Buffer Overflow Practical Examples , metasploit , gdb and objdump ! - protostar stack3
https://0xrick.github.io/binary-exploitation/bof3/
https://0xrick.github.io/binary-exploitation/bof3/
0xRick's Blog
Buffer Overflow Examples, Overwriting a function pointer - protostar stack3
Another post where I overwrite a variable value which is used as a function pointer. (x32)
BOVSTT – Buffer Overflow Vulnerability Services Tester Tool
https://hakin9.org/bovstt-buffer-overflow-vulnerability-services-tester-tool/
https://hakin9.org/bovstt-buffer-overflow-vulnerability-services-tester-tool/
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492)
https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
https://bohops.com/2019/01/10/com-xsl-transformation-bypassing-microsoft-application-control-solutions-cve-2018-8492/
bohops
COM XSL Transformation: Bypassing Microsoft Application Control Solutions (CVE-2018-8492)
Introduction Greetings, Everyone! It has been several months since I’ve blogged, so it seems fitting to start the New Year off with a post about two topics that I thoroughly enjoy exploring: …
Some CNA scripts with great ideas like Invoke-CredLeak to get the NETNTLMv2 hash for a user when on a machine for cracking.
https://github.com/vysecurity/Aggressor-VYSEC
https://github.com/vysecurity/Aggressor-VYSEC
GitHub
GitHub - vysecurity/Aggressor-VYSEC
Contribute to vysecurity/Aggressor-VYSEC development by creating an account on GitHub.
Creating Symbolic Links in Windows 10
https://decoder.cloud/2019/01/04/creating-symbolic-links-in-windows-10/
https://decoder.cloud/2019/01/04/creating-symbolic-links-in-windows-10/
Hunting for Privilege Escalation in Windows Environment
https://speakerdeck.com/heirhabarov/hunting-for-privilege-escalation-in-windows-environment
https://speakerdeck.com/heirhabarov/hunting-for-privilege-escalation-in-windows-environment
Speaker Deck
Hunting for Privilege Escalation in Windows Environment
Slides from my talk at the OFFZONE 2018 conference (https://www.offzone.moscow/report/hunting-for-privilege-escalation-in-windows-environment/)
Z-WASP attack: hackers used Zero-Width spaces to bypass Office 365 protections
https://securityaffairs.co/wordpress/79791/hacking/z-wasp-attack-phishing.html
https://securityaffairs.co/wordpress/79791/hacking/z-wasp-attack-phishing.html
Security Affairs
Z-WASP attack: hackers used Zero-Width spaces to bypass Office 365 protections
Z-WASP attack - Phishers used a recently fixed flaw in Office 365 that allows them to bypass protections using zero-width spaces.
Buffer Overflow Practical Examples , Exploiting EIP - protostar stack4
https://0xrick.github.io/binary-exploitation/bof4/
https://0xrick.github.io/binary-exploitation/bof4/
0xRick's Blog
Buffer Overflow Examples, Taking control of the instruction pointer - protostar stack4
Another buffer overflow example where I overwrite EIP to redirect code execution. (x32)
How Shadow SUIDs Can be Used to Exploit Linux Systems? Part 1
https://www.sentinelone.com/blog/protecting-linux-devices-from-shadow-suid-exploitation/
https://www.sentinelone.com/blog/protecting-linux-devices-from-shadow-suid-exploitation/
SentinelOne
Protecting Linux Devices from Shadow SUID exploitation - Feature Spotlight | SentinelOne
Find out more on SentinelOne Linux agent new feature - Shadow SUID Protection. Learn why it's important and how SentinelOne customers can stay safe
Active Directory Penetration Dojo – AD Environment Enumeration -1
https://scriptdotsh.com/index.php/2019/01/01/active-directory-penetration-dojo-ad-environment-enumeration-1/
https://scriptdotsh.com/index.php/2019/01/01/active-directory-penetration-dojo-ad-environment-enumeration-1/
Buffer Overflow Practical Examples , Shellcode Injection and Local Privilege Escalation - protostar stack5
https://0xrick.github.io/binary-exploitation/bof5/
https://0xrick.github.io/binary-exploitation/bof5/
0xRick's Blog
Buffer Overflow Examples, Code execution by shellcode injection - protostar stack5
In this binary exploitation post I show a simple buffer overflow exploited to get code execution by shellcode injection in case the stack is executable. (x32)