Forwarded from 卩ro 爪Cracker
GraphQL exploitation – All you need to know – Cybervelia
https://ift.tt/lILWoxS
Submitted January 13, 2023 at 02:28AM by Necessary-Reality-80
via reddit https://ift.tt/SLsfWgA
https://ift.tt/lILWoxS
Submitted January 13, 2023 at 02:28AM by Necessary-Reality-80
via reddit https://ift.tt/SLsfWgA
Forwarded from ㅤㅤㅤ
#windows #system call #bypass
Interception of system calls in Windows 11 22 H2 like Avast antivirus.
Research, analysis and bypass:
https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
Interception of system calls in Windows 11 22 H2 like Avast antivirus.
Research, analysis and bypass:
https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
Forwarded from 卩ro 爪Cracker
#exploit
1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module
https://github.com/Wh04m1001/RazerEoP
2. CVE-2023-21752:
PoC for arbitrary file delete vulnerability in Windows Backup service
https://github.com/Wh04m1001/CVE-2023-21752
1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module
https://github.com/Wh04m1001/RazerEoP
2. CVE-2023-21752:
PoC for arbitrary file delete vulnerability in Windows Backup service
https://github.com/Wh04m1001/CVE-2023-21752
GitHub
GitHub - Wh04m1001/RazerEoP
Contribute to Wh04m1001/RazerEoP development by creating an account on GitHub.
Leviathan.pdf
5.2 MB
#Sec_code_review
"SELECT Bugs FROM Binary WHERE Pattern LIKE CVE-1337-DAYS".
"SELECT Bugs FROM Binary WHERE Pattern LIKE CVE-1337-DAYS".
#Malware_analysis
1. NeedleDropper Analysis
https://decoded.avast.io/threatresearch/needledropper
2. Gootkit Loader
https://www.trendmicro.com/en_us/research/23/a/gootkit-loader-actively-targets-the-australian-healthcare-indust.html
3. "Pre-Owned" malware in ROM on T95 Android TV Box (AllWinner H616)
https://github.com/DesktopECHO/T95-H616-Malware
1. NeedleDropper Analysis
https://decoded.avast.io/threatresearch/needledropper
2. Gootkit Loader
https://www.trendmicro.com/en_us/research/23/a/gootkit-loader-actively-targets-the-australian-healthcare-indust.html
3. "Pre-Owned" malware in ROM on T95 Android TV Box (AllWinner H616)
https://github.com/DesktopECHO/T95-H616-Malware
Avast Threat Labs
NeedleDropper - Avast Threat Labs
Since October 2022, we’ve been observing multiple malware types delivered via a new dropper strain that we are referring to as “NeedleDropper”. Its name references one of the ways the dropper stores data. NeedleDropper is not just a single executable, it…
Threema_analysis.pdf
413.9 KB
#Research
"Three Lessons From Threema: Analysis of a Secure Messenger", 2022.
"Three Lessons From Threema: Analysis of a Secure Messenger", 2022.
#Threat_Research
1.Practice of Automatic Vulnerability Mining Based on Code Attribute Graph
https://blog.0kami.cn/blog/2023/%E5%9F%BA%E4%BA%8E%E4%BB%A3%E7%A0%81%E5%B1%9E%E6%80%A7%E5%9B%BE%E7%9A%84%E8%87%AA%E5%8A%A8%E5%8C%96%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98%E5%AE%9E%E8%B7%B5
2. ReVoLTE Attack - Voice calls in LTE
https://blog.cryptographyengineering.com/2020/08/12/attack-of-the-week-voice-calls-in-lte
]-> Demo/App: https://revolte-attack.net
]-> Android App that allows you to detect vulnerabilities in deployed LTE/5G networks:
https://github.com/RUB-SysSec/mobile_sentinel
]-> USENIX document:
https://www.usenix.org/conference/usenixsecurity20/presentation/rupprecht
1.Practice of Automatic Vulnerability Mining Based on Code Attribute Graph
https://blog.0kami.cn/blog/2023/%E5%9F%BA%E4%BA%8E%E4%BB%A3%E7%A0%81%E5%B1%9E%E6%80%A7%E5%9B%BE%E7%9A%84%E8%87%AA%E5%8A%A8%E5%8C%96%E6%BC%8F%E6%B4%9E%E6%8C%96%E6%8E%98%E5%AE%9E%E8%B7%B5
2. ReVoLTE Attack - Voice calls in LTE
https://blog.cryptographyengineering.com/2020/08/12/attack-of-the-week-voice-calls-in-lte
]-> Demo/App: https://revolte-attack.net
]-> Android App that allows you to detect vulnerabilities in deployed LTE/5G networks:
https://github.com/RUB-SysSec/mobile_sentinel
]-> USENIX document:
https://www.usenix.org/conference/usenixsecurity20/presentation/rupprecht
blog.0kami.cn
基于代码属性图的自动化漏洞挖掘实践 - wh1t3p1g's blog
happy hunting bugs
EyeSpyVPN.pdf
8.6 MB
#Whitepaper
"EyeSpy - Iranian Spyware Delivered in VPN Installers", 2023.
"EyeSpy - Iranian Spyware Delivered in VPN Installers", 2023.
Forwarded from 卩ro 爪Cracker
SUDO_KILLER
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
https://github.com/TH3xACE/SUDO_KILLER
#linux #sudo
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
https://github.com/TH3xACE/SUDO_KILLER
#linux #sudo
Forwarded from 卩ro 爪Cracker
code-inspector
Java code inspector for web vulnerability scan.
https://github.com/4ra1n/code-inspector
Java code inspector for web vulnerability scan.
https://github.com/4ra1n/code-inspector
Forwarded from 卩ro 爪Cracker
Load testing private endpoints
https://ift.tt/QnT9HYL
Submitted January 14, 2023 at 02:51AM by krstCB
via reddit https://ift.tt/qAUkBEV
https://ift.tt/QnT9HYL
Submitted January 14, 2023 at 02:51AM by krstCB
via reddit https://ift.tt/qAUkBEV
Ddosify
Testing the Performance of User Authentication Flow | Ddosify Blog
CVE-2023-21752
PoC for arbitrary file delete vulnerability in Windows Backup service
https://system32.ink/news-feed/p/133/
PoC for arbitrary file delete vulnerability in Windows Backup service
https://system32.ink/news-feed/p/133/
System32
MCracker2002 posted an update
CVE-2023-21752
PoC for arbitrary file delete vulnerability in Windows Backup service
https://github.com/Wh04m1001/CVE-2023-21752
PoC for arbitrary file delete vulnerability in Windows Backup service
https://github.com/Wh04m1001/CVE-2023-21752
Asta-decrypt
This is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.
Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp and injects it into a hollow process. https://system32.ink/news-feed/p/134/
This is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.
Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp and injects it into a hollow process. https://system32.ink/news-feed/p/134/
System32
MCracker2002 posted an update
Asta-decrypt
This is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.
Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp…
This is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.
Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp…
CVE-2022-46169
Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19
https://system32.ink/news-feed/p/135/
Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19
https://system32.ink/news-feed/p/135/
System32
MCracker2002 posted an update
CVE-2022-46169Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19https://github.com/Anthonyc3rb3ru5/CVE-2022-46169