11
1月

Tittle: 2018.1.12

0 作者:admin

Unit42 researchers outline the evolution of Satori, a malware family targeting zero-day vulnerabilities in IoT devices

Diving into OceanLotus: Web Crawling Data Brings Compromised Infrastructure to the Surface

一本万利的黑客“致富经”:挖矿木马横扫网吧怒赚百万

病毒分析 | 一只“蜗牛”偷梁换柱,靠锁主页进行牟利

Seagate Personal Cloud Multiple Vulnerabilities

Windows: SMB Server (v1 and v2) Mount Point Arbitrary Device Open EoP(CVE-2018-0749)

Windows: NTFS Owner/Mandatory Label Privilege Bypass EoP(CVE-2018-0748)

transmission dns rebinding attacks

A new full exploit chain for SAP NetWeaver AS JAVA(CVE-2016-2386 + CVE-2016-2388 + CVE-2016-1910 = _admin_password_in_plain_text_)

The Bug That Killed Equation Editor - How We Found, Exploited And Micropatched It (CVE-2018-0802)

how document files can achieve remote code execution by using monikers crafted to evade signature-based detection techniques relying on blacklisted CLSIDs, and how these monikers function under the hood.

analysis/reversing of new Meltdown patch for Windows NTOSKERNEL.exe

mitm6 – compromising IPv4 networks via IPv6

静态分析第三发 so文件分析(小黄人快跑)

New Phrack paper: .NET Instrumentation via MSIL bytecode injection

SCADA And Mobile Security In The Internet Of Things Era

分享几个绕过URL跳转限制的思路

how I chained two vulnerabilities (an XSS and a CORS misconfiguration) that allowed me to steal Yahoo contacts from a victim's contact book($2,000)

Facebook's Bug - Unauthorized access to credit/prepaid card details (limited) of any user

tools zookeeper win下可用的可视化连接操作工具

tools external_c2 framework:Python api for usage with cobalt strike's External C2 specification

tools mitm6 is a pentesting tool that exploits the default configuration of Windows to take over the default DNS server.

tools IDACyber:Data Visualization Plugin for IDA Pro

tools Halcyon IDE lets you quickly and easily develop Nmap scripts for performing advanced scans on applications and infrastructures with a range from recon to exploitation capabilities.

tools SimplifyGraph:IDA Pro plugin to assist with complex graphs

tools Jackson漏洞的一些POC


评论


当前没有评论,快来评论吧!





来说点什么吧