12
9月

Tittle: 2018.9.13

0 作者:admin

疑似“海莲花”组织早期针对国内高校的攻击活动分析

OilRig Uses Updated BONDUPDATER to Target Middle Eastern Government

深入解析CVE-2018-5002漏洞利用技术

KRONOS/Osiris Banking Trojan Attack Report

LuckyMouse signs malicious NDISProxy driver with certificate of Chinese IT company

首款集勒索、间谍、银行木马于一体的新型综合型 Android 病毒深度分析

利用ngrok传播样本挖矿

CVE-2018-5240: Symantec Management Agent (Altiris) Privilege Escalation

Comparing Our Micropatch With Microsoft's Official Patch For CVE-2018-8440

the security measures of the PS Vita, explain how I found the vulnerabilites, how I exploited them and how I bypassed the measures by using modern techniques.

Apple Safari & Microsoft Edge Browser Address Bar Spoofing - Writeup

Security Bugs in Practice: SSRF via Request Splitting(Node.js `http` module)

SVG Document ActiveX Alongside Microsoft Word Execution

Persistence using Universal Windows Platform apps (APPX)

The anatomy of a .NET malware dropper

XSS using quirky implementations of ACME http-01

How to use Google’s CSP Evaluator to bypass CSP

Office VBA + AMSI: Parting the veil on malicious macros

security issues related to storage and VMs for cloud services

Are BGPs security features working yet?

ISC会议PPT

Making the Facebook app more secure - $8500 bounty

tools POC for CVE-2018-8420(a remote code execution vulnerability in Microsoft XML Core Services MSXML)

tools another POC for CVE-2018-8420

tools POC for CVE-2018-4327

tools POC for Tor Browser 7.x NoScript bypass vulnerability

tools zeroday-powershell:A PowerShell example of the Windows zero day priv esc(Windows LPE exploit)

tools All open source projects from Google Project Zero

tools beebug is a tool that can be used to verify if a program crash could be exploitable.

tools textmate-yara:VSCode extension for the YARA pattern matching language


评论


当前没有评论,快来评论吧!





来说点什么吧