Nice notes on this topic » SAT/SMT
by Example (by Dennis Yurichev) https://sat-smt.codes/SAT_SMT_by_example.pdf
by Example (by Dennis Yurichev) https://sat-smt.codes/SAT_SMT_by_example.pdf
Fork Bomb for Flutter https://swarm.ptsecurity.com/fork-bomb-for-flutter/
PT SWARM
Fork Bomb for Flutter
Flutter applications can be found in security analysis projects or bugbounty programs. Most often, such assets are simply overlooked due to the lack of methodologies and ways to reverse engineer them. I decided not to skip this anymore and developed the reFlutter…
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically https://security.googleblog.com/2022/09/fuzzing-beyond-memory-corruption.html
Google Online Security Blog
Fuzzing beyond memory corruption: Finding broader classes of vulnerabilities automatically
Posted by Jonathan Metzman, Dongge Liu and Oliver Chang, Google Open Source Security Team Recently, OSS-Fuzz —our community fuzzing servi...
Thoughts on the use of noVNC for phishing campaigns https://adepts.of0x.cc/novnc-phishing/
Thoughts on the use of noVNC for phishing campaigns |
Thoughts on the use of noVNC for phishing campaigns | AdeptsOf0xCC
Detecting NoVNC for phishing campaigns
Browser Exploitation: Firefox OOB to RCE https://vulndev.io/2022/09/09/browser-exploitation-firefox-oob-to-rce/
Uninitialized Memory Disclosures in Web Applications https://blog.silentsignal.eu/2020/04/20/uninitialized-memory-disclosures-in-web-applications/
The seventh way to call a JavaScript function without parentheses https://portswigger.net/research/the-seventh-way-to-call-a-javascript-function-without-parentheses
PortSwigger Research
The seventh way to call a JavaScript function without parentheses
I thought I knew all the ways to call functions without parentheses: alert`1337` throw onerror=alert,1337 Function`x${'alert\x281337\x29'}x``` 'alert\x281337\x29'instanceof{[Symbol['hasInstance']]:eva
WriteProcessMemoryAPC - Write memory to a remote process using APC calls https://www.x86matthew.com/view_post?id=writeprocessmemory_apc
The Anatomy of a Malicious Package https://blog.phylum.io/malicious-javascript-code-in-npm-malware
Dead or Alive? An Emotet Story https://thedfirreport.com/2022/09/12/dead-or-alive-an-emotet-story/
The DFIR Report
Dead or Alive? An Emotet Story - The DFIR Report
In this intrusion from May 2022, we observed a domain-wide compromise that started from a malware ridden Excel document containing the never-dying malware, Emotet. The post-exploitation started very soon after the initial compromise. The threat actors began…
memOptix: A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework https://github.com/blueteam0ps/memOptix/
GitHub
GitHub - blueteam0ps/memOptix: A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction…
A Jupyter notebook to assist with the analysis of the output generated from Volatility memory extraction framework. - blueteam0ps/memOptix
Attacking the Android kernel using the Qualcomm TrustZone https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone
Tamir Zahavi-Brunner’s Blog
Attacking the Android kernel using the Qualcomm TrustZone
In this post I describe a somewhat unique Android kernel exploit, which utilizes the TrustZone in order to compromise the kernel.
Caching the Un-cacheables - Abusing URL Parser Confusions (Web Cache Poisoning Technique) https://nokline.github.io/bugbounty/2022/09/02/Glassdoor-Cache-Poisoning.html
Traces of Windows remote command execution https://www.synacktiv.com/publications/traces-of-windows-remote-command-execution.html
Synacktiv
Traces of Windows remote command execution
Implementing a Zero Trust strategy after compromise recovery https://www.microsoft.com/security/blog/2022/09/14/implementing-a-zero-trust-strategy-after-compromise-recovery/
Microsoft News
Implementing a Zero Trust strategy after compromise recovery
After a compromise recovery, we follow a plan for moving forward to get up-to-date with security posture all over the environment.
Malicious OAuth applications abuse cloud email services to spread spam https://www.microsoft.com/security/blog/2022/09/22/malicious-oauth-applications-used-to-compromise-email-servers-and-spread-spam/
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities https://onekey.com/blog/security-advisory-netgear-routers-funjsq-vulnerabilities/
Onekey
Security Advisory: NETGEAR Routers FunJSQ Vulnerabilities | ONEKEY Research | Research | ONEKEY
Detailed vulnerability analysis identifies several problems in FunJSQ on NETGEAR Routers & Orbi WiFi Systems. Read latest Security Advisory here 👉