Nice collection of mindmaps >> https://twitter.com/harshbothra_/status/1423914059271868416?s=09
Twitter
Harsh Bothra
All MindMap that I have made so far 1. Forget Password Vulns: xmind.net/m/nZwbdk/ 2. XML Attacks: xmind.net/m/xNEY9b/ 3. 2FA Bypass Techniques: xmind.net/m/8Hkymg/ 4. Android PT Checklist: xmind.net/m/GkgaYH/ (1/2) #AppSec #hacking #bugbountytips #websecurity
Some Musings on Common (eBPF) Linux Tracing Bugs https://research.nccgroup.com/2021/08/06/some-musings-on-common-ebpf-linux-tracing-bugs/
NCC Group Research Blog
Some Musings on Common (eBPF) Linux Tracing Bugs
Having been in the game of auditing kprobe-based tracers for the past couple of years, and in light of this upcoming DEF CON on eBPF tracer race conditions (which you should go watch) being given b…
Analysis of a Heap Buffer-Overflow Vulnerability in Microsoft Windows Address Book http://blog.exodusintel.com/2021/08/05/analysis-of-a-heap-buffer-overflow-vulnerability-in-microsoft-windows-address-book/
Exodus Intelligence
Analysis of a Heap Buffer-Overflow Vulnerability in Microsoft Windows Address Book - Exodus Intelligence
By Eneko Cruz Elejalde Overview This post analyzes a heap-buffer overflow in Microsoft Windows Address Book. Microsoft released an advisory for this vulnerability for the 2021 February patch Tuesday. This post will go into detail about what Microsoft Windows…
From Stranger to DA // Using PetitPotam to NTLM relay to Domain Administrator https://blog.truesec.com/2021/08/05/from-stranger-to-da-using-petitpotam-to-ntlm-relay-to-active-directory/
Microsoft Patched the Issue With Windows Containers That Enabled Siloscape https://unit42.paloaltonetworks.com/windows-container-escape-patch/
Unit 42
Microsoft Patched the Issue With Windows Containers That Enabled Siloscape
Microsoft recently added additional security checks that address the Windows container escape that enabled Siloscape.
Indra — Hackers Behind Recent Attacks on Iran https://research.checkpoint.com/2021/indra-hackers-behind-recent-attacks-on-iran/
Check Point Research
Indra — Hackers Behind Recent Attacks on Iran - Check Point Research
Check Point Research reveals that a threat actor named Indra is responsible for the attacks against targets in Iran, as well as against companies in Syria.
Uncovering Tetris – a Full Surveillance Kit Running in your Browser https://imp0rtp3.wordpress.com/2021/08/12/tetris/
imp0rtp3
Uncovering Tetris – a Full Surveillance Kit Running in your Browser
Executive Summary A Chinese state sponsored threat actor is targeting Chinese-speaking opposition through waterholed websites.The Campaign uses a modular and custom JS surveillance framework, dubbe…
Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/
PDBRipper is a utility for extract an information from PDB-files https://github.com/horsicq/PDBRipper
GitHub
GitHub - horsicq/PDBRipper: PDBRipper is a utility for extract an information from PDB-files.
PDBRipper is a utility for extract an information from PDB-files. - horsicq/PDBRipper
A Primer On Event Tracing For Windows (ETW) https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
Medium
A Primer On Event Tracing For Windows (ETW)
The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…
Good content here >> Android security guides, roadmap, docs, courses, write-ups, and teryaagh https://github.com/Ralireza/Android-Security-Teryaagh
GitHub
GitHub - Ralireza/Android-Security-Teryaagh: Android security guides, roadmap, docs, courses, write-ups, and teryaagh.
Android security guides, roadmap, docs, courses, write-ups, and teryaagh. - Ralireza/Android-Security-Teryaagh
Identifying Bugs in Router Firmware at Scale with Taint Analysis https://starlabs.sg/blog/2021/08/identifying-bugs-in-router-firmware-at-scale-with-taint-analysis/
The Further Analysis of the Poly Network Attack https://blocksecteam.medium.com/the-further-analysis-of-the-poly-network-attack-6c459199c057
Medium
The Further Analysis of the Poly Network Attack
By BlockSec
The analysis of the DAOMaker attack https://blocksecteam.medium.com/the-analysis-of-the-daomaker-attack-32365c37e7fc
Medium
The analysis of the DAOMaker attack
The attack transaction:
Windows Kernel Exploitation Part 2: Type Confusion https://pwnrip.com/windows-kernel-exploitation-part-2-type-confusion/
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE https://posts.slayerlabs.com/rconfig-vulns/
Slayer Labs – Cyber Range Platform
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE
rConfig 3.9.6 chained exploits
Intigriti’s Flask Challenge Breakdown https://securitygoat.medium.com/intigritis-flask-challenge-breakdown-2c7053764b81
Medium
Intigriti’s Flask Challenge Breakdown
Let’s see what the dev’s have cooked up at Intigriti today! A damn vulnerable & broken Flask application. Let’s hack it for Fun & Learning!
Assembly.Lie – Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code “From Disk” https://blog.redxorblue.com/2021/05/assemblylie-using-transactional-ntfs.html
Redxorblue
Assembly.Lie – Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code “From Disk”
Introduction: Assembly.Load, a method that has been one of the primary reasons for the meteoric rise in offensive tooling written in C# ov...
A quick primer on Frida and Android Instrumentation https://paulsec.github.io/posts/frida-android-primer/
PaulSec's Blog
A quick primer on Frida and Android Instrumentation
Hi everyone!
Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with.
I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what…
Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with.
I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what…