Forwarded from Deadly malware xp
soft_dev_proc (1).pdf
147.4 KB
#Whitepaper
"Everything About the Secure Software Development Process", 12.2022.
"Everything About the Secure Software Development Process", 12.2022.
Forwarded from Deadly malware xp
#exploit
1. CVE-2023-0179:
Linux kernel stack buffer overflow in nftables
https://seclists.org/oss-sec/2023/q1/20
2. Security Audit of Git:
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
1. CVE-2023-0179:
Linux kernel stack buffer overflow in nftables
https://seclists.org/oss-sec/2023/q1/20
2. Security Audit of Git:
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
seclists.org
oss-sec: CVE-2023-0179: Linux kernel stack buffer overflow in nftables: PoC and writeup
Forwarded from Deadly malware xp
ML-FEED.pdf
841.5 KB
#Research
"ML-FEED: Machine Learning Framework for Efficient Exploit Detection", 2023.
"ML-FEED: Machine Learning Framework for Efficient Exploit Detection", 2023.
Forwarded from Deadly malware xp
#Cloud_Security
1. Azure AD Pass-Through Authentication Flaws
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
]-> PTAAgentDump tool: https://github.com/secureworks/PTAAgentDump
2. Red Teaming Microsoft Azure
https://improsec.com/tech-blog/read2own
1. Azure AD Pass-Through Authentication Flaws
https://www.secureworks.com/research/azure-active-directory-pass-through-authentication-flaws
]-> PTAAgentDump tool: https://github.com/secureworks/PTAAgentDump
2. Red Teaming Microsoft Azure
https://improsec.com/tech-blog/read2own
Sophos
Azure Active Directory Pass-Through Authentication Flaws
In May 2022, Sophos® Counter Threat Unit™ (CTU) researchers analyzed how the protocols used by Pass-Through Authentication could be exploited.
Forwarded from Deadly malware xp
#Threat_Research
1. SSH Key Injection Vulnerability in Google Cloud Compute Engine
https://blog.stazot.com/ssh-key-injection-google-cloud
2. Network Security Trends: August-October 2022
https://unit42.paloaltonetworks.com/network-security-trends-aug-oct-2022
3. Learn EVM Attacks: A collection of Foundry tests reproducing exploits, bug bounty reports, and theoretical vulnerabilities on EVM chains
https://github.com/coinspect/learn-evm-attacks
1. SSH Key Injection Vulnerability in Google Cloud Compute Engine
https://blog.stazot.com/ssh-key-injection-google-cloud
2. Network Security Trends: August-October 2022
https://unit42.paloaltonetworks.com/network-security-trends-aug-oct-2022
3. Learn EVM Attacks: A collection of Foundry tests reproducing exploits, bug bounty reports, and theoretical vulnerabilities on EVM chains
https://github.com/coinspect/learn-evm-attacks
Stazot
Sivanesh Ashok
Blog about bug bounty and infosec research
Forwarded from Deadly malware xp
#Offensive_security
1. Exploiting Distroless Images
https://www.form3.tech/engineering/content/exploiting-distroless-images
2. Exploiting CVE-2021-3490 for Container Escapes
https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes
1. Exploiting Distroless Images
https://www.form3.tech/engineering/content/exploiting-distroless-images
2. Exploiting CVE-2021-3490 for Container Escapes
https://www.crowdstrike.com/blog/exploiting-cve-2021-3490-for-container-escapes
www.form3.tech
Exploiting Distroless Images
An abuse of functionality in the OpenSSL binary, installed in the official Google Container Tools Distroless Base container image, allows for command execution and arbitrary file read and write on distroless containers. By abusing the enc functionality in…
Forwarded from Deadly malware xp
#Threat_Research
1. Java XML security issues and how to address them
https://semgrep.dev/blog/2022/xml-security-in-java
2. QT QML Vulnerability
https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml
1. Java XML security issues and how to address them
https://semgrep.dev/blog/2022/xml-security-in-java
2. QT QML Vulnerability
https://blog.talosintelligence.com/vulnerability-spotlight-integer-and-buffer-overflow-vulnerabilities-found-in-qt-qml
Forwarded from Deadly malware xp
#Cloud_Security
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
https://securitylabs.datadoghq.com/articles/iamadmin-cloudtrail-bypass
Datadoghq
AWS CloudTrail vulnerability: Undocumented API allows CloudTrail bypass
Public disclosure of a method to bypass CloudTrail for specific IAM actions.
Forwarded from Deadly malware xp
#Malware_analysis
StrongPity espionage campaign
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users
StrongPity espionage campaign
https://www.welivesecurity.com/2023/01/10/strongpity-espionage-campaign-targeting-android-users
WeLiveSecurity
StrongPity espionage campaign targeting Android users
ESET researchers uncover an active StrongPity campaign that spreads a trojanized version of the Android Telegram app posing as the Shagle video chat app.
Forwarded from Deadly malware xp
Ultraverse.pdf
10.3 MB
#Research
"Ultraverse: Efficient Retroactive Operation for Attack Recovery in Database Systems and Web Frameworks", 2023.
"Ultraverse: Efficient Retroactive Operation for Attack Recovery in Database Systems and Web Frameworks", 2023.
Forwarded from 卩ro 爪Cracker
Centreon Map plugin allows pre-auth remote process memory dump (CVSS 8.3) - PoC
https://ift.tt/3U9xKJI
Submitted January 19, 2023 at 12:33PM by qwerty0x41
via reddit https://ift.tt/xvS2PIr
https://ift.tt/3U9xKJI
Submitted January 19, 2023 at 12:33PM by qwerty0x41
via reddit https://ift.tt/xvS2PIr
Forwarded from 卩ro 爪Cracker
Exploiting CVE-2021-3490 for Container Escapes
https://ift.tt/r2cXUpe
Submitted January 19, 2023 at 05:01PM by Gallus
via reddit https://ift.tt/v3dSMqc
https://ift.tt/r2cXUpe
Submitted January 19, 2023 at 05:01PM by Gallus
via reddit https://ift.tt/v3dSMqc
CrowdStrike.com
Exploiting CVE-2021-3490 for Container Escapes | CrowdStrike
Learn how to modify and exploit a Linux Kernel vulnerability to escape container environments, and how CrowdStrike can help to prevent and hunt for similar threats.
Forwarded from 卩ro 爪Cracker
POC Exploit for CVE-2022-47966 affecting multiple ManageEngine products
https://ift.tt/4cZl7zt
Submitted January 19, 2023 at 06:52PM by scopedsecurity
via reddit https://ift.tt/we3bRx4
https://ift.tt/4cZl7zt
Submitted January 19, 2023 at 06:52PM by scopedsecurity
via reddit https://ift.tt/we3bRx4
GitHub
GitHub - horizon3ai/CVE-2022-47966: POC for CVE-2022-47966 affecting multiple ManageEngine products
POC for CVE-2022-47966 affecting multiple ManageEngine products - horizon3ai/CVE-2022-47966
Forwarded from 卩ro 爪Cracker
CVE-2022-47966.py
3.1 KB
💥PoC for CVE-2022-47966
Usage:
⚙️For AD related products, such as ADManager, an issuer argument is required:
Usage:
⚙️For AD related products, such as ADManager, an issuer argument is required:
python3 ./CVE-2022-47966.py --url https://10.0.40.90:8443/samlLogin/<guid> --issuer https://sts.windows.net/<guid>/ --command notepad.exe⚙️For other products, a URL is all that is required:
python3 ./CVE-2022-47966.py --url https://10.0.40.64:8080/SamlResponseServlet --command notepad.exeForwarded from 卩ro 爪Cracker
Simple, open-source, lightweight stress testing tool
https://ift.tt/CJDx5pf
Submitted January 19, 2023 at 09:38PM by chrisy_e
via reddit https://ift.tt/NblMW8E
https://ift.tt/CJDx5pf
Submitted January 19, 2023 at 09:38PM by chrisy_e
via reddit https://ift.tt/NblMW8E
GitHub
GitHub - getanteon/anteon: Anteon (formerly Ddosify): eBPF-based Kubernetes Monitoring and Performance Testing
Anteon (formerly Ddosify): eBPF-based Kubernetes Monitoring and Performance Testing - getanteon/anteon
Forwarded from 卩ro 爪Cracker
New Remcos RATversion uses direct syscalls to evade detection.
https://ift.tt/nPdt9Wk
Submitted January 19, 2023 at 10:49PM by woja111
via reddit https://ift.tt/1IFTKng
https://ift.tt/nPdt9Wk
Submitted January 19, 2023 at 10:49PM by woja111
via reddit https://ift.tt/1IFTKng
Rapid7
Rapid7 Managed Cybersecurity: Outpace Attackers
Forwarded from 卩ro 爪Cracker
Aerleon a vendor agnostic firewall management system
https://ift.tt/5L72C9O
Submitted January 20, 2023 at 12:19AM by ankenyr
via reddit https://ift.tt/TFMavi7
https://ift.tt/5L72C9O
Submitted January 20, 2023 at 12:19AM by ankenyr
via reddit https://ift.tt/TFMavi7
GitHub
GitHub - aerleon/aerleon: Multi-platform ACL generation system
Multi-platform ACL generation system. Contribute to aerleon/aerleon development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
How to completely own an airline in 3 easy steps
https://ift.tt/DsZiIY6
Submitted January 20, 2023 at 07:48AM by _vavkamil_
via reddit https://ift.tt/CoDSNga
https://ift.tt/DsZiIY6
Submitted January 20, 2023 at 07:48AM by _vavkamil_
via reddit https://ift.tt/CoDSNga
maia :3
how to completely own an airline in 3 easy steps
and grab the TSA nofly list along the way