25
2月

Tittle: 2018.2.27

0 作者:admin

Who Wasn’t Responsible for Olympic Destroyer?

Rig EK One Year Later: From Ransomware to Coin Miners and Information Stealers

A look at new features of the Exobot mobile banking trojan

Oracle Server Vulnerability Exploited to Deliver Double Monero Miner Payloads

utorrent: various JSON-RPC issues resulting in remote code execution, information disclosure, etc.

tools utorrent crash poc

MeltdownPrime and SpectrePrime:Automatically-Synthesized Attacks Exploiting Invalidation-Based Coherence Protocols

某CMS V5.7 SP2 后台Getshell

WAF攻防之SQL注入篇

在《WAF攻防之SQL注入篇》中几个有意思的发现

Reverse engineering Gear VR

Deobfuscating a spam mailer written in PHP

Reversing IoT: Xiaomi ecosystem

Parasiting web server process with webshells in permissive environments

Hijacking ( COM ) For Execute Lateral Movement, in Mode Explorer.

Leveraging INF-SCT Fetch & Execute Techniques For Bypass, Evasion, & Persistence

Java代码审计-层层推进

A Deep Dive into Database Attacks Part II: Delivery and Execution of Malicious Executables through SQL commands (SQL Server)

Detecting Lateral Movements in Windows Infrastructure(2017)

Sensitive Information Tracking in Commodity IoT

Compiler bug? Linker bug? Windows Kernel bug.

ColdFusion for Pentesters

2017中国高级持续性威胁(APT)研究报告

2017 Mobile Threat Landscape

recon brussels 2018 PPT

SecWiki周刊(2018/02/19-2018/02/25)

How To Do Your Reconnaissance Properly Before Chasing A Bug Bounty

I figured out a way to hack any of Facebook’s 2 billion accounts, and they paid me a $15,000 bounty for it

hangzhou_house_knowledge:2017年买房经历总结出来的买房购房知识分享给大家,希望对大家有所帮助。买房不易,且买且珍惜

tools PoT:Phishing on Twitter

tools hollows_hunter:A process scanner detecting and dumping hollowed PE modules.

tools Ahk-dumper is a tool to dump AutoHotKey code from the RDATA section of a PE file.

tools contact.sh:An OSINT tool to find contacts in order to report security vulnerabilities.

tools Shellen is an interactive shellcoding environment.


评论


当前没有评论,快来评论吧!





来说点什么吧