16
11月

Tittle: 2017.11.17

0 作者:admin

Investigation Report for the September 2014 Equation malware detection incident in the US

2017-11-15 another malspam message leads to new emotet

Microsoft DDE protocol based malware attacks

broken access control & linq injection in progress sitefinity

CIA Hive测试指南——源代码获取与简要分析

Lateral Movement Using Outlook’s CreateObject Method and DotNetToJScript

Staring into the Spotlight - an offensive tour of the OSX userland search system

Exploiting hash collisions

Dangers of the Decompiler, A Sampling of Anti-Decompilation Techniques

Meterpreter over DNS:Reverse DNS tunnel transport for Metasploit

反序列化漏洞的末日?JEP290机制研究

Machine Learning, Offense, and the future of Automation

Neat tricks to bypass CSRF-protection

Why I walked away from $30,000 of DJI bounty money

Story of a JSON XSS

Bypassing Crossdomain Policy and Hit Hundreds of Top Alexa Sites

tools VirusBay is a web-based, collaboration platform that connects security operations center (SOC) professionals with relevant malware researchers.

tools Pocs for Remote Kernel WIFI bugs(CVE-2017-11013 /14/ 15)

tools AngelaRoot:An app which escalates OnePlus root privilege on device and installs SuperSU through newly vulnerability "angela root"

tools Linux Kernel 3.11 < 4.8 0 SO_SNDBUFFORCE SO_RCVBUFFORCE Local Privilege Escalation

tools Flowsynth is a tool for rapidly modeling network traffic.

tools fake-sandbox:This script will simulate fake processes of analysis sandbox/VM software that some malware will try to avoid.

tools vscode-java-debug:Java Debugger for Visual Studio Code.

tools bbht:a script to install the most popular tools used while looking for vulnerabilities for a bug bounty program.

tools RPC Forge is a local Python fuzzer of Windows RPC interfaces available over ALPC.

tools PPCGadgetFinder:An IDAPython script to look for ROP-gadgets for PowerPC


评论


当前没有评论,快来评论吧!





来说点什么吧