#Analytics
#Infographics
Systematization of attacks on the perimeter of L2/L3 network equipment. Ver. 3.0.
#Infographics
Systematization of attacks on the perimeter of L2/L3 network equipment. Ver. 3.0.
#Offensive_security
1. Pure-python implementation of MemoryModule technique to load a dll entirely from memory
https://github.com/naksyn/PythonMemoryModule
2. Nuclei template generator for WordPress plugins
https://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins
]-> https://github.com/projectdiscovery/nuclei-templates/pull/6202
1. Pure-python implementation of MemoryModule technique to load a dll entirely from memory
https://github.com/naksyn/PythonMemoryModule
2. Nuclei template generator for WordPress plugins
https://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins
]-> https://github.com/projectdiscovery/nuclei-templates/pull/6202
GitHub
GitHub - naksyn/PythonMemoryModule: pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirelyโฆ
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory - naksyn/PythonMemoryModule
#Threat_Research
1. Prototype Pollution in Python
https://blog.abdulrah33m.com/prototype-pollution-in-python
2. Pre-Auth RCE in Liferay Portal CE (CVE-2019-16891)
https://y4tacker.github.io/2023/01/03/year/2023/TetCTF2023-Liferay-CVE-2019-16891-Pre-Auth-RCE
1. Prototype Pollution in Python
https://blog.abdulrah33m.com/prototype-pollution-in-python
2. Pre-Auth RCE in Liferay Portal CE (CVE-2019-16891)
https://y4tacker.github.io/2023/01/03/year/2023/TetCTF2023-Liferay-CVE-2019-16891-Pre-Auth-RCE
#info
A roadmap to teach myself compiler dev, malware reverse engineering, exploitation and kernel dev fundamentals
https://github.com/ujjwal-kr/system-programming-roadmap
A roadmap to teach myself compiler dev, malware reverse engineering, exploitation and kernel dev fundamentals
https://github.com/ujjwal-kr/system-programming-roadmap
GitHub
GitHub - ujjwal-kr/system-programming-roadmap: A roadmap to teach myself compiler dev, malware reverse engineering, exploitationโฆ
A roadmap to teach myself compiler dev, malware reverse engineering, exploitation and kernel dev fundamentals - ujjwal-kr/system-programming-roadmap
Cross_Layer_Attacks.pdf
1.1 MB
#Research
"From IP to Transport and Beyond: Cross-Layer Attacks Against Applications", 2022.
"From IP to Transport and Beyond: Cross-Layer Attacks Against Applications", 2022.
#DFIR
DFIR Artifact Museum from various operating systems
https://github.com/AndrewRathbun/DFIRArtifactMuseum
DFIR Artifact Museum from various operating systems
https://github.com/AndrewRathbun/DFIRArtifactMuseum
GitHub
GitHub - AndrewRathbun/DFIRArtifactMuseum: The goal of this repo is to archive artifacts from all versions of various OS's andโฆ
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access t...
๐1
Forwarded from Cyber security intelligent program
๐ฅPhantom DLL Hollower is a PoC performs Phantom DLL Hollowing which reported by @_forrestorr.
๐Masking Malicious Memory Artifacts โ Part I: Phantom DLL Hollowing
โ๏ธPhantom DLL hollowing PoC
๐Masking Malicious Memory Artifacts โ Part I: Phantom DLL Hollowing
โ๏ธPhantom DLL hollowing PoC
โค1
Forwarded from Cyber security intelligent program
๐ฅPhpMyAdmin Setup is Accessible Without Authentication
1๏ธโฃRecon through shodan and censys
2๏ธโฃVisit all ips and fuzz them according to their running services.
3๏ธโฃwappalyzer showed php so sid0krypt used php.txt from here
4๏ธโฃphpMyAdmin/setup was accessible
1๏ธโฃRecon through shodan and censys
2๏ธโฃVisit all ips and fuzz them according to their running services.
3๏ธโฃwappalyzer showed php so sid0krypt used php.txt from here
4๏ธโฃphpMyAdmin/setup was accessible
Forwarded from Cyber security intelligent program
๐ฅUsing the bruteforce of directories, an endpoint was found: /phpmyadmin/scripts/setup.php
๐คThx @0x_rood
๐คThx @0x_rood
Forwarded from Cyber security intelligent program
๐ฅ๐ฅ๐ฅThe OWASSRF + TabShell exploit chain
This blog post shares the detail of two vulnerabilities :
OWASSRF(crowdstrike) & TabShell.
๐บDemo: TabShell Microsoft Exchange
This blog post shares the detail of two vulnerabilities :
OWASSRF(crowdstrike) & TabShell.
๐บDemo: TabShell Microsoft Exchange
Forwarded from Cyber security intelligent program
๐ฅNew Security Bulletin Zoom(3 LPE: CVE-2022-36926 + CVE-2022-36927, CVE-2022-36929 & CVE-2022-36930 )
Forwarded from Cyber security intelligent program
UnhookingPatch.zip
7.8 KB
๐ฅ๐ฅ๐ฅUnhookingPatch is a bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
๐Syscall instruction Unhooking(HalosGate)
๐Syscall instruction Unhooking(HalosGate)