The slides of our talk at Recon 2023 "Dissecting the Modern Android Data Encryption Scheme" are now available online.

Thanks @reconmtl for organizing this great event.
https://github.com/quarkslab/conf-presentations/blob/master/Recon23/Recon23-Android-FBE-mrossibellom-dmelotti.pdf
🗣max_r_b


🎖@malwr

"windows-api-function-cheatsheets: A reference of Windows API function calls, including functions for file operations, process..."

#infosec #pentest #redteam
https://github.com/snowcra5h/windows-api-function-cheatsheets
🗣CyberWarship


🎖@malwr

"BLACKHAT_Asia2023: Black Hat Asia 2023 PDF Public"

#infosec #pentest #redteam
https://github.com/Mr-xn/BLACKHAT_Asia2023
🗣CyberWarship


🎖@malwr

Manually 'reconstruct' a packed PE file from a crash dump in IDA. https://youtu.be/A0qC2Um6gsA
🗣allthingsida


🎖@malwr

Escaping Parallels Desktop with Plist Injection https://pwn.win/2023/05/08/parallels-escape.html
🗣reverseame


🎖@malwr

Bypass-Sandbox-Evasion - Bypass Malware Sandbox Evasion Ram Check https://www.kitploit.com/2023/06/bypass-sandbox-evasion-bypass-malware.html #Pentesting #Bypass #Malware #Sandbox #CyberSecurity #Infosec
🗣ptracesecurity


🎖@malwr

Mandiant's Alexander Marvi, Brad Slaybaugh, Ron Craft & Rufus Brown have discovered additional techniques utilized by UNC3886 across multiple organizations to keep out of the sights of EDR solutions. https://www.mandiant.com/resources/blog/vmware-esxi-zero-day-bypass
🗣virusbtn


🎖@malwr

First Look: Ghidra 10.3 Emulator https://medium.com/@cy1337/first-look-ghidras-10-3-emulator-7f74dd55e12d
🗣reverseame


🎖@malwr

KasperskyLab/TinyCheckPublic

TinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them.
https://github.com/KasperskyLab/TinyCheck
🗣Tinolle


🎖@malwr

Nuclei + Paramspider = NucleiFuzzer (Automation)
NucleiFuzzer is a powerful automation tool for detecting xss,sqli,ssrf,open-redirect..etc vulnerabilities in web applications.
You can find the tool below
👇👇👇
https://github.com/0xKayala/NucleiFuzzer
#BugBountyTips #BugBounty #HackerOne
🗣ibrahimatix0x01


🎖@malwr

Try these to check bugs in PDF uploads:-

https://github.com/luigigubello/PayloadsAllThePDFs
🗣ManasH4rsh


🎖@malwr

Freaky Leaky SMS: Extracting User Locations by Analyzing SMS Timings
🗣nangaparbat

This is why I come to the sub. Thanks for posting!
👤One-Fan7214

> Due to the way cellular networks are designed, it is difficult to prevent Delivery Reports from being returned to the originator making it challenging to thwart this covert attack without making fundamental changes to the network architecture.

Bollocks. Our network blocks them by default. Source: guy that built it.

EDIT: And furthermore, enabling SMS Home Routing in non-Transparent mode will protect against timing attacks since the target's home SMS-R will respond to the incoming SRI-SM and FSM messages immediately no matter where the subscriber is located. It will also foil the delivery receipt by lying and reporting successful delivery regardless.
👤ExParrot1337

before you all freak out, the accuracy is pretty good but at the granularity of countries. Still a problem in many circumstances.
👤vjeuss


🎖@malwr

Driver-Based Privilege Escalation and How to Catch This Threat
In this video, I show a driver-based privilege escalation. This can be used to stop protected processes or do other actions requiring kernel access. I will also show you how to detect this using the loldrivers.io feed MISP and Elastic SIEM.

Driver Installation Privilege Escalation and Detection
🗣Infosecsamurai


🎖@malwr

Analysis of CVE-2023-29336 Win32k Privilege Escalation
🗣wolfcod

Great thanks! Needs to be more of this stuff, would love to learn more about taking a CVE/Patch Tuesday vulnerability to a PoC. Not much around about it, obviously because it's fairly difficult.
👤jahwni


🎖@malwr