15
8月

Tittle: 2018.8.16

0 作者:admin

Detailed Analysis of Red Eyes Group (Geumseong121,Group 123,ScarCruft,APT37,Reaper, Ricochet ChollimaAPT37)

KeyPass ransomware analysis

Process Doppelgänging meets Process Hollowing in Osiris dropper

肚脑虫组织(APT-C-35)移动端攻击活动揭露

A full analysis of the Microsoft Exchange code execution(CVE-2018-8302)

SSD Advisory – Linux Kernel AF_PACKET Use After Free (packet_sock)

Google Chrome V8 Map constructor Information Disclosure Vulnerability (CVE-2018-6142)

Foreshadow:Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution(L1TF-CVE-2018-3620&CVE-2018-3646)

Analysis and mitigation of L1 Terminal Fault (L1TF)

Use-after-free (UAF) Vulnerability CVE-2018-8373 in VBScript Engine Affects Internet Explorer to Run Shellcode

Analysing CVE-2018-13417 for files, hashes and shells

a bypass in Microsoft AD FS Multi-Factor Authentication protocol (CVE-2018-8340)

Microsoft Cortana Allows Browser Navigation Without Login: CVE-2018-8253

The Dangers of Key Reuse:Practical Attacks on IPsec IKE

Practical Bleichenbacher Attacks on IPsec IKE

dnsmessenger powershell malware analysis

Windows Exploitation Tricks: Exploiting Arbitrary Object Directory Creation for Local Elevation of Privilege

TrustKit SSL Pinning bypass

Let us explore the "tangled world" of web technology : XSS, ServiceWorker, CSP, Script Gadgets, Redirection

New powershell tool to phish for user credentials using existing applications as a (realistic) cover

Endpoint Security Self-Protection on MacOS

Ring 0/-2 Rootkits - Compromising Defenses

iOS jailbreak internals, explaining the indirect userland DMA feature, GPU notification internal mechanism with bugs across two different modules to get kernel code execution

Exploitation of a Modern Smartphone Baseband

DEFCON 26 CTF参赛记

Uber bug: IDOR on support setup to read other support tickets, and another Ticket Trick issue

tools param-miner:BURP extension to identify hidden, unlinked parameters. It's particularly useful for finding web cache poisoning vulnerabilities.

tools BrokenType is a set of tools designed to test the robustness and security of font rasterization software, especially codebases prone to memory corruption issues (written in C/C++ and similar languages).

tools Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).

tools Charles 4.2.6 破解版


评论


当前没有评论,快来评论吧!





来说点什么吧