18
9月

Tittle: 2017.9.19

0 作者:admin

CCleanup v5.33版本被植入恶意代码

CCleaner恶意代码分析预警

CCleanup v5.33样本(infect3d)

Optionsbleed - HTTP OPTIONS method can leak Apache's server memory(CVE-2017-9798)

NEXXT Routers Authentication Bypass

SMAP bypass on OpenBSD from userland

An (un)documented Word feature abused by attackers

CVE-2017-8759完美复现(另附加hta+powershell弹框闪烁解决方案)

EXPLODINGCAN: A VULNERABILITY REVIEW(CVE-2017-7269)

Persisting with Microsoft Office:Abusing Extensibility Options

Heap Exploitation ~ Fastbin Attack

Active Directory Access Control List – Attacks and Defense

HITBGSEC 2017 Singapore 视频

SecWiki周刊(2017/09/11-2017/09/17)

tools Awesome CVE PoC:a collection about Proof of Concepts of Common Vulnerabilities and Exposures

tools Awesome-Security-Gists:Most popular Security Gists curated in a place !

tools Inception is a physical memory manipulation and hacking tool exploiting PCI-based DMA. The tool can attack over FireWire, Thunderbolt, ExpressCard, PC Card and any other PCI/PCIe interfaces.

tools AWS Extender is a BurpSuite extension to identify and test S3 buckets as well as Google Storage buckets and Azure Storage containers for common misconfiguration issues using the boto/boto3 SDK library.

tools Burplay is a Burp Extension allowing for replaying any number of requests using same modifications definition. Its main purpose is to aid in searching for Privilege Escalation issues.

tools MinerBlock - A web extension to block known web-based cryptocurrency miners all over the web

tools idahunt is a framework to analyze binaries with IDA Pro and hunt for things in IDA Pro

tools dawgmon:monitor operating system changes and analyze introduced attack surface when installing software

tools Logic Monsters:A collection of malicious logic, AKA shellcode for hardware

tools WireX source code:This source code was obtained by reversing a sample of WireX. It’s not the original source code


评论


当前没有评论,快来评论吧!





来说点什么吧