HoneyPoC is Dead - Long Live Disinformation https://blog.zsec.uk/honeypoc-release/
ZephrSec - Adventures In Information Security
HoneyPoC is Dead - Long Live Disinformation
This short blog post explains what each tool does and overviews the use/reason for the release. Release of AutoPoC and SandboxSpy.
PHP filters chain: What is it and how to use it https://www.synacktiv.com/publications/php-filters-chain-what-is-it-and-how-to-use-it.html
Synacktiv
PHP filters chain: What is it and how to use it
Guest Blog Post - Memory corruption vulnerabilities in Edge https://microsoftedge.github.io/edgevr/posts/memory-corruption-vulnerabilities-in-edge/
Microsoft Browser Vulnerability Research
Guest Blog Post - Memory corruption vulnerabilities in Edge
Introduction
Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889) https://fullhunt.io/blog/2022/10/20/apache-commons-text-rce.html
FullHunt Blog
Log4J-scan update: Detection for Apache Commons Text RCE (CVE-2022-42889)
FullHunt released an update to Log4J-Scan to detect Apache Commons Text RCE (CVE-2022-42889).Detecting Apache Commons Text RCE (CVE-2022-42889)The Apache Com...
[CVE-2022-1786] A Journey To The Dawn https://blog.kylebot.net/2022/10/16/CVE-2022-1786/
kylebot's Blog
[CVE-2022-1786] A Journey To The Dawn
IntroductionBack in April, I found a 0-day vulnerability in the Linux kernel and exploited it on Google’s kCTF platform.I reported the bug to Linux kernel security team and helped them fix the vulnera
SHA-3 Buffer Overflow https://mouha.be/sha-3-buffer-overflow/
List of (automatic) protocol reverse engineering tools for network protocols https://github.com/techge/PRE-list
GitHub
GitHub - techge/PRE-list: List of (automatic) protocol reverse engineering tools for network protocols
List of (automatic) protocol reverse engineering tools for network protocols - techge/PRE-list
Archive Sidestepping: Self-Unlocking Password-Protected RAR https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/archive-sidestepping-self-unlocking-password-protected-rar/
Trustwave
Archive Sidestepping Self-Unlocking Password-Protected RAR
Trustwave SpiderLabs’ spam traps have identified an increase in threats packaged in password-protected archives with about 96% of these being spammed by the Emotet Botnet. In the first half of 2022, we identified password-protected ZIP files as the third…
Canary in the Kernel Mine: Exploiting and Defending Against Same-Type Object Reuse https://grsecurity.net/exploiting_and_defending_against_same_type_object_reuse
grsecurity.net
Canary in the Kernel Mine: Exploiting and Defending Against Same-Type Object Reuse
This blog covers a difficult-to-defend subclass of use-after-free vulnerabilities in the Linux kernel, grsecurity's defense for it, and why our defense required compiler plugin involvement. Included PoC exploits demonstrate the power and simplicity of this…
AmsiScanBuffer https://github.com/D1rkMtr/AmsiScanBuffer
APT27 – One Year To Exfiltrate Them All: Intrusion In-Depth Analysis https://www.intrinsec.com/apt27-analysis/
INTRINSEC
APT27 - One Year To Exfiltrate Them All: Intrusion In-Depth Analysis
Data leak : In-depth forensic & threat intelligence analysis of the tactics, tools & procedures of an advanced and persistant attack, by the Intrinsec CERT.
Ring0VBA - Getting Ring0 Using a Goddamn Word Document https://disrel.com/posts/Ring0VBA-Getting-Ring0-Using-a-Goddamn-Word-Document/
[angry-FSROP] Bypassing vtable Check in glibc File Structures https://blog.kylebot.net/2022/10/22/angry-FSROP/
kylebot's Blog
[angry-FSROP] Bypassing vtable Check in glibc File Structures
IntroductionThe story began with a student, @Ramen, asking me about the status of file structure attacks nowadays two days ago. He told me there were no public attacks that grant PC-control solely fro
Racing Cats to the Exit: A Boring Linux Kernel Use-After-Free https://accessvector.net/2022/linux-itimers-uaf
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows https://www.varonis.com/blog/the-logging-dead-two-windows-event-log-vulnerabilities
Varonis
The Logging Dead: Two Event Log Vulnerabilities Haunting Windows
You don’t have to use Internet Explorer for its legacy to have left you vulnerable to LogCrusher and OverLog, a pair of Windows vulnerabilities discovered by the Varonis Threat Labs team.
Legitimate RATs: a comprehensive forensic analysis of the usual suspects https://www.synacktiv.com/publications/legitimate-rats-a-comprehensive-forensic-analysis-of-the-usual-suspects.html
Synacktiv
Legitimate RATs: a comprehensive forensic analysis of the usual
Chapter 1 — From Gozi to ISFB: The history of a mythical malware family. https://medium.com/csis-techblog/chapter-1-from-gozi-to-isfb-the-history-of-a-mythical-malware-family-82e592577fef
Medium
Chapter 1 — From Gozi to ISFB: The history of a mythical malware family.
Illustrating ISFBs journey from the early start over the leak of Gozi 1 to their recent mutation into LDR4 and its relations to other…
Stranger Strings: An exploitable flaw in SQLite https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/
The Trail of Bits Blog
Stranger Strings: An exploitable flaw in SQLite
Trail of Bits is publicly disclosing CVE-2022-35737, which affects applications that use the SQLite library API. CVE-2022-35737 was introduced in SQLite version 1.0.12 (released on October 17, 2000) and fixed in release 3.39.2 (released on July 21, 2022).…
A technical analysis of the leaked LockBit 3.0 builder https://cybergeeks.tech/a-technical-analysis-of-the-leaked-lockbit-3-0-builder/