Abusing the COM Registry Structure: CLSID, LocalServer32, & InprocServer32
https://bohops.com/2018/06/28/abusing-com-registry-structure-clsid-localserver32-inprocserver32/
https://bohops.com/2018/06/28/abusing-com-registry-structure-clsid-localserver32-inprocserver32/
Abusing the COM Registry Structure (Part 2): Hijacking & Loading Techniques
https://bohops.com/2018/08/18/abusing-the-com-registry-structure-part-2-loading-techniques-for-evasion-and-persistence/
https://bohops.com/2018/08/18/abusing-the-com-registry-structure-part-2-loading-techniques-for-evasion-and-persistence/
Useful resources for #iOS #pentesting / pwning http://file.allitebooks.com/20170130/iOS%20Penetration%20Testing.pdf
Invisi-Shell
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API.
https://github.com/OmerYa/Invisi-Shell
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API.
https://github.com/OmerYa/Invisi-Shell
GitHub
GitHub - OmerYa/Invisi-Shell: Hide your Powershell script in plain sight. Bypass all Powershell security features
Hide your Powershell script in plain sight. Bypass all Powershell security features - OmerYa/Invisi-Shell
We disclosed two sets of vulnerabilities this week. Live Networks LIVE555 streaming media RTSPServer code execution: http://cs.co/6015D730W
Linksys E Series routers: http://cs.co/6019D730S
Linksys E Series routers: http://cs.co/6019D730S
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation
https://cxsecurity.com/issue/WLB-2018010018
https://cxsecurity.com/issue/WLB-2018010018
Cxsecurity
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation - CXSecurity.com
Andrey Konovalov has realised a new security note Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation
Forwarded from امنیت اطلاعات
Spiesexpose.pdf
1.3 MB
5 Practical Scenarios for XSS Attacks
https://pentest-tools.com/blog/xss-attacks-practical-scenarios/
https://pentest-tools.com/blog/xss-attacks-practical-scenarios/
WebExec - an authenticated RCE vulnerability in Cisco WebEx client
https://blog.skullsecurity.org/2018/technical-rundown-of-webexec
https://blog.skullsecurity.org/2018/technical-rundown-of-webexec