Security Analysis of WeChat’s MMTLS Encryption Protocol
Coverage-guided Fuzzing as Online Stochastic Control
Discover Microsoft Browser 0-DAY (CVE-2024-38178)
control over the Outlook desktop application and therefore to the emails configured in it (Github)
Let’s Clone a Cloner - Part 2: You Have No Power Here (hardware hacking)
persistence techniques for macOS
Attacking the Samsung Galaxy A* Boot Chain
Make Binwalk Fast Again - Rust Rewrite of Binwalk is in Beta
Coverage-guided Fuzzing as Online Stochastic Control
Discover Microsoft Browser 0-DAY (CVE-2024-38178)
control over the Outlook desktop application and therefore to the emails configured in it (Github)
Let’s Clone a Cloner - Part 2: You Have No Power Here (hardware hacking)
persistence techniques for macOS
Attacking the Samsung Galaxy A* Boot Chain
Make Binwalk Fast Again - Rust Rewrite of Binwalk is in Beta
Automating binary vulnerability discovery with Ghidra and Semgrep
https://security.humanativaspa.it/automating-binary-vulnerability-discovery-with-ghidra-and-semgrep/
https://security.humanativaspa.it/automating-binary-vulnerability-discovery-with-ghidra-and-semgrep/
HN Security
HN Security Automating binary vulnerability discovery with Ghidra and Semgrep
Introducing new binary vulnerability research tools and methodology, based on custom Ghidra plugins and Semgrep.
Linux kernel instrumentation from Qemu and Gdb
https://blog.quarkslab.com/linux-kernel-instrumentation-from-qemu-and-gdb.html
https://blog.quarkslab.com/linux-kernel-instrumentation-from-qemu-and-gdb.html
Quarkslab
Linux kernel instrumentation from Qemu and Gdb - Quarkslab's blog
Techniques for analyzing binaries or kernel modules that may try to monitor themselves, similar to malware behavior. To avoid detection during analysis, one approach is to use an hypervisor like QEMU to conduct research within a virtualized environment. Although…
Pitfalls of COM object activation
How to Use Windows Volume Shadow Copies in Digital Forensics
Shellcode: Obfuscation with Permutations
Relay Attack on WinReg RPC Client
bedevil: Dynamic Linker Patching
Exploit for Grafana arbitrary file-read (CVE-2024-9264)
chill kernel hacking for fun (week 38, debug stack crash)
How to Use Windows Volume Shadow Copies in Digital Forensics
Shellcode: Obfuscation with Permutations
Relay Attack on WinReg RPC Client
bedevil: Dynamic Linker Patching
Exploit for Grafana arbitrary file-read (CVE-2024-9264)
chill kernel hacking for fun (week 38, debug stack crash)
You can be an iOS hacker: Stack Pivots and JOP/ROPs , Lina Lau - BSides Canberra 2024
13Cubed XINTRA Lab Walkthrough
SSD Advisory – Common Log File System (CLFS) driver PE
Redefining Security Boundaries: Unveiling Hypervisor-Backed Security Features For Windows Security
Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1
Android Hacking for Beginners
13Cubed XINTRA Lab Walkthrough
SSD Advisory – Common Log File System (CLFS) driver PE
Redefining Security Boundaries: Unveiling Hypervisor-Backed Security Features For Windows Security
Everyday Ghidra: Ghidra Data Types— When to Create Custom GDTs — Part 1
Android Hacking for Beginners
Frida Script Runner is a versatile web-based tool designed for Android and iOS penetration testing purposes.
https://github.com/z3n70/Frida-Script-Runner
https://github.com/z3n70/Frida-Script-Runner
GitHub
GitHub - z3n70/Frida-Script-Runner: Web-based Frida framework and toolkit for Android & iOS penetration testing, mobile security…
Web-based Frida framework and toolkit for Android & iOS penetration testing, mobile security, and dynamic analysis, featuring AI-assisted Frida script generation. - z3n70/Frida-Script-Runner
Я написал небольшой туториал по созданию андроид приложения на Xamarin, которое делает Reflective Loading! 🥰
Leveling Up Fuzzing: Finding more vulnerabilities with AI
Persistent Root Shell via IoT Firmware Modification - Rooting a TP-Link Security Camera
V8 Sandbox Bypass: stack corruption due to parameter count mismatch
Слайды/Видео r2con2024
PagedOut_005
Exceptions on macOS
IDA Pro Productivity Tips & Tricks!
Learning LLVM (Part-3)
what happens when your CPU has a bug?
Known Attacks On Elliptic Curve Cryptography
Pishi: Coverage guided macOS KEXT fuzzing.
P.S. Скоро еще одна моя статья выйдет
Leveling Up Fuzzing: Finding more vulnerabilities with AI
Persistent Root Shell via IoT Firmware Modification - Rooting a TP-Link Security Camera
V8 Sandbox Bypass: stack corruption due to parameter count mismatch
Слайды/Видео r2con2024
PagedOut_005
Exceptions on macOS
IDA Pro Productivity Tips & Tricks!
Learning LLVM (Part-3)
what happens when your CPU has a bug?
Known Attacks On Elliptic Curve Cryptography
Pishi: Coverage guided macOS KEXT fuzzing.
P.S. Скоро еще одна моя статья выйдет
Inside a New OT/IoT Cyberweapon: IOCONTROL
https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
https://claroty.com/team82/research/inside-a-new-ot-iot-cyber-weapon-iocontrol
Claroty
Inside a New OT/IoT Cyberweapon: IOCONTROL
Team82 has researched a malware sample called IOCONTROL linked to an Iran-based attack group used to target IoT and OT civilian infrastructure in the U.S. and Israel.
Forwarded from Black Mass Research Group (Bot)
This media is not supported in your browser
VIEW IN TELEGRAM
Friends, today we are announcing our first of many public malware projects. Today we present MineGrief by Chebuya. This is a very interesting piece of malware. It spreads itself to minecraft servers using an undisclosed bug and phishes users, allowing the controller to encrypt servers, exfiltrate files and do whatever they'd like on the infected hosts.
This code has been verified to work. The exploit for Crafty does require authentication, but many panels leave their credentials default which is always the same until very recently.
You can clone the code here:
https://github.com/blackmassgroup/minegrief
Please enjoy!
This code has been verified to work. The exploit for Crafty does require authentication, but many panels leave their credentials default which is always the same until very recently.
You can clone the code here:
https://github.com/blackmassgroup/minegrief
Please enjoy!
Reverse Engineering and Instrumenting React Native Apps
https://pilfer.github.io/mobile-reverse-engineering/react-native/reverse-engineering-and-instrumenting-react-native-apps/
https://pilfer.github.io/mobile-reverse-engineering/react-native/reverse-engineering-and-instrumenting-react-native-apps/
pilfer.github.io
Reverse Engineering and Instrumenting React Native Apps
An adventure involving injecting JavaScript into the React Native global context, accessing onPress events, and overriding prototypes
TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution
https://arxiv.org/abs/2406.08719
https://arxiv.org/abs/2406.08719
arXiv.org
TikTag: Breaking ARM's Memory Tagging Extension with...
ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8.5-A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE makes it an...