24
3月

Tittle: 2018.3.26

0 作者:admin

This is fine: Vagrant(Vagrant是一个基于Ruby的工具,用于在VirtualBox创建和部署虚拟化开发环境) guests can access the entire host filesystem

Acrolinx Dashboard Directory Traversal (CVE 2018-7719)

客户端 session 导致的安全问题

小程序爆破之旅—分析微信源码来解析微信小程序文件格式

PHP trick(代码审计关注点)

Domain Fronting – A New Technique For Hiding Malware Command and Control (C2) Traffic within a Content Delivery Network

Back To The Epilogue:Evading Control Flow Guard via Unaligned Targets

Broadcast Name Resolution Poisoning / WPAD Attack Vector

Cobalt-Strike3 INFScript Injection Payload Building With Profound Executes From Blue-Teamer ( Developing an economy CS3 About Launcher-Payload )

Exploiting Blind OOB XXE in the Wild

How to Mitigate Mimikatz WDigest Cleartext Credential Theft

Investigating lateral movement paths with MicrosoftATA

#blackhat asia-18#The Rise and Fall of AMSI

#blackhat asia-18#AES Wireless Keyboard Reverse Engineering - Template Attack for Eavesdropping

#troopers 18#IoT Security –A joint approach

#troopers 18#Project Walrus - an Android App for RFID Card Cloning

the configuration files, supernodes and modules of the Dridex v4 malware

The Windows Registry Auditing Logging Cheat Sheet

PENTEST-WIKI is a free online security knowledge library for pentesters / researchers.

tools blockphish:Blockchain Focused Phishing Detection

tools sshuttle - Poor Man's VXN via SSH (Great for Pivoting!)

tools SourceCodeSniffer: static code analysis tool for finding Injection, LFI/RFI, file uploads across multiple languages (ASP, Java, CSharp, PHP, Perl, Python, JavaScript, HTML etc)

tools ThreatPinchLookup:Chrome & Firefox Extension to provide relevant information upon hovering over any IPv4 address, MD5 hash, SHA2 hash, and CVE title

tools pycdc:C++ python bytecode disassembler and decompiler

tools PinCTF:Using Intel's PIN tool to solve CTF problems

tools WindowsDefenderATP-Hunting-Queries:Sample queries for Advanced hunting in Windows Defender ATP


评论


当前没有评论,快来评论吧!





来说点什么吧