29 files

Let's have a look at a recent kernel local privilege escalation exploit!

Exploit Source: https://hxp.io/blog/79/hxp-CTF-2020-wisdom2/
Kernel Developer Walkthrough: https://www.youtube.com/watch?v=LORxdO1XUjY

Syscalls, Kernel vs. User Mode and Linux Kernel…

CVE-2020-36179~82 Jackson-databind SSRF&RCE. Contribute to Al1ex/CVE-2020-36179 development by creating an account on GitHub.

This is part 1  of a 6-part series detailing a set of vulnerabilities found by Project Zero being exploited in the wild. To read the other p...

Microsoft replied that this is out of scope of their security program as well as not deemed this as a security vulnerability at all, so I…

Contribute to fboldewin/ATMMalScan development by creating an account on GitHub.

Ambionics Security team discovered an RCE in Laravel, when the framework is in debug mode.

In this post I’m telling a short story from an environment I faced some time ago and how to handle the situation bypassing Constrained Language Mode and Appl...

Author: Zhipeng Huo(@R3dF09) of Tencent Security Xuanwu Lab 0x0 IntroductionIn this blog, I will detail an interesting logic vulnerability I found in launchd process when it is managing the XPC Servic