27
7月

Tittle: 2017.7.31

0 作者:admin

McAfee Security Scan Plus Remote Command Execution

Reversing Malware: CoinMiner

如何使用Fuzzing挖掘ImageMagick的漏洞

How to turn Photoshop into a remote access tool

#defcon#Abusing GDI Objects for ring0 Primitives Revolution

#defcon#Jailbreaking Apple Watch by Max Bazaliy

Reverse Engineering Malware 101

Defcon 25 Materials and Presentations

BlackHat USA 2017 ppt 百度盘

Change the Business Logic through XPI

The adventures of xss vectors in curious places

中国特色浏览器的漏洞挖掘与自动化测试

tools ShellLink:A .NET Class Library for processing ShellLink (LNK) files as documented in MS-SHLLINK. It allows for reading, creating and modifying ShellLink (LNK) files(CVE-2017-8464)

tools Reflective Kernel Driver injection is a injection technique base off Reflective DLL injection to bypass Windows driver signing enforcement (KMCS) https://github.com/Professor-plum/Reflective-Driver-Loader

tools Spacebin is a proof-of-concept malware that exfiltrates data (from air-gapped-like environments) via triggering AV on the endpoint and then communicating back from the AV's cloud component.

tools BurpSmartBuster: A Smart Way to Find Hidden Treasures

tools Fuzzapi is a tool used for REST API pentesting and uses API_Fuzzer gem

tools Brida is a Burp Suite Extension that, working as a bridge between Burp Suite and Frida

tools ImageMagick Fuzzer

tools sRDI:Shellcode implementation of Reflective DLL Injection. Convert DLLs to position independent shellcode

tools csp-auditor:Burp and ZAP plugin to analyse Content-Security-Policy headers or generate template CSP configuration from crawling a Website

tools PowerShdll:Run PowerShell with rundll32. Bypass software restrictions.

tools hack400tool - security handling tools for IBM Power Systems (formerly known as AS/400)

tools isthislegit:Dashboard to collect, analyze, and respond to reported phishing emails.

tools phinn:A toolkit to generate an offline Chrome extension to detect phishing attacks using a bespoke convolutional neural network.

tools Koadic, or COM Command & Control, is a Windows post-exploitation rootkit similar to other penetration testing tools such as Meterpreter and Powershell Empire.


评论


当前没有评论,快来评论吧!





来说点什么吧