FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
https://github.com/WKL-Sec/FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
https://github.com/WKL-Sec/FuncAddressPro
GitHub
GitHub - WKL-Sec/FuncAddressPro: A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative…
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress. - WKL-Sec/FuncAddressPro
🔥1
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762
https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762
www.assetnote.io
Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762
Early this February, Fortinet released an advisory for an "out-of-bounds write vulnerability" that could lead to remote code execution. The issue affected the SSL VPN component of their FortiGate network appliance and was potentially already being exploited…
🔥5
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
https://connormcgarr.github.io/hvci/
https://connormcgarr.github.io/hvci/
Connor McGarr’s Blog
Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG
Dealing with Virtualization-Based Security (VBS), Hypervisor-Protected Code Integrity (HVCI), and Kernel Control Flow Guard (kCFG).
🔥4
Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation. (CVE-2023-36424)
https://github.com/Nassim-Asrir/CVE-2023-36424
https://github.com/Nassim-Asrir/CVE-2023-36424
GitHub
GitHub - zerozenxlabs/CVE-2023-36424: Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation
Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation - zerozenxlabs/CVE-2023-36424
🔥2
VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021) source code + video walkthrough
https://zerodayengineering.com/research/pwn2own-2021-vm-escape.html
A virtual machine escape exploit will typically require kernel privileges in the guest OS. In this exploit it off-loading the reverse-engineered toolgate protocol implementation to a Python module, while keeping low-level kernel code minimal, just enough to implement the attack interface - a nod to the principle of least privilege in systematic software engineering, which is missed a lot in non-trivial exploit development.
ⓒ Alisa Shevchenko
https://zerodayengineering.com/research/pwn2own-2021-vm-escape.html
A virtual machine escape exploit will typically require kernel privileges in the guest OS. In this exploit it off-loading the reverse-engineered toolgate protocol implementation to a Python module, while keeping low-level kernel code minimal, just enough to implement the attack interface - a nod to the principle of least privilege in systematic software engineering, which is missed a lot in non-trivial exploit development.
ⓒ Alisa Shevchenko
🔥2
Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit
https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/
https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/
Sekoia.io Blog
Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit
Tycoon 2FA has become one of the most widespread adversary-in-The-Middle (AiTM) phishing kits over the last few months.
🔥2
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
https://github.com/notselwyn/cve-2024-1086
https://github.com/notselwyn/cve-2024-1086
GitHub
GitHub - Notselwyn/CVE-2024-1086: Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most…
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9...
🔥3💩1
A Practical Tutorial on PCIe for Total Beginners on Windows
https://ctf.re/windows/kernel/pcie/tutorial/2023/02/14/pcie-part-1/
PCIe Part 2 - All About Memory: MMIO, DMA, TLPs, and more!
https://ctf.re/kernel/pcie/tutorial/dma/mmio/tlp/2024/03/26/pcie-part-2/
https://ctf.re/windows/kernel/pcie/tutorial/2023/02/14/pcie-part-1/
PCIe Part 2 - All About Memory: MMIO, DMA, TLPs, and more!
https://ctf.re/kernel/pcie/tutorial/dma/mmio/tlp/2024/03/26/pcie-part-2/
Reversing Engineering for the Soul
A Practical Tutorial on PCIe for Total Beginners on Windows (Part 1)
Delving into the internals of PCIe by exploring practical examples and exercises
🔥3
GitHub - berylliumsec/neutron: AI Powered Terminal Based Ethical Hacking Assistant
https://github.com/berylliumsec/neutron
https://github.com/berylliumsec/neutron
GitHub
GitHub - berylliumsec/neutron: AI Powered Terminal Based Ethical Hacking Assistant
AI Powered Terminal Based Ethical Hacking Assistant - berylliumsec/neutron
🔥5
Pre-Pentest Checklist Part 1: Essential Questions to Answer Before Your Next Pentest
https://www.hackerone.com/penetration-testing/pre-pentest-checklist-part1
https://www.hackerone.com/penetration-testing/pre-pentest-checklist-part1
HackerOne
Pre-Pentest Checklist: Essential Questions to Answer Before Your Next Pentest | HackerOne
Explore the foundational aspects of pentesting—focusing on 12 questions that answer the "what" and "why" of pentesting.
🔥3
ExploitGSM
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
https://github.com/YuriiCrimson/ExploitGSM
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
https://github.com/YuriiCrimson/ExploitGSM
GitHub
GitHub - YuriiCrimson/ExploitGSM: Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5 - YuriiCrimson/ExploitGSM
🔥4👎2