17
7月

Tittle: 2017.7.18

0 作者:admin

Cisco: WebEx Various GPC Sanitization bypasses permit Arbitrary Remote Command Execution

"Bypassing" Microsoft's Patch for CVE-2017-0199(CVE-2017-8570)

Mozilla Firefox DEP and ASLR Bypass Using ASM.JS JIT-Spray (CVE-2017-5375 and CVE-2017-5400)

From fuzzing Apache httpd server to CVE-2017-7668 and a $1500 bounty

Alpine Linux exploitation (Pt 2 of 2)

CVE-2017-9951 – Heap Overflow in Memcached Server <= 1.4.38

Analyzing a Patch of a Virtual Machine Escape on VMware

“双枪”狙击:首例连环感染MBR和VBR的顽固木马分析

CVE to PoC - CVE-2017-0037

Old .NET Vulnerability 4: Double Construction Verification Issue (CVE-2013-0004)

ARM exploitation for IoT – Episode 1

Remote Social Engineering the DA Trilogy

SteelCon 2017 视频

H1702 CTF Writeup

XSS Auditor Bypass with partial closing script tag.

The Bug Hunters Methodology 2

Wordpress 4.7.2 - Two XSS in Media Upload when file too large inside the administrators control panel

tools XSStrike is a program which can fuzz and bruteforce parameters for XSS. It can also detect and bypass WAFs.

tools PowerSploit - A PowerShell Post-Exploitation Framework

tools ReverseAPK - Quickly analyze and reverse engineer Android applications

tools teh_s3_bucketeers:a simple S3 bucket scanner which permutates a inputted name and reports accessible buckets.

tools AttifyOS is a pre-configured Lubuntu 14.04 based distribution having tools required during Internet of Things (IoT) security assessments or penetration tests.

tools kernel_exploit_world:Tutorial for writing kernel exploits.This repository contains simple practices for writing kernel exploits.

tools CAN analysis - Use your car as a gamepad!

tools JSParser: parse relative URLs from JavaScript files

tools Mellivora is a CTF engine written in PHP


评论


当前没有评论,快来评论吧!





来说点什么吧