C++ Memory Corruption (std::vector) - part 2
Summary This is the 2nd part of the C++ memory corruption series*. In this post, we'll look at corrupting the std::vector class in Linux and...
Cache Poisoning at Scale https://youst.in/posts/cache-poisoning-at-scale/
CVE-2017-5816 HP iMC PLAT RCE Whitepaper https://oxagast.org/posts/CVE-2017-5816/
Source codes of Windows API Exploitation for Red and Blue teams from Pentester Academy https://github.com/tbhaxor/WinAPI-RedBlue
GitHub
GitHub - tbhaxor/WinAPI-RedBlue: Source code of exploiting windows API for red teaming series
Source code of exploiting windows API for red teaming series - tbhaxor/WinAPI-RedBlue
Exploring Token Members Part 1 https://jsecurity101.medium.com/exploring-token-members-part-1-48bce8004c6a
Medium
Exploring Token Members Part 1
Introduction
Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot” https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
Jamf
Jamf Threat Labs | Blog
The Mac Malware of 2021 👾 a comprehensive analysis of the year's new malware! https://objective-see.com/blog/blog_0x6B.html
objective-see.org
The Mac Malware of 2021 👾
a comprehensive analysis of the year's new malware!
Attackers test “CAB-less 40444” exploit in a dry run https://news.sophos.com/en-us/2021/12/21/attackers-test-cab-less-40444-exploit-in-a-dry-run/
Sophos News
Attackers test “CAB-less 40444” exploit in a dry run
An updated exploit takes a circuitous route to trigger a Word document into delivering an infection without using macros
A curated list of Frida resources https://github.com/dweinstein/awesome-frida
GitHub
GitHub - dweinstein/awesome-frida: Awesome Frida - A curated list of Frida resources https://www.frida.re/ (https://github.com/frida/frida)
Awesome Frida - A curated list of Frida resources https://www.frida.re/ (https://github.com/frida/frida) - dweinstein/awesome-frida
Elephant Beetle: Uncovering an Organized Financial-Theft Operation https://blog.sygnia.co/elephant-beetle-an-organized-financial-theft-operation
Sygnia
Elephant Beetle: Uncovering an Organized Financial-Theft Operation
Sygnia’s IR team has identified the Elephant Beetle threat group, an organized, significant financial-theft operation threatening global enterprises.
Mutual Authentication: A Component of Zero Trust https://www.pomerium.com/docs/topics/mutual-auth.html
Pomerium
Mutual Authentication | Pomerium
This page describes the concept of mutual authentication and why it's important.
Understanding Address Spacing in Detail https://tbhaxor.com/understanding-address-spacing-in-detail/
tbhaxor
Understanding Address Spacing in Detail
Address spacing is used in all the Operating Systems to manage the processes' memory. Virtual address spacing opened the door for more features like swapping and easy relocations of the instructions and data to prevent address tampering.
Nice intro » Malware Reverse Engineering for Beginners - Part 1: From 0x0 https://www.intezer.com/blog/malware-analysis/malware-reverse-engineering-beginners/
Intezer
Malware Reverse Engineering for Beginners - Part 1: From 0x0
Reverse engineering is an integral part of malware analysis and research - get started learning this advanced skill to investigate malware.
Hacking a VW Golf Power Steering ECU - Part 1 https://blog.willemmelching.nl/carhacking/2022/01/02/vw-part1/
The learnings, pitfalls, and compromises of Microsoft’s expedition to the cloud https://www.microsoft.com/insidetrack/blog/learnings-pitfalls-compromises-operations-expedition-cloud/
Inside Track Blog
The learnings, pitfalls, and compromises of Microsoft’s expedition to the cloud - Inside Track Blog
Pete Apple shares his learnings from guiding Microsoft on its expedition to the cloud and Microsoft Azure.
SAILFISH System to Find State-Inconsistency Bugs in Smart Contracts https://thehackernews.com/2022/01/sailfish-system-to-find-state.html
Emulating File I/O for In-Memory Fuzzing https://www.signal-labs.com/blog/emulating-fileio-fuzzing
Signal Labs
Emulating File I/O for In-Memory Fuzzing | Advanced Offensive Cybersecurity Training
Using hooks & file I/O emulation to redirect disk I/O operations to memory, removing disk I/O & related syscalls during fuzzing (which also enables using snapshot-fuzzers that don't support disk I/O).