19
9月

Tittle: 2017.9.20

0 作者:admin

CVE-2017-7674 Apache Tomcat Remote Code Execution via JSP Upload

DenyAll Web Application Firewall Unauthenticated Remote Code Execution

NEW ANDROID TROJAN TARGETING OVER 60 BANKS AND SOCIAL APPS

蜻蜓二代“Dragonfly2.0”恶意组件分析报告(下篇)

How TrickBot tricks its victims with web injects (Server side injections)

jelbraek for all devices running iOS 8.4.1 32 bit

CVE-2017-10992 - HP STORAGE ESSENTIALS REMOTE CODE EXECUTION VIA JAVA DESERIALIZATION

Kernel Driver mmap Handler Exploitation

PowerView PowerUsage - Searching for Abusable GPOs in a Foreign Domain

Rootkit Analysis – Use Case On Hidedrv(2016)

(wikileaks-俄语)Russian mobile users, this is the kind of data your government is getting from your GSM operator

Common WiFi Attacks And How To Detect Them

Using ssdeep (fuzzy hash) in huge scale for file clustering

Where the Wild Warnings Are:Root Causes of Chrome HTTPS Certificate Errors

Analysis of fingerprint samples, testing various conditions, for forensic DNA identification

Cure53 Browser Security White Paper

Browser Security White Paper

X41 Browser Security White Paper - Tools and PoCs

A couple more common OAuth 2.0 vulnerabilities

Race Conditions in OAuth 2 API implementations

STORY OF A PARAMETER SPECIFIC XSS!

tools yersinia -A framework for layer 2 attacks

tools pywintrace: A Python Wrapper for ETW(Event tracing for Windows (ETW) is a lightweight logging facility first introduced with Windows 2000.)

tools FRIEND is an IDA plugin created to improve disassembly and bring register/instruction documentation right into IDA View.

tools Huge RAT repository ! 450+ RATs (nearly every variant)

tools demos:Windows Kernel Exploitation. Static & dynamic analysis, exploits & vuln reasearch. Mitigations bypass's, genric bug-class's.

tools Octo.js is a unified shared library which aids in building fuzzers for browsers or as complement for an already existing fuzzing framework.

tools Cexigua:Linux based inter-process code injection without ptrace(2)

tools wire.com(open-source):Secure communication,Full privacy.


评论


当前没有评论,快来评论吧!





来说点什么吧