#Analytics
#Infographics
Systematization of attacks on the perimeter of L2/L3 network equipment. Ver. 3.0.
#Infographics
Systematization of attacks on the perimeter of L2/L3 network equipment. Ver. 3.0.
#Offensive_security
1. Pure-python implementation of MemoryModule technique to load a dll entirely from memory
https://github.com/naksyn/PythonMemoryModule
2. Nuclei template generator for WordPress plugins
https://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins
]-> https://github.com/projectdiscovery/nuclei-templates/pull/6202
1. Pure-python implementation of MemoryModule technique to load a dll entirely from memory
https://github.com/naksyn/PythonMemoryModule
2. Nuclei template generator for WordPress plugins
https://github.com/ricardomaia/nuclei-template-generator-for-wordpress-plugins
]-> https://github.com/projectdiscovery/nuclei-templates/pull/6202
GitHub
GitHub - naksyn/PythonMemoryModule: pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirelyโฆ
pure-python implementation of MemoryModule technique to load dll and unmanaged exe entirely from memory - naksyn/PythonMemoryModule
#Threat_Research
1. Prototype Pollution in Python
https://blog.abdulrah33m.com/prototype-pollution-in-python
2. Pre-Auth RCE in Liferay Portal CE (CVE-2019-16891)
https://y4tacker.github.io/2023/01/03/year/2023/TetCTF2023-Liferay-CVE-2019-16891-Pre-Auth-RCE
1. Prototype Pollution in Python
https://blog.abdulrah33m.com/prototype-pollution-in-python
2. Pre-Auth RCE in Liferay Portal CE (CVE-2019-16891)
https://y4tacker.github.io/2023/01/03/year/2023/TetCTF2023-Liferay-CVE-2019-16891-Pre-Auth-RCE
#info
A roadmap to teach myself compiler dev, malware reverse engineering, exploitation and kernel dev fundamentals
https://github.com/ujjwal-kr/system-programming-roadmap
A roadmap to teach myself compiler dev, malware reverse engineering, exploitation and kernel dev fundamentals
https://github.com/ujjwal-kr/system-programming-roadmap
GitHub
GitHub - ujjwal-kr/system-programming-roadmap: A roadmap to teach myself compiler dev, malware reverse engineering, exploitationโฆ
A roadmap to teach myself compiler dev, malware reverse engineering, exploitation and kernel dev fundamentals - ujjwal-kr/system-programming-roadmap
Cross_Layer_Attacks.pdf
1.1 MB
#Research
"From IP to Transport and Beyond: Cross-Layer Attacks Against Applications", 2022.
"From IP to Transport and Beyond: Cross-Layer Attacks Against Applications", 2022.
#DFIR
DFIR Artifact Museum from various operating systems
https://github.com/AndrewRathbun/DFIRArtifactMuseum
DFIR Artifact Museum from various operating systems
https://github.com/AndrewRathbun/DFIRArtifactMuseum
GitHub
GitHub - AndrewRathbun/DFIRArtifactMuseum: The goal of this repo is to archive artifacts from all versions of various OS's andโฆ
The goal of this repo is to archive artifacts from all versions of various OS's and categorizing them by type. This will help with artifact validation processes as well as increase access t...
๐1
Forwarded from Cyber security intelligent program
๐ฅPhantom DLL Hollower is a PoC performs Phantom DLL Hollowing which reported by @_forrestorr.
๐Masking Malicious Memory Artifacts โ Part I: Phantom DLL Hollowing
โ๏ธPhantom DLL hollowing PoC
๐Masking Malicious Memory Artifacts โ Part I: Phantom DLL Hollowing
โ๏ธPhantom DLL hollowing PoC
โค1
Forwarded from Cyber security intelligent program
๐ฅPhpMyAdmin Setup is Accessible Without Authentication
1๏ธโฃRecon through shodan and censys
2๏ธโฃVisit all ips and fuzz them according to their running services.
3๏ธโฃwappalyzer showed php so sid0krypt used php.txt from here
4๏ธโฃphpMyAdmin/setup was accessible
1๏ธโฃRecon through shodan and censys
2๏ธโฃVisit all ips and fuzz them according to their running services.
3๏ธโฃwappalyzer showed php so sid0krypt used php.txt from here
4๏ธโฃphpMyAdmin/setup was accessible
Forwarded from Cyber security intelligent program
๐ฅUsing the bruteforce of directories, an endpoint was found: /phpmyadmin/scripts/setup.php
๐คThx @0x_rood
๐คThx @0x_rood
Forwarded from Cyber security intelligent program
๐ฅ๐ฅ๐ฅThe OWASSRF + TabShell exploit chain
This blog post shares the detail of two vulnerabilities :
OWASSRF(crowdstrike) & TabShell.
๐บDemo: TabShell Microsoft Exchange
This blog post shares the detail of two vulnerabilities :
OWASSRF(crowdstrike) & TabShell.
๐บDemo: TabShell Microsoft Exchange
Forwarded from Cyber security intelligent program
๐ฅNew Security Bulletin Zoom(3 LPE: CVE-2022-36926 + CVE-2022-36927, CVE-2022-36929 & CVE-2022-36930 )
Forwarded from Cyber security intelligent program
UnhookingPatch.zip
7.8 KB
๐ฅ๐ฅ๐ฅUnhookingPatch is a bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime
๐Syscall instruction Unhooking(HalosGate)
๐Syscall instruction Unhooking(HalosGate)
Forwarded from Cyber security intelligent program
๐ฅ๐ฅ๐ฅvb2_mmap race with vb2_core_reqbufs leads to UAF
The following bug is in the vb2 subsystem, which is a subsystem reachable on typical desktop Linux systems with a webcam via V4L2 at /dev/video*. This subsystem can consequently be reached by an
unprivileged user in the video group (which is a common setup via
uaccess udev rules). This bug may also be reachable on Android in some SELinux contexts.
videobuf2 allows userland to register multiple different types of
buffers to back the vb2_queue for streaming I/O, including memory mapping (via mmap), user pointers, and DMA buffers. In the vb2_mmap handler, the memory type of the associated backing store is verified outside the queue lock, which means a concurrent vb2_core_reqbufs
(reachable from VIDIOC_REQBUFS ioctl) can change the memory type before vb2_mmap completes.
The following bug is in the vb2 subsystem, which is a subsystem reachable on typical desktop Linux systems with a webcam via V4L2 at /dev/video*. This subsystem can consequently be reached by an
unprivileged user in the video group (which is a common setup via
uaccess udev rules). This bug may also be reachable on Android in some SELinux contexts.
videobuf2 allows userland to register multiple different types of
buffers to back the vb2_queue for streaming I/O, including memory mapping (via mmap), user pointers, and DMA buffers. In the vb2_mmap handler, the memory type of the associated backing store is verified outside the queue lock, which means a concurrent vb2_core_reqbufs
(reachable from VIDIOC_REQBUFS ioctl) can change the memory type before vb2_mmap completes.