Proof of concept for CVE-2021-24086, a NULL dereference in tcpip.sys triggered remotely. - 0vercl0k/CVE-2021-24086

In this blog post we analyze a denial of service vulnerability affecting the IPv6 stack of Windows. This issue, whose root cause can be found in the mishandling of IPv6 fragments, was patched by Microsoft in their February 2021 security bulletin.

Fileless persistence: The rootkit resides in the system memory and does not write any files to the disk. This is achieved in multiple stages.

In this article we review methods to extract credentials from lsass process memory despite LSA protection and RunAsPPL registry settings.

A repository for learning various heap exploitation techniques. - shellphish/how2heap

A list of useful payloads and bypass for Web Application Security and Pentest/CTF - swisskyrepo/PayloadsAllTheThings

In this series we’ll document a novel and as-yet-undocumented Virtual Machine detection trick for each month of 2021. These detection tricks will be focused on 64-bit Windows 10 or Windows Server 2019 guests, targeting a variety of VM platforms.

Divide full port scan results and use it for targeted Nmap runs - snovvcrash/DivideAndScan

Interactive debuggers are tools that allow you to selectively observe the program state during an execution. In this chapter, you will learn how such debuggers work – by building your own debugger.Prerequisites You should have read the Chapter on Tracing…

The general method of browser render process exploit is: after exploiting the vulnerability to obtain user mode arbitrary memory read/write primitive, the vtable of DOM/js object is tampered to hijack the code execution flow. Then VirtualProtect is called…

Expect memes, food for thoughts, tech guidelines and trash talk daily.

I was hunting a full month on a federal private program and comes up with plenty of account takeovers. I am going to share one of the…

In today’s blog post I wanted to talk about Secure Shell (SSH) and some of its powerful features. We will start with some of the basics such as what it is, what it does, and then more advance…

An asynchronous pseudo one-time pad based crypto and anonymity library. - GitHub - rmlibre/aiootp: An asynchronous pseudo one-time pad based crypto and anonymity library.

The AWS Enumerator was created for service enumeration and info dumping for investigations of penetration testers during Black-Box testing. The tool is intended to speed up the process of Cloud rev...

DCS offers global online cybersecurity and ethical system hacking programs and technology consultancy services in the areas of Cybersecurity, ISO27001, ISO27002, NIST, CIS Digital Transformation, Cloud Transformation and Bespoke Training Curriculum Development