Indra — Hackers Behind Recent Attacks on Iran https://research.checkpoint.com/2021/indra-hackers-behind-recent-attacks-on-iran/
Check Point Research
Indra — Hackers Behind Recent Attacks on Iran - Check Point Research
Check Point Research reveals that a threat actor named Indra is responsible for the attacks against targets in Iran, as well as against companies in Syria.
Uncovering Tetris – a Full Surveillance Kit Running in your Browser https://imp0rtp3.wordpress.com/2021/08/12/tetris/
imp0rtp3
Uncovering Tetris – a Full Surveillance Kit Running in your Browser
Executive Summary A Chinese state sponsored threat actor is targeting Chinese-speaking opposition through waterholed websites.The Campaign uses a modular and custom JS surveillance framework, dubbe…
Advisory: Multiple Issues in Realtek SDK Affects Hundreds of Thousands of Devices Down the Supply Chain https://www.iot-inspector.com/blog/advisory-multiple-issues-realtek-sdk-iot-supply-chain/
PDBRipper is a utility for extract an information from PDB-files https://github.com/horsicq/PDBRipper
GitHub
GitHub - horsicq/PDBRipper: PDBRipper is a utility for extract an information from PDB-files.
PDBRipper is a utility for extract an information from PDB-files. - horsicq/PDBRipper
A Primer On Event Tracing For Windows (ETW) https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
Medium
A Primer On Event Tracing For Windows (ETW)
The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…
Good content here >> Android security guides, roadmap, docs, courses, write-ups, and teryaagh https://github.com/Ralireza/Android-Security-Teryaagh
GitHub
GitHub - Ralireza/Android-Security-Teryaagh: Android security guides, roadmap, docs, courses, write-ups, and teryaagh.
Android security guides, roadmap, docs, courses, write-ups, and teryaagh. - Ralireza/Android-Security-Teryaagh
Identifying Bugs in Router Firmware at Scale with Taint Analysis https://starlabs.sg/blog/2021/08/identifying-bugs-in-router-firmware-at-scale-with-taint-analysis/
The Further Analysis of the Poly Network Attack https://blocksecteam.medium.com/the-further-analysis-of-the-poly-network-attack-6c459199c057
Medium
The Further Analysis of the Poly Network Attack
By BlockSec
The analysis of the DAOMaker attack https://blocksecteam.medium.com/the-analysis-of-the-daomaker-attack-32365c37e7fc
Medium
The analysis of the DAOMaker attack
The attack transaction:
Windows Kernel Exploitation Part 2: Type Confusion https://pwnrip.com/windows-kernel-exploitation-part-2-type-confusion/
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE https://posts.slayerlabs.com/rconfig-vulns/
Slayer Labs – Cyber Range Platform
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE
rConfig 3.9.6 chained exploits
Intigriti’s Flask Challenge Breakdown https://securitygoat.medium.com/intigritis-flask-challenge-breakdown-2c7053764b81
Medium
Intigriti’s Flask Challenge Breakdown
Let’s see what the dev’s have cooked up at Intigriti today! A damn vulnerable & broken Flask application. Let’s hack it for Fun & Learning!
Assembly.Lie – Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code “From Disk” https://blog.redxorblue.com/2021/05/assemblylie-using-transactional-ntfs.html
Redxorblue
Assembly.Lie – Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code “From Disk”
Introduction: Assembly.Load, a method that has been one of the primary reasons for the meteoric rise in offensive tooling written in C# ov...
A quick primer on Frida and Android Instrumentation https://paulsec.github.io/posts/frida-android-primer/
PaulSec's Blog
A quick primer on Frida and Android Instrumentation
Hi everyone!
Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with.
I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what…
Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with.
I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what…
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results in indeterminate SSRF & RFI vulnerabilities https://sick.codes/sick-2021-015/
Sick.Codes
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results…
Title CVE-2021-29922 rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results in indeterminate SSRF & RFI vulnerabilities. CVE ID CVE-2021-29922 CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H…
A collection of links related to VMware escape exploits https://github.com/xairy/vmware-exploitation
GitHub
GitHub - xairy/vmware-exploitation: A collection of links related to VMware escape exploits
A collection of links related to VMware escape exploits - xairy/vmware-exploitation
Windows’ PsSetLoadImageNotifyRoutine Callbacks – The Good, The Bad, and The Unclear (Part 1) https://www.fortinet.com/blog/threat-research/windows-pssetloadimagenotifyroutine-callbacks-the-good-the-bad
Fortinet Blog
Windows’ PsSetLoadImageNotifyRoutine Callbacks – The Good, The Bad, and The Unclear (Part 1)
Learn about an issue in the Windows kernel that could prevent you from identifying which modules have been loaded at runtime in part I of this blog series.…
BUG HUNTING METHODOLOGY FOR BEGINNERS https://infosecwriteups.com/bug-hunting-methodology-for-beginners-20b56f5e7d19
Medium
BUG HUNTING METHODOLOGY FOR BEGINNERS
In this write up I am going to describe the path I walked through the bug hunting from the beginner level. This write-up is purely for new…
How to secure a Windows RPC Server, and how not to https://www.tiraniddo.dev/2021/08/how-to-secure-windows-rpc-server-and.html
www.tiraniddo.dev
How to secure a Windows RPC Server, and how not to.
The PetitPotam technique is still fresh in people's minds. While it's not directly an exploit it's a useful step to get unauthenticated NTL...
Learning Linux Kernel Exploitation (1/3, check others in the post) https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/
My cool site
Learning Linux Kernel Exploitation - Part 1
The first part of the series about learning Linux kernel exploitation through hxpCTF2020 kernel-rop: Setting up the environment and the simplest technique of ret2usr