From zero to tfp0 - A Walkthrough of the voucher_swap exploit http://highaltitudehacks.com/2020/06/01/from-zero-to-tfp0-part-1-prologue/ and http://highaltitudehacks.com/2020/06/01/from-zero-to-tfp0-part-2-a-walkthrough-of-the-voucher-swap-exploit/
Prateekg147
From zero to tfp0 - Part 1: Prologue
On Jan 22, 2019, Google Project Zero researcher @_bazad tweeted the following.
Understanding and Abusing Process Tokens https://medium.com/@seemant.bisht24/understanding-and-abusing-process-tokens-part-i-ee51671f2cfa
Medium
Understanding and Abusing Process Tokens — Part I
Introduction
Anti-Debugging Technique based on Memory Protection https://isc.sans.edu/diary/rss/26200
SANS Internet Storm Center
Anti-Debugging Technique based on Memory Protection
Anti-Debugging Technique based on Memory Protection, Author: Xavier Mertens
CVE-2020-4450: WebSphere Remote Code Execution Vulnerability Alert https://meterpreter.org/cve-2020-4450-websphere-remote-code-execution-vulnerability-alert
InfoTech News
CVE-2020-4450: WebSphere Remote Code Execution Vulnerability Alert • InfoTech News
Recently, IBM officially issued a notice to fix the remote code execution (CVE-2020-4450) vulnerability in...
A C implementation of tic-tac-toe in a single call to printf https://github.com/carlini/printf-tac-toe —> printf oriented programming becomes a reality!
GitHub
GitHub - carlini/printf-tac-toe: tic-tac-toe in a single call to printf
tic-tac-toe in a single call to printf. Contribute to carlini/printf-tac-toe development by creating an account on GitHub.
ELF file structure: an in-depth look onto the Linux binary format https://metabytezero.blogspot.com/2019/10/elf-file-structure.html
Blogspot
Elf file structure
An in depth-look at the ELF file format. Elf file format tutorial.
Security Scenario Generator (SecGen) creates vulnerable virtual machines to learn security penetration testing techniques https://github.com/cliffe/SecGen
GitHub
GitHub - cliffe/SecGen: Create randomly insecure VMs
Create randomly insecure VMs. Contribute to cliffe/SecGen development by creating an account on GitHub.
Nice tutorial on how to evade antiviruses on fully patched and updated Windows environments using a Python payload https://medium.com/bugbountywriteup/antivirus-evasion-with-python-49185295caf1
Medium
Antivirus Evasion with Python
Malware research developed at Spark 1 Cybersecurity Solutions.
Interested on how Windows Authenticode works? Read our new post! https://reversea.me/index.php/authenticode-i-understanding-windows-authenticode/
An interesting post, remembers me when I was studying Compilers in the BSc. degree :) -- Let's make a Teeny Tiny compiler, part 1 http://web.eecs.utk.edu/~azh/blog/teenytinycompiler1.html
Learn it Faster: The Entire Python Language in a Single Image https://fossbytes.com/learn-it-faster-the-entire-python-language-in-a-single-image/
Fossbytes
Learn it Faster: The Entire Python Language in a Single Image
What if you had to study a single page to get the complete idea language? Today, we are sharing "The Entire Python Language in a Single Image"
Yesterday was Microsoft Patch Tuesday. A lot of interesting stuff was fixed, see https://www.zdnet.com/article/microsoft-june-2020-patch-tuesday-fixes-129-vulnerabilities/
ZDNET
Microsoft June 2020 Patch Tuesday fixes 129 vulnerabilities
This month's updates have started rolling out earlier today.