18
10月

Tittle: 2017.10.20

0 作者:admin

地下暗流:揭秘控制百万肉鸡的GhostFramework

A deeper look at Tofsee(mine bitcoins, send emails, steal credentials, perform DDoS attacks) modules

apt28 racing to exploit cve-2017-11292 flash vulnerability before patches are deployed

Necurs Botnet malspam pushes Locky using DDE attack

The Flusihoc Dynasty, A Long Standing DDoS Botnet

OSX/Proton spreading again through supply-chain attack

Digging Deeper - An In-Depth Analysis of a Fast Flux Network

CVE-2017-12579 Local root privesc in Hashicorp vagrant-vmware-fusion 4.0.24

Google PDFium TIFF Image Flate Decoder Code Execution Vulnerability(CVE-2017-5133)

UMCI Bypass Using PSWorkFlowUtility: CVE-2017–0215

a curious tale of remote code execution, the tp-link story – cve-2017-13772

Attacking a co-hosted VM: A hacker, a hammer and two memory modules

EternalBlue – Everything there is to know

On the Power of Optical Contactless Probing:Attacking Bitstream Encryption of FPGAs

Some links to cool CIA articles

A Berkeley View of Systems Challenges for AI

Taking over every Ad on OLX (automated), an IDOR story

FlashME! – WordPress vulnerability disclosure (CVE-2016-9263)

Bug bounty vs. Big companies or how to apply bug bounty methodos inside big organisations

tools Decryptor for Magniber ransomware

tools Santoku is a platform for mobile forensics, mobile malware analysis and mobile application security assessment.

tools relative-url-extractor:A small tool that extracts relative URLs from a file.

tools krackattacks-test-ap-ft:tests if APs are affected by CVE-2017-13082 (KRACK attack)

tools Assemblyline is a malware detection and analysis tool

tools native-lldb-for-ios:Native lldb for iOS with full python ability ported

tools FruityC2 is a post-exploitation (and open source) framework based on the deployment of agents on compromised machines.

tools FindCrypt:A Python implementation of IDA FindCrypt/FindCrypt2 plugin

tools zydis:Fast and lightweight x86/x86-64 disassembler library.

tools Ponce is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion.

tools awesome-web-security:A curated list of Web Security materials and resources.


评论


当前没有评论,快来评论吧!





来说点什么吧