4
9月

Tittle: 2017.9.6

0 作者:admin

Struts2 S2-052 RCE分析与利用

Using QL to find a remote code execution vulnerability in Apache Struts (CVE-2017-9805)

poc

WiseGiga NAS Multiple Vulnerabilities

Graftor - But I Never Asked for This

Windows’ PsSetLoadImageNotifyRoutine Callbacks: the Good, the Bad and the Unclear (Part 1) - Breaking Malware

DIY Spy Program: Abusing Apple’s Call Relay Protocol

Hunting AdwindRAT with SSL Heuristics

High Sierra's 'Secure Kernel Extension Loading' is Broken-a new 'security' feature in macOS 10.13, is trivial to bypass

Re-enjoying the ActiveX (and others) Fun in Chinese Customized Browsers

use APC only to inject code into remote process,no other API is used/required

Abusing A Writable Windows Service

DLL Injection with SetThreadContext

Analyzing Malicious Documents Cheat Sheet

Mastercard Internet Gateway Service: Hashing Design Flaw

Indistinguishable Predicates: A New Tool for Obfuscation

learn how to dump a flash chip

ToorCon 19 - 2017 会议视频

发现微博图片可以链接找到发图的人

从无到有通过ISO27001认证-建设篇

渗透测试学习笔记之案例四

The Grave Accent ` and XSS

tools Malware source code database

tools Cobra-源代码安全审计v2.0 Alpha版本发布

tools 一些Linux、Solaris、AIX、Oracle、MySQL等的漏洞利用脚本

tools RemoteRecon provides the ability to execute post-exploitation capabilities against a remote host, without having to expose your complete toolkit/agent.

tools LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.


评论


当前没有评论,快来评论吧!





来说点什么吧