7
10月

Tittle: 2018.10.8

0 作者:admin

APT37: Final1stspy Reaping the FreeMilk

APT38: Details on New North Korean Regime-Backed Threat Group

Malware Analysis Report Dissencting GandCrab v5

D-Link Central WiFiManager Software Controller Multiple Vulnerabilities

Cisco Prime Infrastructure File Inclusion and Remote Command Execution to Privileges Escalation(CVE-2018-15379)

Intel ME Manufacturing Mode: obscured dangers and their relationship to Apple MacBook vulnerability CVE-2018-4251

Multiple vulnerabilities in Atlantis Word Processor

Multiple Issues in Foxit PDF Reader

CVE-2018-1788: PRTG Network Monitor Privilege Escalation

Use After Free in mDNSOffloadUserClient.kext

tools POC for Use After Free in mDNSOffloadUserClient.kext

Google Chrome on iOS Universal XSS vulnerability (CVE-2018-6128)

Google Chrome AudioOutputDevi Use-after-free Vulnerability

Adobe Acrobat Reader DC Collab reviewServer Remote Code Execution Vulnerability(CVE-2018-12852)

Google PDFium JBIG2 Image ComposeToOpt2WithRect Information Disclosure Vulnerability(CVE-2018-16076)

365 Days Later: Finding and Exploiting Safari Bugs using Publicly Available Tools

Onix: Finding Pokémon in your Acrobat (Revealing a new attack surface)

无字母数字webshell之提高篇

Collecting Shells by the Sea of NAS Vulnerabilities-Steps we took to control any Lenovo ix4–300d remotely

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 1/4)

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 2/4)

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 3/4)

CVE-2017-11176: A step-by-step Linux Kernel exploitation (part 4/4)

Bypassing Web Cache Poisoning Countermeasures

x86-64 Fileless Execution Loader Shellcode

Bypassing Applocker and Powershell contstrained language mode

Spraying arbitrary objects into the non-paged pool

iOS12 Kernelcache Laundering

Old school: evil Excel 4.0 macros (XLM)

Jailbreaks Demystified

Introduction to the ELF Format (Part V) : Understanding C start up .init_array and .fini_array sections

The making of an iOS 11 jailbreak - Kiddie to kernel hacker in 14 sleepless nights

The Art of De-obfuscation

Derbycon 2018 Videos

An interesting Google vulnerability that got me 3133.7 reward.

tools bytheway is an exploit that enables a root shell on Mikrotik devices running RouterOS

tools Atlas - Quick SQLMap Tamper Suggester

tools Shellab - a Linux and Windows shellcode enrichment utility

tools TakeOver v1 - Extracts CNAME Record Of All Subdomains At Once

tools AES-Killer - Burp Plugin To Decrypt AES Encrypted Traffic Of Mobile Apps

tools NodeXP - A Server Side Javascript Injection tool capable of detecting and exploiting Node.js vulnerabilities

tools 代码搜索引擎sourcegraph已开源

tools 牧云(CloudWalker)Webshell核心检测引擎已开源


评论


当前没有评论,快来评论吧!





来说点什么吧