13
6月

Tittle: 2018.6.14

0 作者:admin

Cryptojacking invades cloud. How modern containerization trend is exploited by attackers

Banco de Chile ‘MBR Killer’ Reveals Hidden Nexus to Buhtrap Malware Kit Used to Target Financial Institutions, Payment Networks

New Android banking Trojan MysteryBot targets Android 7/8

Exploit kits: Spring 2018 review

最新海莲花组织攻击事件分析

Windows: Child Process Restriction Mitigation Bypass in Edge etc(CVE-2018-0982)

(Pwn2Own 2018)Vulnerability Discovery Against Apple Safari-Evaluating Complex Software Targets for Exploitable Vulnerabilities

Microsoft wimgapi LoadIntegrityInfo Code Execution Vulnerability(CVE-2018-8210)

XiongMai uc-httpd 1.0.0 - Buffer Overflow(CVE-2018-10088)

Cisco Meeting Server (CMS) arbitrary TCP relaying

Pentester’s Windows NTFS Tricks Collection(including CVE-2018-1036 - Windows NTFS Elevation of Privilege)

Technical Advisory: "ROHNP"- Key Extraction Side Channel in Multiple Crypto Libraries

(Mobile Pwn2Own 2016)Building Exploit Chains(11 bugs across 6 unique applications including Chrome, several Samsung and AOSP components) with Logic Bugs

SigSpoof 2: More ways to spoof signatures in GnuPG (CVE-2018-12019)

Intel LazyFP vulnerability: Exploiting lazy FPU state switching(CVE-2018-3665)

How I Found CVE-2018-8819: Out-of-Band (OOB) XXE in WebCTRL

phpMyAdmin 4.7.x XSRF/CSRF Vulnerability Exploit

ERC20智能合约整数溢出系列漏洞披露

利用CVE-2017-8890实现linux内核提权: SMEP绕过

Totally Pwning the Tapplock Smart Lock

A Guide for Securely Writing and Auditing Chrome Extensions

Powershell渗透测试系列--进阶篇

Write ups for iOS Vulnerabilities

writings on anti-reverse engineering

邮件安全防护实践

List of bug bounty writeups

tools Houdini for 10 and iOS 11 (up to 11.3.1) (NO developer account required)

tools empty_list:Exploit for iOS 11 through iOS 11.3.1

tools CVE-2018-8120 Exploit for Win2003 Win2008 WinXP Win7

tools tarnish:The Chrome Extension Analyzer Online

tools CertStreamMonitor:Monitor certificates generated for specific domain strings and associated, alert you when sites come online.

tools Tool to Discover macOS Code-Signing Vulnerability

tools ilo4_toolbox:Toolbox for HPE iLO4 analysis


评论


当前没有评论,快来评论吧!





来说点什么吧