7
11月

Tittle: 2017.11.8

0 作者:admin

A look into the global drive-by cryptocurrency mining phenomenon

redbaldknight/bronze bulter’s daserf backdoor now using steganography

Clicking Bot Applications

FIN7 APT组织攻击最新活动分析

深渊背后的真相之-薅羊毛产业-报告

Type Confusion In Chrome Lead to RCE

Node.js CVE-2017-14849 漏洞分析

Exploiting CVE-2017-5123

a look at cve-2017-8715: bypassing cve-2017-0218 using powershell module manifests

pfSense 2.3.1_1 - Command Execution

Bypassing Modern Process Hollowing Detections (via Hotswapping Maps)

Windows Defender Exploit Guard ASR VBScript/JS Rule -how it works, bypass and how to leverage

“盲”逆向:iOS 应用 Blind 寻踪

Setting up Active Directory Honey Accounts

Injecting a Running Process (Linux)

ARM exploitation for IoT – Episode 3

Designing New Operating Primitives to Improve Fuzzing Performance

An introduction to the LightBulb Framework

不合理的使用OAuth,导致账号被分分钟登录

Ametys CMS Unauthenticated Password Reset

HITCON CTF 2017 - pwn327 Real Ruby Escaping

HITCON 2017 SSRFme

auxblog CMS 1.0.6 审计记录

Disucz ssrf一处

tools Crypter:Nice collection of malware crypters

tools Phishing catcher: catch phishing domains in real time with certstream

tools Trape is a recognition tool that allows you to track people, the information you can get is very detailed.

tools Mentalist is a graphical tool for custom wordlist generation.

tools Evil-Droid is a framework that create & generate & embed apk payload to penetrate android platforms

tools Cobalt Strike Field Manual - A quick reference for Windows commands that can be accessed in a beacon console.

tools telnet-iot-honeypot:Python script to set up a IoT Telnet honeypot


评论


当前没有评论,快来评论吧!





来说点什么吧