Pwntools 102 - Crafting Shellcode with Shellcraft #Shellcraft #Pwntools #CTF #ReverseEngineering #ShellcodeCrafting https://www.archcloudlabs.com/projects/pwntools-shellcraft/
Arch Cloud Labs
Pwntools 102 - Crafting Shellcode with Shellcraft
About The Project Following up from Arch Cloud Labs’ previous blog post on Pwntools, we’ll continue to explore the pwntools framework this time focusing on shellcode generation. It’s not uncommon in the world of pwn/reverse engineering challenges for a requirement…
Scaling Up Malware Analysis with Gemini 1.5 Flash #MalwareAnalysis #Gemini1.5 #GoogleCloud #ThreatIntelligence #AIAnalysis https://cloud.google.com/blog/topics/threat-intelligence/scaling-up-malware-analysis-with-gemini
Google Cloud Blog
Scaling Up Malware Analysis with Gemini 1.5 Flash | Google Cloud Blog
We demonstrate how Gemini 1.5 Flash is capable of large-scale malware analysis in under a minute.
ebpf-for-windows: eBPF implementation that runs on top of Windows #eBPF #Windows #Implementation #Microsoft #GitHub https://github.com/microsoft/ebpf-for-windows
GitHub
GitHub - microsoft/ebpf-for-windows: eBPF implementation that runs on top of Windows
eBPF implementation that runs on top of Windows. Contribute to microsoft/ebpf-for-windows development by creating an account on GitHub.
XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability #XenForo #CSRF #Vulnerability #RCE #KarmaInSecurity https://karmainsecurity.com/KIS-2024-05
Karmainsecurity
XenForo <= 2.2.15 (Widget::actionSave) Cross-Site Request Forgery Vulnerability | Karma(In)Security
This is the personal website of Egidio Romano, a very curious guy from Sicily, Italy. He's a computer security enthusiast, particularly addicted to webapp security.
Identity Crisis: The Curious Case of a Delinea Local Privilege Escalation Vulnerability #IdentityCrisis #Vulnerability #CyberArk #IdentitySecurity #PrivilegeEscalation https://www.cyberark.com/resources/threat-research-blog/identity-crisis-the-curious-case-of-a-delinea-local-privilege-escalation-vulnerability
Cyberark
Identity Crisis: The Curious Case of a Delinea Local Privilege Escalation Vulnerability
During a recent customer engagement, the CyberArk Red Team discovered and exploited an Elevation of Privilege (EoP) vulnerability (CVE-2024-39708) in Delinea Privilege Manager (formerly Thycotic...
How to Bypass Golang SSL Verification #Golang #SSLVerification #CyberArk #Security #Programming https://www.cyberark.com/resources/threat-research-blog/how-to-bypass-golang-ssl-verification
Cyberark
How to Bypass Golang SSL Verification
Golang applications that use HTTPS requests have a built-in SSL verification feature enabled by default. In our work, we often encounter an application that uses Golang HTTPS requests, and we have...
👍1
Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA #FirmwareSecurity #EMBAAnalyzer #AutomatedAnalysis #OpenSource #IoTSecurity https://medium.com/@iugkhgf/leveraging-automated-firmware-analysis-with-the-open-source-firmware-analyzer-emba-46d30d587a87
Medium
Leveraging Automated Firmware Analysis with the Open-Source Firmware Analyzer EMBA
The Internet of Things (IoT) ecosystem as well as critical infrastructure represents a rapidly growing technology field that connects…
Windows Installer, Exploiting Custom Actions #WindowsInstaller #CustomActions #Vulnerability #ElevationOfPrivileges #CVE2023-32016 https://blog.doyensec.com/2024/07/18/custom-actions.html
👍1
Compiler Options Hardening Guide for C and C++ #CompilerOptionsHardening #OpenSSF #BestPractices #CProgramming #C++Programming https://best.openssf.org/Compiler-Hardening-Guides/Compiler-Options-Hardening-Guide-for-C-and-C++.html
OpenSSF Best Practices Working Group
Compiler Options Hardening Guide for C and C++
The Best Practices for OSS Developers working group is dedicated to raising awareness and education of secure code best practices for open source developers.
👍2
Attacking Connection Tracking Frameworks as used by Virtual Private Networks https://petsymposium.org/popets/2024/popets-2024-0070.pdf
👍1
How did I approach making linux LKM rootkit, “reveng_rtkit” ? #LinuxLKM #Rootkit #reveng_rtkit #KernelManipulation #SyscallInterception https://reveng007.github.io/blog/2022/03/08/reveng_rkit_detailed.html
reveng007’s Blog
How did I approach making linux LKM rootkit, “reveng_rtkit” ?
READING TIME: 53 min.
👍1
Unveiling secrets of the ESP32: creating an open-source MAC Layer #ESP32 #OpenSource #MACLayer #ReverseEngineering #Wi-FiNetworking https://zeus.ugent.be/blog/23-24/open-source-esp32-wifi-mac/
Zeus WPI
Unveiling secrets of the ESP32: creating an open-source MAC Layer
Reverse engineering the ESP32 Wi-Fi hardware registers
Code injection on Android without ptrace #CodeInjection #Android #Rust #Shellcode #SELinux https://erfur.dev/blog/dev/code-injection-without-ptrace
erfur's bits and pieces
Code injection on Android without ptrace
Prompt Engineering https://x.com/bindureddy/status/1814409737557160044?s=61
Exploring GNU extensions in the Linux kernel https://maskray.me/blog/2024-05-12-exploring-gnu-extensions-in-linux-kernel
MaskRay
Exploring GNU extensions in the Linux kernel
The Linux kernel is written in C, but it also leverages extensions provided by GCC. In 2022, it moved from GCC/Clang -std=gnu89 to -std=gnu11. This article explores my notes on how these GNU extension
🤷2
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android #EvilVideoVulnerability #TelegramAndroidExploit #ZeroDayDiscovery #CyberSecurity #MaliciousPayloads https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android/
Welivesecurity
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
ESET researchers discovered a zero-day Telegram for Android exploit that allows sending malicious files disguised as videos.
👍2🥱2
WebAssembly and Security: a review #WebAssembly #SecurityReview #CryptoAndSecurity #Research #AccessibilityForum https://arxiv.org/abs/2407.12297
arXiv.org
WebAssembly and Security: a review
WebAssembly is revolutionizing the approach to developing modern applications. Although this technology was born to create portable and performant modules in web browsers, currently, its...
👍2
Bus Pirate 5: The Swiss ARRRmy Knife of Hardware Hacking #BusPirate5 #HardwareHacking #SwissArmyKnife #SupplyChainSecurity #ModernEnterprise https://eclypsium.com/blog/bus-pirate-5-the-swiss-arrrmy-knife-of-hardware-hacking/
Eclypsium | Supply Chain Security for the Modern Enterprise
Bus Pirate 5: The Swiss ARRRmy Knife of Hardware Hacking - Eclypsium | Supply Chain Security for the Modern Enterprise
The Bus Pirate 5 is the latest version of the popular hardware hacking and debugging tool. The LCD screen, programmable LEDs, and several connector options make it a formidable platform worthy of inclusion in your toolbox.
Inside Doppelganger – How Russia uses EU companies for its propaganda #Doppelganger #RussiaPropaganda #EUCompanies #Disinformation #Investigation https://correctiv.org/en/fact-checking-en/2024/07/22/inside-doppelganger-how-russia-uses-eu-companies-for-its-propaganda/
CORRECTIV
Inside Doppelganger – How Russia uses EU companies for its propaganda
How Doppelganger, one of the biggest Russian disinformation campaigns, is using EU companies to keep spreading its propaganda – despite sanctions.
👍2🤡1
edr_blocker: Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. #GitHub #TierZeroSecurity #EDR #Telemetry #iptables https://github.com/TierZeroSecurity/edr_blocker
GitHub
GitHub - TierZeroSecurity/edr_blocker: Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is…
Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables. The blocked destination IP addresses are parsed based on the server name in TLS Cli...