7
10月

Tittle: 2017.10.8

0 作者:admin

Angular-CLI Authentication Bypass

天地伟业网络摄像机敏感信息泄露

Horde Groupware Webmail Unauthorized File Download

Behind the Masq: Yet more DNS, and DHCP, vulnerabilities

FreeMilk: A Highly Targeted Spear Phishing Campaign

FOOTPRINTS OF FIN7: PUSHING NEW TECHNIQUES TO EVADE DETECTION

The Flusihoc Dynasty, A Long Standing DDoS Botnet

Reverse engineering malware: TrickBot (part 2 - loader)

Kernel Exploitation Case Study - "Wild" Pool Overflow on Win10 x64 RS2 (CVE-2016-3309 Reloaded)

Hiding Your Process From SysInternals

VMware Escapology – How to Houdini the Hypervisor

Finding Shader Vulnerabilities in VMware Workstation/Fusion

Reverse Engineering The MacOS AirPlayUIAgent - Part 001

How we bypassed the Intel Boot Guard

CLKSCREW: Exposing the perils of security-oblivious energy management

Using Binary Diffing to Discover Windows Kernel Memory Disclosure Bugs

Micropatching a Hypervisor With Running Virtual Machines (CVE-2017-4924)

Microsoft is breaking our security improvements with the new Windows 10 cumulative updates/upgrades

Lay of the Land with BloodHound

Playing with Dynamic symbolic execution

Robot hacking research

a catalog of links to articles on computer security including following topics: software and hardware analysis and vulnerability exploitation, shellcode development and vulnerability mitigations, general computer security research, malware research.

awesome-crypto-papers:A curated list of cryptography papers, articles, tutorials and howtos.

Magento XSS&CSRF

Erlang distribution RCE and a cookie bruteforcer

XSLT Server Side Injection Attacks

How I broke Envato Search Engine

How I was able to View Private Tweets of any Private Twitter Account

When Security Features Collide

The Bug Hunter's Methodology

tools Antivirus Event Analysis CheatSheet 1.1

tools Generic PE Loader For .NET

tools Siofra is a tool designed to identify and exploit DLL hijacking vulnerabilities in Windows

tools WebBreaker provides the capabilities to automate and centrally manage Dynamic Application Security Testing (DAST) as part of your DevOps pipeline.

tools OSINT-SPY -Python OSINT tool for data miners, researchers & pentesters

tools Bluelog:A highly configurable Linux Bluetooth scanner with optional web interface.

tools jni_helper:Android SO自动化分析工具

tools matcha:A framework for building iOS and Android apps in Go


评论


当前没有评论,快来评论吧!





来说点什么吧