25
8月

Tittle: 2017.8.26

0 作者:admin

deconstructing a winning webkit pwn2own entry

Windows: PPL Process Injection EoP

Bypass Cylance Memory Exploitation Defense & Script Cntrl

Operation RAT Cook: Chinese APT actors use fake Game of Thrones leaks as lures

More hiding Trojans on Google Play

Fake Lloyds Bank You have a new secure Message malspam delivers Trickbot banking Trojan

Malicious AutoIT script delivered in a self-extracting RAR file

php_mt_seed - PHP mt_rand() seed cracker

Abusing Token Privileges For Windows Local Privilege Escalation

How to buy MacBook for $1, or hacking SAP POS

a weird edge case in Win32 to NT file path translation

msxsl.exe Working As Designed.

Ro(o)tten Apples - Vulnerability Heaven in the iOS Sandbox

XCon 2017 - Fixed, or not fixed, that is the question(Exploit Chakra JIT Engine)

CSS 2017 - Bypass the Maginot Line of Windows

Android Malware and Machine Learning

a huge collection of resources learning about Software, Hardware, or Browser Exploitation

PhpcmsV9从反射型XSS到CSRF绕过到Getshell

挖洞经验 | 记一次曲折的Getshell过程

tools db_security:数据库安全审计, 目前支持审计: 1、sql注入行为,共257条规则 2、账户创建删除赋权等敏感操作行为,共5条规则 3、单次执行sql返回数据量>10000 4、每小时执行sql返回数量>50000 5、每天执行sql返回数量>100000

tools WinHeap-Explorer: a proof-of-concept tool for heap-based bugs detection in x86 machine code for Windows applications

tools MTuner is a C/C++ memory profiler and memory leak finder for Windows, PS4, PS3, etc.

tools meloader:an Intel Management Engine a.k.a Intel ME firmware loader plugin for IDA.

tools PoshC2 is a proxy aware C2 framework written completely in PowerShell to aid penetration testers with red teaming, post-exploitation and lateral movement.


评论


当前没有评论,快来评论吧!





来说点什么吧