CVE-2022-45025
Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)

https://github.com/yuriisanin/CVE-2022-45025

Detecting heap memory pitfalls
https://ift.tt/yJ2phEr

Submitted December 11, 2022 at 10:00PM by CoolerVoid
via reddit https://ift.tt/maudUpx

Fuzzing ping(8)…and finding a 24 year old bug
https://ift.tt/z5ORFPV

Submitted December 11, 2022 at 09:57AM by Gallus
via reddit https://ift.tt/kyRpCqZ

#exploit
1. Exploiting CVE-2022-42703 - Bringing back the stack attack
https://googleprojectzero.blogspot.com/2022/12/exploiting-CVE-2022-42703-bringing-back-the-stack-attack.html

2. CVE-2022-36537:
ZK Framework - Exposure of Sensitive Information to an Unauthorized Actor
https://github.com/agnihackers/CVE-2022-36537-EXPLOIT

#Red_Team_Tactics
1. StealthHook - A method for hooking a function without modifying memory protection
https://www.x86matthew.com/view_post?id=stealth_hook
2. Frida script to bypass common methods of sslpining Android
https://gist.github.com/incogbyte/1e0e2f38b5602e72b1380f21ba04b15e
3. pipe_buffer arbitrary read write
https://interruptlabs.co.uk/labs/pipe_buffer

#tools
#Malware_analysis
1. IATelligence - Script that will extract the IAT of a PE file and request GPT to get more information about the API and the ATT&CK matrix related
https://github.com/fr0gger/IATelligence
2. Examining Malware Distribution Behaviours
https://arb0ur.substack.com/p/examining-malware-distribution-behaviours

#compilers
Codon - high-performance, zero-overhead, extensible Python compiler using LLVM
https://github.com/exaloop/codon

#tools
#Blue_Team_Techniques
1. Simple Bash IOC Scanner
https://github.com/Neo23x0/Fenrir
2. Firewalls under the hood - UFW
https://blog.kanbach.org/post/firewalls-under-the-hood-ufw

#Offensive_security
1. A collection of various and sundry code snippets that leverage .NET dynamic tradecraft
https://github.com/bohops/DynamicDotNet
2. Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation
https://github.com/HackCommander/PHP-info-cookie-stealer
3. From SQL Injection to RCE on Intel DCM (CVE-2022-21225)
https://www.rcesecurity.com/2022/12/from-zero-to-hero-part-2-intel-dcm-sql-injection-to-rce-cve-2022-21225

#tools
#Threat_Research
1. Return Address Spoofing on x64
https://offensivecraft.wordpress.com/2022/12/08/the-stack-series-return-address-spoofing-on-x64
2. Detecting heap memory pitfalls
https://antonio-cooler.gitbook.io/coolervoid-tavern/detecting-heap-memory-pitfalls
]-> https://github.com/CoolerVoid/heap_detective

#exploit
1. ThinkPHP latest RCE reproduction and analysis
https://xz.aliyun.com/t/11940

2. Folina, Shadow Credentials, and WSUS exploitation
https://0xdf.gitlab.io/2022/12/10/htb-outdated.html

3. CVE-2022-1361:
Improper Neutralization of Special Elements Used In a SQL Command: New Technique Discovered To Bypass WAF Of Several Vendors
https://gbhackers.com/bypass-web-application-firewalls/amp

#Malware_analysis
1. Drokbk Malware
https://www.secureworks.com/blog/drokbk-malware-uses-github-as-dead-drop-resolver
2. Typosquat/Ransomware Campaign in PyPI and NPM
https://blog.phylum.io/phylum-detects-active-typosquatting-campaign-in-pypi

#Malware_analysis
1. Invisbile npm malware evading security checks
https://jfrog.com/blog/invisible-npm-malware-evading-security-checks-with-crafted-versions
2. Azov Ransomware: Polymorphic Wiper
https://research.checkpoint.com/2022/pulling-the-curtains-on-azov-ransomware-not-a-skidsware-but-polymorphic-wiper

#exploit
1. CVE-2022-45025:
Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)
https://github.com/yuriisanin/CVE-2022-45025

2. Exploring Chrome’s CVE-2020-6418
https://blog.haboob.sa/blog/exploring-chromes-cve-2020-6418-part1

3. CVE-2022-39066:
SQL Injection Vulnerability in ZTE MF286R
https://github.com/v0lp3/CVE-2022-39066

#Infosec_Standards
"PCI Software Security Framework - Secure Software Requirements and Assessment Procedures", Version 1.2, Dec. 2022.