Elastic Security detection content for Endpoint
https://github.com/elastic/protections-artifacts
https://github.com/elastic/protections-artifacts
GitHub
GitHub - elastic/protections-artifacts: Elastic Security detection content for Endpoint
Elastic Security detection content for Endpoint. Contribute to elastic/protections-artifacts development by creating an account on GitHub.
NETGEAR R6700v3: 1day Analysis (CVE-2021-34982) Buffer Overflow RCE Vulnerability
https://blog.viettelcybersecurity.com/netgear-r6700v3-1day-analysis-cve-2021-34982-buffer-overflow-rce-vulnerabiliy-2
https://blog.viettelcybersecurity.com/netgear-r6700v3-1day-analysis-cve-2021-34982-buffer-overflow-rce-vulnerabiliy-2
A static code analysis for WordPress (and PHP)
https://github.com/webarx-security/wpbullet
https://github.com/webarx-security/wpbullet
GitHub
GitHub - webarx-security/wpbullet: A static code analysis for WordPress (and PHP)
A static code analysis for WordPress (and PHP). Contribute to webarx-security/wpbullet development by creating an account on GitHub.
Fuzzable - Framework for Automating Fuzzable Target Discovery with Static Analysis
https://github.com/ex0dus-0x/fuzzable
https://github.com/ex0dus-0x/fuzzable
GitHub
GitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis.
Framework for Automating Fuzzable Target Discovery with Static Analysis. - ex0dus-0x/fuzzable
🔥2
Backdooring Office Structures
Part 1 - The Oldschool
https://mgeeky.tech/backdooring-office-structures-part-1-oldschool
Part 2 - Payload Crumbs In Custom Parts
https://mgeeky.tech/payload-crumbs-in-custom-parts
Part 1 - The Oldschool
https://mgeeky.tech/backdooring-office-structures-part-1-oldschool
Part 2 - Payload Crumbs In Custom Parts
https://mgeeky.tech/payload-crumbs-in-custom-parts
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors
https://wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities
https://wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities
wiz.io
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors | Wiz Blog
How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.
This is a pre-authenticated #RCE exploit for VMware vRealize Operations Manager (vROPS) that impacts versions <= 8.6.3.19682901.
https://github.com/sourceincite/DashOverride
https://github.com/sourceincite/DashOverride
GitHub
GitHub - sourceincite/DashOverride: This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager
This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager - sourceincite/DashOverride
CVE-2022-37393:
Privilege escalation in Zimbra Collaboration Suite
https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
Privilege escalation in Zimbra Collaboration Suite
https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
AttackerKB
CVE-2022-37393 | AttackerKB
Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zms…
The Cisco Hack - Learning from the Cisco Hack, Trail of Evidence Found in Logs
https://trunc.org/learning/cisco-hack-tracks-left-in-the-logs
Report: https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
https://trunc.org/learning/cisco-hack-tracks-left-in-the-logs
Report: https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
Trunc Logging
The Cisco Hack - Tracking the Attack Through your Logs
Cisco Compromise - Insights from Cisco and the trails the attackers can leave in your logs.
1day to 0day (CVE-2022-30024) on TP-Link TL-WR841N
https://blog.viettelcybersecurity.com/1day-to-0day-on-tl-link-tl-wr841n
https://blog.viettelcybersecurity.com/1day-to-0day-on-tl-link-tl-wr841n
Bypass phishing detections with Google Translate
https://certitude.consulting/blog/en/bypass-phishing-detections-with-google-translate-2
https://certitude.consulting/blog/en/bypass-phishing-detections-with-google-translate-2
CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow
https://github.com/infobyte/cve-2022-27255
https://github.com/infobyte/cve-2022-27255
GitHub
GitHub - infobyte/cve-2022-27255
Contribute to infobyte/cve-2022-27255 development by creating an account on GitHub.
CVE-2022-36446 - Webmin-Software-Package-Updates-RCE
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997
https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997
https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
GitHub
GitHub - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE: A Python script to exploit CVE-2022-36446 Software Package…
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
Detection Engineering With MITRE Top Techniques & Atomic Red Team
https://fourcore.io/blogs/detection-engineering-with-mitre-engenuity-atomic-red-team
https://fourcore.io/blogs/detection-engineering-with-mitre-engenuity-atomic-red-team
FourCore
Detection Engineering with MITRE Top Techniques & Atomic Red Team
Detection Engineering is the process of optimizing security controls to get the most value out of them. Therefore, it is essential to prioritize your efforts according to your organization's needs and requirements. Here we cover the methodology of Detection…
freebsd_escalate.pdf
389.2 KB
FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug (CVE-2022-23090), 2022.
https://accessvector.net/2022/freebsd-aio-lpe
https://accessvector.net/2022/freebsd-aio-lpe
The Journey of Hunting In-the-Wild Windows LPE 0day
https://www.blackhat.com/us-22/briefings/schedule/#the-journey-of-hunting-in-the-wild-windows-lpe-day-26988
https://www.blackhat.com/us-22/briefings/schedule/#the-journey-of-hunting-in-the-wild-windows-lpe-day-26988
Blackhat
Black Hat USA 2022
👍1🔥1
DirtyCred-Zhenpeng.pdf
14.3 MB
CVE-2022-2588
Cautious! A New Exploitation Method!
No Pipe but as Nasty as Dirty Pipe
https://github.com/greek0x0/2022-LPE-UAF
Cautious! A New Exploitation Method!
No Pipe but as Nasty as Dirty Pipe
https://github.com/greek0x0/2022-LPE-UAF
Malware sandbox evasion in x64 assembly by checking ram size
Part 1:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-1.html
Part 2:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-2.html
https://github.com/accidentalrebel/sandbox-evasion-by-checking-ram-size
Part 1:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-1.html
Part 2:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-2.html
https://github.com/accidentalrebel/sandbox-evasion-by-checking-ram-size
Accidentalrebel
Malware sandbox evasion in x64 assembly by checking ram size - Part 1
During my malware sandbox evasion research, I stumbled upon the Unprotect Project website. It is a community-contributed repository of evasion techniques used by malware. I saw that the the Checking Memory Size technique doesn't have a example snippet yet…