Let's Make & Crack a PRNG in Go! #PRNG #MersenneTwister #GoProgramming https://vaktibabat.github.io/posts/PRNG_In_Go/
Vaktibabat
Let’s Make & Crack a PRNG in Go!
Intro Hi everyone! Oftentimes, when programming things that are supposed to be secure, we hear stuff about only using Cryptographically Secure PRNGs (CSPRNGs), and not just any old random-number generating function such as Python’s random module or PHP’s…
Securing Developer Tools: Unpatched Code Vulnerabilities in Gogs (1/2) #SecureDeveloperTools #GogsVulnerabilities #CleanCode #SonarSecurity #ProtectYourself https://www.sonarsource.com/blog/securing-developer-tools-unpatched-code-vulnerabilities-in-gogs-1/
Sonarsource
Unpatched Gogs Vulnerabilities: SSH Argument Injection (1/2)
We discovered 4 critical code vulnerabilities in Gogs, a source code hosting solution, which are still unpatched. Read about the details and how to protect yourself.
App-Level eBPF Applications - User vs. Kernel Probes #eBPFApplications #UserVsKernelProbes #OligoSecurity #ApplicationVisibility #PerformanceTradeoffs https://www.oligo.security/blog/app-level-ebpf-applications
www.oligo.security
App-Level eBPF Applications - User vs. Kernel Probes | Oligo Security
When running the diversity of applications required today to power our many tools and platforms, the need for more granular application-level visibility, has become critical for many engineering teams.
Universal Code Execution by Chaining Messages in Browser Extensions #UniversalCodeExecution #BrowserExtensions #VulnerabilityDisclosure #SameOriginPolicy #NativeMessaging https://spaceraccoon.dev/universal-code-execution-browser-extensions/
spaceraccoon.dev
Universal Code Execution by Chaining Messages in Browser Extensions
By chaining various messaging APIs in browsers and browser extensions, I demonstrate how we can jump from web pages to “universal code execution”, breaking both Same Origin Policy and the browser sandbox. I provide two new vulnerability disclosures affecting…
angr for real-world use cases #angr #realworld #debugging #windows #programanalysis https://plowsec.github.io/angr-introspection-2024.html
plowsec.github.io
angr for real-world use cases
My experiences using angr for real-world use cases in 2024, and extending it to diagnose problems / show what it’s doing
The Current State of Browser Cookies #BrowserCookies #CyberArk #DataSecurity #MozillaFirefox #GoogleChrome https://www.cyberark.com/resources/threat-research-blog/the-current-state-of-browser-cookies
Cyberark
The Current State of Browser Cookies
What Are Cookies When you hear “cookies,” you may initially think of the delicious chocolate chip ones. However, web cookies function quite differently than their crumbly-baked counterparts....
WhatsUp Gold SetAdminPassword Privilege EscalationCVE-2024-5009 #WhatsUpGold #SetAdminPassword #PrivilegeEscalation #TeamTraining #Exploits https://summoning.team/blog/progress-whatsup-gold-privesc-setadminpassword-cve-2024-5009/
Summoning Team
WhatsUp Gold SetAdminPassword Privilege Escalation
Lets analyze a privilege escalation which I found targeting progress whatsup gold, this is the story of CVE-2024-5009
WhatsUp Gold Pre-Auth RCE GetFileWithoutZip PrimitiveCVE-2024-4885 #WhatsUpGold #PreAuthRCE #GetFileWithoutZip #PrimitiveSummoning #TeamTraining https://summoning.team/blog/progress-whatsup-gold-rce-cve-2024-4885/
Summoning Team
WhatsUp Gold Pre-Auth RCE GetFileWithoutZip Primitive
I discovered an unauthenticated path traversal against the latest version of progress whatsup gold and turned it into a pre-auth RCE, following is how I did it, this is the story of CVE-2024-4885
Critical RCE Vulnerabilities in OpenSSH (CVE-2024-6387, CVE-2024-6409) - How to Detect and Mitigate #OpenSSH #CriticalVulnerabilities #RemoteCodeExecution #DetectAndMitigate #OligoSecurity https://www.oligo.security/blog/critical-openssh-vulnerability-cve-2024-6387-regresshion
www.oligo.security
Critical RCE Vulnerabilities in OpenSSH (CVE-2024-6387, CVE-2024-6409) - How to Detect and Mitigate | Oligo Security
Discover the critical OpenSSH RCE vulnerabilities (CVE-2024-6387, CVE-2024-6409) and learn detection and mitigation steps to protect your servers from potential exploits.
CORS: the ultimate guide #CORS #AJAX #SOP #CORSrules #CORSsecurity https://www.devsecurely.com/blog/2024/06/cors-the-ultimate-guide
Devsecurely
CORS: the ultimate guide | Devsecurely
A simple and concrete guide on the world of CORS. It explain what it is, how it works, and how to set it up to protect your website.
👍2
Pwntools 101 - Pwndbg & Buffer Overflows #Pwntools #Pwndbg #BufferOverflows #ArchCloudLabs #ExploitDevelopment https://www.archcloudlabs.com/projects/pwntools-bof/
Arch Cloud Labs
Pwntools 101 - Pwndbg & Buffer Overflows
About The Project Pwndbg and Pwntools are Python frameworks for automating different parts of exploit development. These frameworks are highly popular amongst CTF players as they simplify and accelerate the creation of Proof of Concept (PoC) scripts for memory…
Setting up an x86 CPU in 64-bit mode #x86CPU #64BitMode #BootSectorSetup #ProtectedMode #LongModeSwitch https://thasso.xyz/2024/07/13/setting-up-an-x86-cpu.html
thasso.xyz
Thasso's Cyberspace Home
blackbox-fuzzing: Fuzzing IoT Devices Using the Router TL-WR902AC as Example #GitHub #Fuzzing #IoTDevices #MemoryVulnerability #RouterTLWR902AC https://github.com/otsmr/blackbox-fuzzing
GitHub
GitHub - otsmr/blackbox-fuzzing: Fuzzing IoT Devices Using the Router TL-WR902AC as Example
Fuzzing IoT Devices Using the Router TL-WR902AC as Example - otsmr/blackbox-fuzzing
Pwntools 103 - Automating Binary Interaction #Pwntools #BinaryAutomation #CTF #CyberSecurity #ArchCloudLabs https://www.archcloudlabs.com/projects/pwntools-automating-interactions/
Arch Cloud Labs
Pwntools 103 - Automating Binary Interaction
About The Project In continuation of Arch Cloud Labs’ previous blog post on Pwntools, we dive deeper into the Pwntools framework, focusing on automating interactions with binary programs. Imagine a scenario where you need your binary to follow a specific…
Pwntools 102 - Crafting Shellcode with Shellcraft #Shellcraft #Pwntools #CTF #ReverseEngineering #ShellcodeCrafting https://www.archcloudlabs.com/projects/pwntools-shellcraft/
Arch Cloud Labs
Pwntools 102 - Crafting Shellcode with Shellcraft
About The Project Following up from Arch Cloud Labs’ previous blog post on Pwntools, we’ll continue to explore the pwntools framework this time focusing on shellcode generation. It’s not uncommon in the world of pwn/reverse engineering challenges for a requirement…
Scaling Up Malware Analysis with Gemini 1.5 Flash #MalwareAnalysis #Gemini1.5 #GoogleCloud #ThreatIntelligence #AIAnalysis https://cloud.google.com/blog/topics/threat-intelligence/scaling-up-malware-analysis-with-gemini
Google Cloud Blog
Scaling Up Malware Analysis with Gemini 1.5 Flash | Google Cloud Blog
We demonstrate how Gemini 1.5 Flash is capable of large-scale malware analysis in under a minute.
ebpf-for-windows: eBPF implementation that runs on top of Windows #eBPF #Windows #Implementation #Microsoft #GitHub https://github.com/microsoft/ebpf-for-windows
GitHub
GitHub - microsoft/ebpf-for-windows: eBPF implementation that runs on top of Windows
eBPF implementation that runs on top of Windows. Contribute to microsoft/ebpf-for-windows development by creating an account on GitHub.
XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability #XenForo #CSRF #Vulnerability #RCE #KarmaInSecurity https://karmainsecurity.com/KIS-2024-05
Karmainsecurity
XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability | Karma(In)Security
This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.
Identity Crisis: The Curious Case of a Delinea Local Privilege Escalation Vulnerability #IdentityCrisis #Vulnerability #CyberArk #IdentitySecurity #PrivilegeEscalation https://www.cyberark.com/resources/threat-research-blog/identity-crisis-the-curious-case-of-a-delinea-local-privilege-escalation-vulnerability
Cyberark
Identity Crisis: The Curious Case of a Delinea Local Privilege Escalation Vulnerability
During a recent customer engagement, the CyberArk Red Team discovered and exploited an Elevation of Privilege (EoP) vulnerability (CVE-2024-39708) in Delinea Privilege Manager (formerly Thycotic...
How to Bypass Golang SSL Verification #Golang #SSLVerification #CyberArk #Security #Programming https://www.cyberark.com/resources/threat-research-blog/how-to-bypass-golang-ssl-verification
Cyberark
How to Bypass Golang SSL Verification
Golang applications that use HTTPS requests have a built-in SSL verification feature enabled by default. In our work, we often encounter an application that uses Golang HTTPS requests, and we have...
👍1