Fuzzable - Framework for Automating Fuzzable Target Discovery with Static Analysis
https://github.com/ex0dus-0x/fuzzable
https://github.com/ex0dus-0x/fuzzable
GitHub
GitHub - ex0dus-0x/fuzzable: Framework for Automating Fuzzable Target Discovery with Static Analysis.
Framework for Automating Fuzzable Target Discovery with Static Analysis. - ex0dus-0x/fuzzable
🔥2
Backdooring Office Structures
Part 1 - The Oldschool
https://mgeeky.tech/backdooring-office-structures-part-1-oldschool
Part 2 - Payload Crumbs In Custom Parts
https://mgeeky.tech/payload-crumbs-in-custom-parts
Part 1 - The Oldschool
https://mgeeky.tech/backdooring-office-structures-part-1-oldschool
Part 2 - Payload Crumbs In Custom Parts
https://mgeeky.tech/payload-crumbs-in-custom-parts
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors
https://wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities
https://wiz.io/blog/the-cloud-has-an-isolation-problem-postgresql-vulnerabilities
wiz.io
The cloud has an isolation problem: PostgreSQL vulnerabilities affect multiple cloud vendors | Wiz Blog
How Wiz Research uncovered multiple related vulnerabilities in PostgreSQL-as-a-Service offerings from GCP, Azure, and others.
This is a pre-authenticated #RCE exploit for VMware vRealize Operations Manager (vROPS) that impacts versions <= 8.6.3.19682901.
https://github.com/sourceincite/DashOverride
https://github.com/sourceincite/DashOverride
GitHub
GitHub - sourceincite/DashOverride: This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager
This is a pre-authenticated RCE exploit for VMware vRealize Operations Manager - sourceincite/DashOverride
CVE-2022-37393:
Privilege escalation in Zimbra Collaboration Suite
https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
Privilege escalation in Zimbra Collaboration Suite
https://attackerkb.com/topics/92AeLOE1M1/cve-2022-37393/rapid7-analysis
AttackerKB
CVE-2022-37393 | AttackerKB
Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary as root with arbitrary parameters. As part of its intended functionality, zms…
The Cisco Hack - Learning from the Cisco Hack, Trail of Evidence Found in Logs
https://trunc.org/learning/cisco-hack-tracks-left-in-the-logs
Report: https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
https://trunc.org/learning/cisco-hack-tracks-left-in-the-logs
Report: https://blog.talosintelligence.com/2022/08/recent-cyber-attack.html
Trunc Logging
The Cisco Hack - Tracking the Attack Through your Logs
Cisco Compromise - Insights from Cisco and the trails the attackers can leave in your logs.
1day to 0day (CVE-2022-30024) on TP-Link TL-WR841N
https://blog.viettelcybersecurity.com/1day-to-0day-on-tl-link-tl-wr841n
https://blog.viettelcybersecurity.com/1day-to-0day-on-tl-link-tl-wr841n
Bypass phishing detections with Google Translate
https://certitude.consulting/blog/en/bypass-phishing-detections-with-google-translate-2
https://certitude.consulting/blog/en/bypass-phishing-detections-with-google-translate-2
CVE-2022-27255 - Realtek eCos SDK SIP ALG buffer overflow
https://github.com/infobyte/cve-2022-27255
https://github.com/infobyte/cve-2022-27255
GitHub
GitHub - infobyte/cve-2022-27255
Contribute to infobyte/cve-2022-27255 development by creating an account on GitHub.
CVE-2022-36446 - Webmin-Software-Package-Updates-RCE
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997
https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997
https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
GitHub
GitHub - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE: A Python script to exploit CVE-2022-36446 Software Package…
A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997. - p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
Detection Engineering With MITRE Top Techniques & Atomic Red Team
https://fourcore.io/blogs/detection-engineering-with-mitre-engenuity-atomic-red-team
https://fourcore.io/blogs/detection-engineering-with-mitre-engenuity-atomic-red-team
FourCore
Detection Engineering with MITRE Top Techniques & Atomic Red Team
Detection Engineering is the process of optimizing security controls to get the most value out of them. Therefore, it is essential to prioritize your efforts according to your organization's needs and requirements. Here we cover the methodology of Detection…
freebsd_escalate.pdf
389.2 KB
FreeBSD 11.0-13.0 LPE via aio_aqueue Kernel Refcount Bug (CVE-2022-23090), 2022.
https://accessvector.net/2022/freebsd-aio-lpe
https://accessvector.net/2022/freebsd-aio-lpe
The Journey of Hunting In-the-Wild Windows LPE 0day
https://www.blackhat.com/us-22/briefings/schedule/#the-journey-of-hunting-in-the-wild-windows-lpe-day-26988
https://www.blackhat.com/us-22/briefings/schedule/#the-journey-of-hunting-in-the-wild-windows-lpe-day-26988
Blackhat
Black Hat USA 2022
👍1🔥1
DirtyCred-Zhenpeng.pdf
14.3 MB
CVE-2022-2588
Cautious! A New Exploitation Method!
No Pipe but as Nasty as Dirty Pipe
https://github.com/greek0x0/2022-LPE-UAF
Cautious! A New Exploitation Method!
No Pipe but as Nasty as Dirty Pipe
https://github.com/greek0x0/2022-LPE-UAF
Malware sandbox evasion in x64 assembly by checking ram size
Part 1:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-1.html
Part 2:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-2.html
https://github.com/accidentalrebel/sandbox-evasion-by-checking-ram-size
Part 1:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-1.html
Part 2:
https://www.accidentalrebel.com/malware-sandbox-evasion-in-x64-assembly-by-checking-ram-size-part-2.html
https://github.com/accidentalrebel/sandbox-evasion-by-checking-ram-size
Accidentalrebel
Malware sandbox evasion in x64 assembly by checking ram size - Part 1
During my malware sandbox evasion research, I stumbled upon the Unprotect Project website. It is a community-contributed repository of evasion techniques used by malware. I saw that the the Checking Memory Size technique doesn't have a example snippet yet…
Mozilla Firefox
CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:
RCE + SBX full chain complete
https://github.com/mistymntncop/CVE-2022-1802
CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:
RCE + SBX full chain complete
https://github.com/mistymntncop/CVE-2022-1802
GitHub
GitHub - mistymntncop/CVE-2022-1802
Contribute to mistymntncop/CVE-2022-1802 development by creating an account on GitHub.
Zimbra CVE-2022-37042 Nuclei weaponized template shell
https://github.com/aels/CVE-2022-37042
https://github.com/aels/CVE-2022-37042
GitHub
GitHub - aels/CVE-2022-37042: Zimbra CVE-2022-37042 Nuclei weaponized template
Zimbra CVE-2022-37042 Nuclei weaponized template. Contribute to aels/CVE-2022-37042 development by creating an account on GitHub.
Windows Privilege Escalation
Part 1 - Unquoted service paths
https://medium.com/@tinopreter/windows-privilege-escalation-1-unquoted-service-paths-975e3ea6f1e9
Part 2 - Hijacking DLLs
https://medium.com/@tinopreter/windows-privilege-escalation-2-hijacking-dlls-28505b68a978
Part 1 - Unquoted service paths
https://medium.com/@tinopreter/windows-privilege-escalation-1-unquoted-service-paths-975e3ea6f1e9
Part 2 - Hijacking DLLs
https://medium.com/@tinopreter/windows-privilege-escalation-2-hijacking-dlls-28505b68a978
Medium
Windows PrivEsc (1) — Unquoted service paths
When starting a service, Windows require the path to the service binary. And if the full path to the binary has spaces in between the…