Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021
https://github.com/0vercl0k/zenith
https://github.com/0vercl0k/zenith
CVE-2022-23131 zabbix-saml-bypass-exp
https://github.com/Mr-xn/cve-2022-23131
Bypassing Linux Executable Space Protection CVE-2022-25265
https://github.com/x0reaxeax/exec-prot-bypass
https://github.com/Mr-xn/cve-2022-23131
Bypassing Linux Executable Space Protection CVE-2022-25265
https://github.com/x0reaxeax/exec-prot-bypass
Bug Bounty Roadmaps
https://github.com/1ndianl33t/Bug-Bounty-Roadmaps
Useful Google Dorks for BugBounty
https://github.com/Proviesec/google-dorks
A curated list of backdoor learning resources
https://github.com/THUYimingLi/backdoor-learning-resources
https://github.com/1ndianl33t/Bug-Bounty-Roadmaps
Useful Google Dorks for BugBounty
https://github.com/Proviesec/google-dorks
A curated list of backdoor learning resources
https://github.com/THUYimingLi/backdoor-learning-resources
InfoSecSherpa’s News Roundup for Sunday, February 20, 2022
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-sunday-february-20-2022-a5a2aec09ddc
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-sunday-february-20-2022-a5a2aec09ddc
CVE-2022-24086 about Magento RCE
https://github.com/Mr-xn/CVE-2022-24086
CVE-2022-24112 Apache APISIX check
https://github.com/shakeman8/CVE-2022-24112
CVE-2022-24112 Apache apisix/batch-requests RCE
https://github.com/Mr-xn/CVE-2022-24112
https://github.com/Mr-xn/CVE-2022-24086
CVE-2022-24112 Apache APISIX check
https://github.com/shakeman8/CVE-2022-24112
CVE-2022-24112 Apache apisix/batch-requests RCE
https://github.com/Mr-xn/CVE-2022-24112
Eventlistener xss Recon
https://github.com/yavolo/eventlistener-xss-recon
A blind XSS detection framework
https://github.com/daxAKAhackerman/XSS-Catcher
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
https://github.com/ksharinarayanan/SSRFire
https://github.com/yavolo/eventlistener-xss-recon
A blind XSS detection framework
https://github.com/daxAKAhackerman/XSS-Catcher
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
https://github.com/ksharinarayanan/SSRFire
A easily modifiable shellcode template for Windows x64/x86
https://github.com/Cracked5pider/ShellcodeTemplate
list of resources, and other things that aid in malware analysis / dev and exploit dev
https://github.com/evilbuffer/malware-and-exploitdev-resources
https://github.com/Cracked5pider/ShellcodeTemplate
list of resources, and other things that aid in malware analysis / dev and exploit dev
https://github.com/evilbuffer/malware-and-exploitdev-resources
A multi-platform HTTP(S) Reverse Shell Server and Client in Python 3
https://github.com/EONRaider/BCA-Phantom
https://github.com/EONRaider/BCA-Phantom
Modified CryptBot Infostealer Being Distributed
https://asec.ahnlab.com/en/31802
Cobalt Strike Being Distributed to Vulnerable MS-SQL Servers
https://asec.ahnlab.com/en/31811
https://asec.ahnlab.com/en/31802
Cobalt Strike Being Distributed to Vulnerable MS-SQL Servers
https://asec.ahnlab.com/en/31811
ndss22-linux.pdf
642.2 KB
An In-depth Analysis of Duplicated Linux Kernel Bug Reports
https://gangw.cs.illinois.edu/ndss22-linux.pdf
https://gangw.cs.illinois.edu/ndss22-linux.pdf
A-Practical-Guide-to-Attacking-JWT-JSON-Web-Tokens.pdf
32.4 MB
A Practical Guide to Attacking JWT JSON Web Tokens
https://redhuntlabs.com/wp-content/uploads/2022/02/A-Practical-Guide-to-Attacking-JWT-JSON-Web-Tokens.pdf
https://redhuntlabs.com/wp-content/uploads/2022/02/A-Practical-Guide-to-Attacking-JWT-JSON-Web-Tokens.pdf
Fuzz Rust code with LibAFL
https://github.com/AFLplusplus/cargo-libafl
Samsung Exploit and firmware decryption
https://github.com/synacktiv/samsung-q60t-exploit
https://github.com/AFLplusplus/cargo-libafl
Samsung Exploit and firmware decryption
https://github.com/synacktiv/samsung-q60t-exploit
Cross-site information leak - Leaking cross-origin redirect destination URI due to CORS (iOS)
https://bugs.chromium.org/p/chromium/issues/detail?id=1230444
The AMD Branch (Mis)predictor: Just Set it and Forget it!
https://grsecurity.net/amd_branch_mispredictor_just_set_it_and_forget_it
https://bugs.chromium.org/p/chromium/issues/detail?id=1230444
The AMD Branch (Mis)predictor: Just Set it and Forget it!
https://grsecurity.net/amd_branch_mispredictor_just_set_it_and_forget_it
Relaying Kerberos over DNS using krbrelayx and mitm6
https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6
https://dirkjanm.io/relaying-kerberos-over-dns-with-krbrelayx-and-mitm6
Dridex bots deliver Entropy ransomware in recent attacks
https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks
Malware Civil War – Malicious npm Packages Targeting Malware Authors
https://jfrog.com/blog/malware-civil-war-malicious-npm-packages-targeting-malware-authors/
https://news.sophos.com/en-us/2022/02/23/dridex-bots-deliver-entropy-ransomware-in-recent-attacks
Malware Civil War – Malicious npm Packages Targeting Malware Authors
https://jfrog.com/blog/malware-civil-war-malicious-npm-packages-targeting-malware-authors/
Exploit Development: ASLR - Coming To A KUSER_SHARED_DATA Structure Near You!
https://connormcgarr.github.io/kuser-shared-data-changes-win-11
Logic Flaw Leading to RCE in Dynamicweb 9.5.0 - 9.12.7
https://blog.assetnote.io/2022/02/20/logicflaw-dynamicweb-rce
Clang Checkers and CodeQL Queries for Detecting Untrusted Pointer Derefs and Tainted Loop Conditions
https://www.zerodayinitiative.com/blog/2022/2/22/clang-checkers-and-codeql-queries-for-detecting-untrusted-pointer-derefs-and-tainted-loop-conditions
https://connormcgarr.github.io/kuser-shared-data-changes-win-11
Logic Flaw Leading to RCE in Dynamicweb 9.5.0 - 9.12.7
https://blog.assetnote.io/2022/02/20/logicflaw-dynamicweb-rce
Clang Checkers and CodeQL Queries for Detecting Untrusted Pointer Derefs and Tainted Loop Conditions
https://www.zerodayinitiative.com/blog/2022/2/22/clang-checkers-and-codeql-queries-for-detecting-untrusted-pointer-derefs-and-tainted-loop-conditions
Mitigating kernel risks on 32-bit ARM
https://security.googleblog.com/2022/02/mitigating-kernel-risks-on-32-bit-arm.html
Stealing a few more GitHub Actions secrets
https://blog.teddykatz.com/2022/02/23/ghosts-of-branches-past.html
https://security.googleblog.com/2022/02/mitigating-kernel-risks-on-32-bit-arm.html
Stealing a few more GitHub Actions secrets
https://blog.teddykatz.com/2022/02/23/ghosts-of-branches-past.html
Maat a cross-architecture, multi-purpose, and user-friendly symbolic execution framework. It provides common symbolic execution capabilities such as dynamic symbolic execution (DSE), taint analysis, binary instrumentation, environment simulation, and constraint solving
https://blog.trailofbits.com/2022/02/23/maat-symbolic-execution-made-easy
Source Code
https://github.com/trailofbits/maat
https://blog.trailofbits.com/2022/02/23/maat-symbolic-execution-made-easy
Source Code
https://github.com/trailofbits/maat
SQL Injection to RCE
https://pentestmag.com/sql-injection-to-rce
Remote Code Execution in pfSense <= 2.5.2
https://www.shielder.it/advisories/pfsense-remote-command-execution
https://pentestmag.com/sql-injection-to-rce
Remote Code Execution in pfSense <= 2.5.2
https://www.shielder.it/advisories/pfsense-remote-command-execution