This media is not supported in your browser
VIEW IN TELEGRAM
3. Adaptation Layer
Forwarded from Biała Bł
Forwarded from 卩ro 爪Cracker
CVE-2022-45025
Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
https://github.com/yuriisanin/CVE-2022-45025
Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
https://github.com/yuriisanin/CVE-2022-45025
Forwarded from 卩ro 爪Cracker
Detecting heap memory pitfalls
https://ift.tt/yJ2phEr
Submitted December 11, 2022 at 10:00PM by CoolerVoid
via reddit https://ift.tt/maudUpx
https://ift.tt/yJ2phEr
Submitted December 11, 2022 at 10:00PM by CoolerVoid
via reddit https://ift.tt/maudUpx
antonio-cooler.gitbook.io
Detecting heap memory pitfalls | CoolerVoid tavern
Step by step and using custom taint analysis to detect heap security issues
Forwarded from 卩ro 爪Cracker
Fuzzing ping(8)…and finding a 24 year old bug
https://ift.tt/z5ORFPV
Submitted December 11, 2022 at 09:57AM by Gallus
via reddit https://ift.tt/kyRpCqZ
https://ift.tt/z5ORFPV
Submitted December 11, 2022 at 09:57AM by Gallus
via reddit https://ift.tt/kyRpCqZ
#exploit
1. Exploiting CVE-2022-42703 - Bringing back the stack attack
https://googleprojectzero.blogspot.com/2022/12/exploiting-CVE-2022-42703-bringing-back-the-stack-attack.html
2. CVE-2022-36537:
ZK Framework - Exposure of Sensitive Information to an Unauthorized Actor
https://github.com/agnihackers/CVE-2022-36537-EXPLOIT
1. Exploiting CVE-2022-42703 - Bringing back the stack attack
https://googleprojectzero.blogspot.com/2022/12/exploiting-CVE-2022-42703-bringing-back-the-stack-attack.html
2. CVE-2022-36537:
ZK Framework - Exposure of Sensitive Information to an Unauthorized Actor
https://github.com/agnihackers/CVE-2022-36537-EXPLOIT
projectzero.google
Exploiting CVE-2022-42703 - Bringing back the stack attack
Seth Jenkins, Project ZeroThis blog post details an exploit for CVE-2022-42703 (P0 issue 2351 - F...
#Red_Team_Tactics
1. StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
2. Frida script to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
3. pipe_buffer arbitrary read write
https://interruptlabs.co.uk/labs/pipe_buffer
1. StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
2. Frida script to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
3. pipe_buffer arbitrary read write
https://interruptlabs.co.uk/labs/pipe_buffer
Gist
Frida script to bypass common methods of sslpining Android
Frida script to bypass common methods of sslpining Android - mixunpin.js
👍1
#tools
#Malware_analysis
1. IATelligence - Script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://github.com/fr0gger/IATelligence
2. Examining Malware Distribution Behaviours
https://arb0ur.substack.com/p/examining-malware-distribution-behaviours
#Malware_analysis
1. IATelligence - Script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://github.com/fr0gger/IATelligence
2. Examining Malware Distribution Behaviours
https://arb0ur.substack.com/p/examining-malware-distribution-behaviours
GitHub
GitHub - fr0gger/IATelligence: IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more…
IATelligence is a Python script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related - fr0gger/IATelligence
#compilers
Codon - high-performance, zero-overhead, extensible Python compiler using LLVM
https://github.com/exaloop/codon
Codon - high-performance, zero-overhead, extensible Python compiler using LLVM
https://github.com/exaloop/codon
GitHub
GitHub - exaloop/codon: A high-performance, zero-overhead, extensible Python compiler with built-in NumPy support
A high-performance, zero-overhead, extensible Python compiler with built-in NumPy support - exaloop/codon