A Primer On Event Tracing For Windows (ETW) https://nasbench.medium.com/a-primer-on-event-tracing-for-windows-etw-997725c082bf
Medium
A Primer On Event Tracing For Windows (ETW)
The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…
Good content here >> Android security guides, roadmap, docs, courses, write-ups, and teryaagh https://github.com/Ralireza/Android-Security-Teryaagh
GitHub
GitHub - Ralireza/Android-Security-Teryaagh: Android security guides, roadmap, docs, courses, write-ups, and teryaagh.
Android security guides, roadmap, docs, courses, write-ups, and teryaagh. - Ralireza/Android-Security-Teryaagh
Identifying Bugs in Router Firmware at Scale with Taint Analysis https://starlabs.sg/blog/2021/08/identifying-bugs-in-router-firmware-at-scale-with-taint-analysis/
The Further Analysis of the Poly Network Attack https://blocksecteam.medium.com/the-further-analysis-of-the-poly-network-attack-6c459199c057
Medium
The Further Analysis of the Poly Network Attack
By BlockSec
The analysis of the DAOMaker attack https://blocksecteam.medium.com/the-analysis-of-the-daomaker-attack-32365c37e7fc
Medium
The analysis of the DAOMaker attack
The attack transaction:
Windows Kernel Exploitation Part 2: Type Confusion https://pwnrip.com/windows-kernel-exploitation-part-2-type-confusion/
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE https://posts.slayerlabs.com/rconfig-vulns/
Slayer Labs – Cyber Range Platform
rConfig 3.9.6 - Magic Hash Auth Bypass to RCE
rConfig 3.9.6 chained exploits
Intigriti’s Flask Challenge Breakdown https://securitygoat.medium.com/intigritis-flask-challenge-breakdown-2c7053764b81
Medium
Intigriti’s Flask Challenge Breakdown
Let’s see what the dev’s have cooked up at Intigriti today! A damn vulnerable & broken Flask application. Let’s hack it for Fun & Learning!
Assembly.Lie – Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code “From Disk” https://blog.redxorblue.com/2021/05/assemblylie-using-transactional-ntfs.html
Redxorblue
Assembly.Lie – Using Transactional NTFS and API Hooking to Trick the CLR into Loading Your Code “From Disk”
Introduction: Assembly.Load, a method that has been one of the primary reasons for the meteoric rise in offensive tooling written in C# ov...
A quick primer on Frida and Android Instrumentation https://paulsec.github.io/posts/frida-android-primer/
PaulSec's Blog
A quick primer on Frida and Android Instrumentation
Hi everyone!
Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with.
I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what…
Here is a pretty quick blog post on some Frida/Objection things I’ve been tinkering with.
I had this Android application which had premium features and wanted to understand how that mechanism worked and if it was robust enough. Let’s see what…
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results in indeterminate SSRF & RFI vulnerabilities https://sick.codes/sick-2021-015/
Sick.Codes
CVE-2021-29922 – rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results…
Title CVE-2021-29922 rust standard library “net” – Improper Input Validation of octal literals in rust 1.52.0 std::net and below results in indeterminate SSRF & RFI vulnerabilities. CVE ID CVE-2021-29922 CVSS Score 9.1 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H…
A collection of links related to VMware escape exploits https://github.com/xairy/vmware-exploitation
GitHub
GitHub - xairy/vmware-exploitation: A collection of links related to VMware escape exploits
A collection of links related to VMware escape exploits - xairy/vmware-exploitation
Windows’ PsSetLoadImageNotifyRoutine Callbacks – The Good, The Bad, and The Unclear (Part 1) https://www.fortinet.com/blog/threat-research/windows-pssetloadimagenotifyroutine-callbacks-the-good-the-bad
Fortinet Blog
Windows’ PsSetLoadImageNotifyRoutine Callbacks – The Good, The Bad, and The Unclear (Part 1)
Learn about an issue in the Windows kernel that could prevent you from identifying which modules have been loaded at runtime in part I of this blog series.…
BUG HUNTING METHODOLOGY FOR BEGINNERS https://infosecwriteups.com/bug-hunting-methodology-for-beginners-20b56f5e7d19
Medium
BUG HUNTING METHODOLOGY FOR BEGINNERS
In this write up I am going to describe the path I walked through the bug hunting from the beginner level. This write-up is purely for new…
How to secure a Windows RPC Server, and how not to https://www.tiraniddo.dev/2021/08/how-to-secure-windows-rpc-server-and.html
www.tiraniddo.dev
How to secure a Windows RPC Server, and how not to.
The PetitPotam technique is still fresh in people's minds. While it's not directly an exploit it's a useful step to get unauthenticated NTL...
Learning Linux Kernel Exploitation (1/3, check others in the post) https://lkmidas.github.io/posts/20210123-linux-kernel-pwn-part-1/
My cool site
Learning Linux Kernel Exploitation - Part 1
The first part of the series about learning Linux kernel exploitation through hxpCTF2020 kernel-rop: Setting up the environment and the simplest technique of ret2usr
A Bug's Life: CVE-2021-21225 https://tiszka.com/blog/CVE_2021_21225.html
Exploiting CVE-2021-21225 and disabling W^X https://tiszka.com/blog/CVE_2021_21225_exploit.html
Disabling Office Macros to Reduce Malware Infections https://research.nccgroup.com/2021/08/16/disabling-office-macros-to-reduce-malware-infections/
NCC Group Research Blog
Disabling Office Macros to Reduce Malware Infections
Category: Reduction/Prevention Overview Document macros have gone in and out of style since 1995 as a deployment method for malware. Netskope’s latest ‘Cloud and Threat Report: July 2021 Edit…
Check CopyOnDeletePE feature of SysMon, if enabled, it keeps a copy of any PE file being deleted https://docs.microsoft.com/en-us/sysinternals/downloads/sysmon#usage
Docs
Sysmon - Sysinternals
Monitors and reports key system activity via the Windows event log.
North Korean APT InkySquid Infects Victims Using Browser Exploits https://www.volexity.com/blog/2021/08/17/north-korean-apt-inkysquid-infects-victims-using-browser-exploits
Volexity
North Korean APT InkySquid Infects Victims Using Browser Exploits
Volexity recently investigated a strategic web compromise (SWC) of the website of the Daily NK (www.dailynk[.]com), a South Korean online newspaper that focuses on issues relating to North Korea. Malicious […]