27
4月

Tittle: 2018.4.28

0 作者:admin

NTLM Credentials Theft via PDF Files

SamSam Ransomware Chooses Its Targets Carefully-attack specific organizations

Necurs Evolves to Evade Spam Detection via Internet Shortcut File

DLink DCS-5020L Day n’ Night Camera Remote Code Execution Walkthrough - CVE-2017-17020

GitLab:Command injection by overwriting authorized_keys file through GitLab import(CVE-2017-0915)

GitLab:SQL injection in MilestoneFinder order method(CVE-2017-0914)

GitLab:Evaluating Ruby code by injecting Rescue job on the system_hook_push queue through web hook(CVE-2017-0916)

GitLab:GitLab CI runner can read and poison cache of all other projects(CVE-2017-0918)

CSP bypass in Firefox new tabs

Firefox CSP bypass poc

ThinkPHP3.x/5.x框架缺陷可导致任意文件包含

路由器漏洞分析第七弹:CVE-2018-8941 远程代码执行

Bypassing Android Anti-Emulation, Part (III)

Back To The Future | Going Back In Time To Abuse Android's JIT

how to hunt for adversaries on Linux by finding binaries that shouldn't be present along with other ways to maintain access.

Report on the KLEE workshop-The First International KLEE Workshop on Symbolic Execution

Sysmon - DFIR:A curated list of resources for learning about deploying, managing and hunting with Microsoft Sysmon.

Outsmarting-Smart-Contracts:A repo with information about the security of Ethereum Smart Contracts

2018首席安全官(CSO)国际高峰论坛PPT下载(15b1)

Stored XSS in Yahoo!

tools windows10_ntfs_crash_dos:PoC for a NTFS crash that I discovered, in various Windows versions

tools Dahua backdoor Generation 2 and 3 扫描脚本

tools requestbin.net - The requestbin next generation

tools radare2ida:Tools, documentation and scripts to move projects from IDA to radare2 and viceversa

tools Halcyon:First IDE for Nmap Script (NSE) Development


评论


当前没有评论,快来评论吧!





来说点什么吧