5
9月

Tittle: 2017.9.7

0 作者:admin

Content Security Policy bypass in Microsoft Edge, Google Chrome and Apple Safari

Tor: Linux sandbox breakout via X11

Chrome: ExternalInterface.addCallback works across isolated worlds

Analysing a 10-Year-Old Malware SNOWBALL

Stack overflow in PlugX RAT

CVE-2017-9805:Struts2 REST插件远程执行命令漏洞(S2-052) 分析报告

S2-052复现过程(附POC利用)

S2-052漏洞分析及官方缓解措施无效验证

Sharks in the Pool :: Mixed Object Exploitation in the Windows Kernel Pool

Hunting With Active Directory Replication Metadata

Owning embedded devices and network protocols

Linux Based Inter-Process Code Injection Without Ptrace(2)

Firmware Exploitation With JEB: PART 1

Firmware Exploitation With JEB: PART 2

Firmware Exploitation With JEB: PART 3(REVERSING THE SMARTRG’S SR505N)

Binary Rewriting With Syzygy, Pt. I

New survey of the current state of fully homomorphic encryption schemes (TL;DR: FHE performance is still not great)

How Python does Unicode

国外会议收集列表(再发一次)

URL Spoofing with Modern Browser

Evading CloudFlare: Bypass Cloud Security Protections with CFire

Laravel PHP Framework - Local Root / Privilege Escalation via Task Scheduling (www-user -> uid0)

Uber Bug Bounty: Gaining Access To An Internal Chat System(8000$)

tools 影子经纪人9月放出的工具(pgp密钥未放出)

tools ShadowBrokers泄露汇总跟踪(持续更新)

tools androidre: A docker image for reverse engineering Android applications

tools metasploit:Apache Struts 2 REST Plugin XStream RCE

tools Yabin creates Yara signatures from executable code within malware. Given one sample of malware, you can then find other samples that share code.


评论


当前没有评论,快来评论吧!





来说点什么吧