Codex Exposed: Helping Hackers in Training? https://www.trendmicro.com/en_ae/research/22/a/codex-exposed-helping-hackers-in-training.html
Trend Micro
Codex Exposed Helping Hackers in Training
Silly proof of concept: Anti-phishing using perceptual hashing algorithms https://www.anvilsecure.com/blog/silly-proof-of-concept-anti-phishing-using-perceptual-hashing-algorithms.html
Anvil Secure
Silly proof of concept: Anti-phishing using perceptual hashing algorithms - Anvil Secure
by Diego Freijo Welcome to the first dispatch coming out of the Ministry of Silly Ideas! It’s a space we’ve got inside Anvil where we encourage ourselves to come up with interesting-even-if-sounding-silly-at-first-glance ideas around security or IT in general.…
Invisible Sandbox Evasion https://research.checkpoint.com/2022/invisible-cuckoo-cape-sandbox-evasion/
Check Point Research
Invisible Sandbox Evasion - Check Point Research
Cuckoo and CAPE sandbox evasion in one legitimate Windows API function call? It is possible due to issues we found in Cuckoo and CAPE monitor.
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999) https://research.ifcr.dk/spoolfool-windows-print-spooler-privilege-escalation-cve-2022-22718-bf7752b68d81
Medium
SpoolFool: Windows Print Spooler Privilege Escalation (CVE-2022-21999)
In this blog post, we’ll look at a Windows Print Spooler local privilege escalation vulnerability that I found and…
Nice summary for forensics » Volatility MindMap & CheatSheet https://github.com/HellishPn/Volatility-MM-CS
GitHub
GitHub - HellishPn/Volatility-MM-CS: Volatility MindMap & Cheat Sheet
Volatility MindMap & Cheat Sheet. Contribute to HellishPn/Volatility-MM-CS development by creating an account on GitHub.
RegEx Library - a curated list of useful regular expressions for different programming languages https://uibakery.io/regex-library
CVE-2022-0185 – What does the newest kernel exploit mean for Kubernetes users and how to detect it? https://www.armosec.io/blog/cve-2022-0185-kubernetes-users/
ARMO
What the newest kernel exploit - CVE-2022-0185 - mean for Kubernetes?
In the last few days, Linux maintainers disclosed a broadly available Linux kernel vulnerability - CVE-2022-0185- what does it mean for Kubernetes?
Analyzing and Detecting a VMTools Persistence Technique https://bohops.com/2021/10/08/analyzing-and-detecting-a-vmtools-persistence-technique/
bohops
Analyzing and Detecting a VMTools Persistence Technique
Introduction It is always fun to reexplore previously discovered techniques or pick back on old research that was put on the wayside in hopes to maybe finding something new or different. Recently, …
EmbedExeLnk - Embedding an EXE inside a LNK with automatic execution https://www.x86matthew.com/view_post?id=embed_exe_lnk
A new publication from members of our group 👏👏 congrats guys! » https://twitter.com/RicardoJRdez/status/1500389724237803524
Twitter
Ricardo J. Rodríguez
Our work "Defense and Attack Techniques Against File-Based TOCTOU Vulnerabilities: A Systematic Review" (with @Razvieu and P. Álvarez) is finally out! ieeexplore.ieee.org/document/97180… (1/3)
A Zero-Click RCE Exploit for the Peloton Bike (And Also Every Other Unpatched Android Device) https://www.nowsecure.com/blog/2022/02/09/a-zero-click-rce-exploit-for-the-peloton-bike-and-also-every-other-unpatched-android-device/
Nowsecure
Zero-Click RCE Exploit for the Peloton Bike Identified and Patched
The Peloton Bike ran an unpatched version of Android 7 which led to it being vulnerable to a number of known issues, most significantly CVE-2021-0326, which could allow an attacker within WiFi range to execute arbitrary code on the device with no user interaction.
Nice sketch about 2FA, for lectures :) » https://twitter.com/sketchplanator/status/1491412842339258370?t=-0d5KnxC4sHtiSUize8OIQ&s=09
Twitter
Sketchplanations
2 factor authentication
Critical vulnerability discovered in MISP https://zigrin.com/case-study/vulnerability-discovery-in-misp/
FunctionStomping: shellcode injection technique to evade AVs and EDRs https://github.com/Idov31/FunctionStomping
GitHub
GitHub - Idov31/FunctionStomping: Shellcode injection technique. Given as C++ header, standalone Rust program or library.
Shellcode injection technique. Given as C++ header, standalone Rust program or library. - Idov31/FunctionStomping
Working with USB through IOKit on a jailbroken iOS 📱https://danylokos.github.io/0x05/
🇺🇦 danylokos’s blog
Working with USB through IOKit on a jailbroken iOS 📱
Some time ago, as part of a new hobby, I bought a telescope 🔭 (Newtonian reflector), and some additional eyepieces… and filters… and a motor drive for the mount… and an astronomy USB camera 😬. Hey, you need all this stuff, seriously! For the whole setup to…
Good content here! » Reverse-Engineering & Exploitation Fundamentals https://omu.rce.so/gcc-2022/
omu.rce.so
omu training
Writing Anti-Anti-Virus Exploit (AuViel - Hayyim CTF 2022) https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744
CTFするぞ
Writing Anti-Anti-Virus Exploit (AuViel - Hayyim CTF 2022) - CTFするぞ
Introduction I played Hayyim CTF 2022 with keymoon, st98, and theoremoon. We solved all pwn tasks there and stood the 3rd place. *1 There was a pwn challenge to…