Nice introduction to ROP » A Gentle Intro to ROP and Bypassing DEP https://cwinfosec.org/Intro-ROP-DEP-Bypass/
cwinfosec
A Gentle Intro to ROP and Bypassing DEP
This post is intended as a soft introduction to return-oriented-programming and bypassing DEP. Nothing in this blog post is new or ground-breaking research; however, sometimes it helps to hear another point of view. Today we will be looking at a very basic…
WMEye: a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement https://github.com/pwn1sher/WMEye
GitHub
GitHub - pwn1sher/WMEye: WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement
WMEye is a post exploitation tool that uses WMI Event Filter and MSBuild Execution for lateral movement - pwn1sher/WMEye
PrintNightmare and SSH Tunnels for Fun https://marcusedmondson.com/2021/12/29/printnightmare-and-ssh-tunnels-for-fun/
Marcus Edmondson | Offensive Security | Information Security
PrintNightmare and SSH Tunnels for Fun
Today I wanted to cover a subject that has been covered many times before, but writing about the techniques and tools I am learning helps me solidify my knowledge so here we go. Today’s post …
Nice resources here » A curated list of awesome malware analysis tools and resources https://github.com/rshipp/awesome-malware-analysis
GitHub
GitHub - rshipp/awesome-malware-analysis: Defund the Police.
Defund the Police. Contribute to rshipp/awesome-malware-analysis development by creating an account on GitHub.
Reverse Engineering Yaesu FT-70D Firmware Encryption https://landaire.net/reversing-yaesu-firmware-encryption/
lander's posts
Reverse Engineering Yaesu FT-70D Firmware Encryption
A Memory Visualiser Tool for iOS Security Research https://bellis1000.medium.com/a-memory-visualiser-tool-for-ios-security-research-bd8bb8c334c6
Medium
A Memory Visualiser Tool for iOS Security Research
Happy New Year!🥳
Release of PTE Analysis plugins for Volatility 3 https://insinuator.net/2021/12/release-of-pte-analysis-plugins-for-volatility-3/
Malware repository, with analysis exercises for training https://github.com/jstrosch/malware-samples
GitHub
GitHub - jstrosch/malware-samples: Malware samples, analysis exercises and other interesting resources.
Malware samples, analysis exercises and other interesting resources. - jstrosch/malware-samples
How I found (and fixed) a vulnerability in Python https://www.tldr.engineering/how-i-found-and-fixed-a-vulnerability-in-python/
C++ Memory Corruption (std::vector) - part 2 https://blog.infosectcbr.com.au/2022/01/c-memory-corruption-stdvector-part-2.html
blog.infosectcbr.com.au
C++ Memory Corruption (std::vector) - part 2
Summary This is the 2nd part of the C++ memory corruption series*. In this post, we'll look at corrupting the std::vector class in Linux and...
Cache Poisoning at Scale https://youst.in/posts/cache-poisoning-at-scale/
CVE-2017-5816 HP iMC PLAT RCE Whitepaper https://oxagast.org/posts/CVE-2017-5816/
Source codes of Windows API Exploitation for Red and Blue teams from Pentester Academy https://github.com/tbhaxor/WinAPI-RedBlue
GitHub
GitHub - tbhaxor/WinAPI-RedBlue: Source code of exploiting windows API for red teaming series
Source code of exploiting windows API for red teaming series - tbhaxor/WinAPI-RedBlue
Exploring Token Members Part 1 https://jsecurity101.medium.com/exploring-token-members-part-1-48bce8004c6a
Medium
Exploring Token Members Part 1
Introduction
Persistence without “Persistence”: Meet The Ultimate Persistence Bug – “NoReboot” https://blog.zecops.com/research/persistence-without-persistence-meet-the-ultimate-persistence-bug-noreboot/
The Mac Malware of 2021 👾 a comprehensive analysis of the year's new malware! https://objective-see.com/blog/blog_0x6B.html
Objective-See
The Mac Malware of 2021 👾
a comprehensive analysis of the year's new malware!
Attackers test “CAB-less 40444” exploit in a dry run https://news.sophos.com/en-us/2021/12/21/attackers-test-cab-less-40444-exploit-in-a-dry-run/
Sophos
Attackers test “CAB-less 40444” exploit in a dry run
An updated exploit takes a circuitous route to trigger a Word document into delivering an infection without using macros
A curated list of Frida resources https://github.com/dweinstein/awesome-frida
GitHub
GitHub - dweinstein/awesome-frida: Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida)
Awesome Frida - A curated list of Frida resources http://www.frida.re/ (https://github.com/frida/frida) - dweinstein/awesome-frida
Elephant Beetle: Uncovering an Organized Financial-Theft Operation https://blog.sygnia.co/elephant-beetle-an-organized-financial-theft-operation
Sygnia
Elephant Beetle: Uncovering an Organized Financial-Theft Operation
Sygnia’s IR team has identified the Elephant Beetle threat group, an organized, significant financial-theft operation threatening global enterprises.