Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.10.05.md

MySQL in Microservices Environments - https://www.percona.com/blog/mysql-in-microservices-environments/
THE YARALYZER - https://github.com/michelcrypt4d4mus/yaralyzer
Brad Duncan - Characteristics of Emotet Infections - https://www.youtube.com/watch?v=2Tf5NYJViJI
Using Havoc C2 to exploit Win11 machine - https://www.youtube.com/watch?v=pso2LAONCJ8
When Athletic Abilities Just Aren't Enough - Scoreboard Hacking Part 1 - https://maxwelldulin.com/BlogPost/Scoreboard-Hacking-Signal-Analysis-Part-1

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.10.01.md

Tips and tricks for reversing foreign architecture games - https://mahaloz.re/2022/09/23/0ctf22-rev.html
The Book of CP-System - https://fabiensanglard.net/cpsb/index.html
A technical analysis of Pegasus for Android – Part 1 - https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-1/
Microsoft Windows Shift F10 Bypass and Autopilot privilge escalation - https://k4m1ll0.com/ShiftF10Bypass-and-privesc.html
/dev/kmem + GDB Stub = kmemd - https://wkz.github.io/post/kmemd/

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.28.md

Making HTTP header injection critical via response queue poisoning - https://portswigger.net/research/making-http-header-injection-critical-via-response-queue-poisoning
Raspberry Robin’s Roshtyak: A Little Lesson in Trickery - https://decoded.avast.io/janvojtesek/raspberry-robins-roshtyak-a-little-lesson-in-trickery/
The Memory Process File System - https://github.com/ufrisk/MemProcFS
Phishing attacks skyrocketing, over 1 million observed - https://www.helpnetsecurity.com/2022/09/26/phishing-activity-trends-2022/
How I Hacked my Car - https://programmingwithstyle.com/posts/howihackedmycar/

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.26.md

A technical analysis of the leaked LockBit 3.0 builder https://cybergeeks.tech/a-technical-analysis-of-the-leaked-lockbit-3-0-builder/
Quokka: A Fast and Accurate Binary Exporter - https://blog.quarkslab.com/quokka-a-fast-and-accurate-binary-exporter.html
Azure Attack Paths - https://cloudbrothers.info/azure-attack-paths/
Technical Analysis of Crytox Ransomware - https://www.zscaler.com/blogs/security-research/technical-analysis-crytox-ransomware
Proof of Concept or GTFO - https://github.com/angea/pocorgtfo

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.24.md

Zoom RCE via XMPP Stanza Smuggling - https://www.youtube.com/watch?v=mnCpFy_-fCc
Breaking Bitbucket: Pre Auth Remote Command Execution (CVE-2022-36804) - https://blog.assetnote.io/2022/09/14/rce-in-bitbucket-server/
Unstripping Stripped Binaries - https://lock.cmpxchg8b.com/symbols.html
Open Source EDR for Windows - https://github.com/0xrawsec/whids
Fake Security App Found Abuses Japanese Payment System - https://www.mcafee.com/blogs/other-blogs/mcafee-labs/fake-security-app-found-abusing-japanese-payment-system/

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.22.md

Find secrets and passwords in container images and file systems - https://github.com/deepfence/SecretScanner
Ready to go Phishing Platform - https://github.com/JoelGMSec/EvilnoVNC
Cloudflare's abuse policies & approach - https://blog.cloudflare.com/cloudflares-abuse-policies-and-approach/
A web front-end for password cracking and analytics - https://github.com/hashview/hashview
IntelMQ is a solution for IT security teams - https://github.com/certtools/intelmq

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.16.md
A technical analysis of Pegasus for Android – Part 1 - https://cybergeeks.tech/a-technical-analysis-of-pegasus-for-android-part-1/
Private DBaaS with Free Kubernetes Cluster - https://www.percona.com/blog/private-dbaas-with-free-kubernetes-cluster/
A rule-based tunnel in Go - https://github.com/Dreamacro/clash
Monitoring and Tuning the Linux Networking Stack: Sending Data - https://blog.packagecloud.io/monitoring-tuning-linux-networking-stack-sending-data/
Attacking the Android kernel using the Qualcomm TrustZone - https://tamirzb.com/attacking-android-kernel-using-qualcomm-trustzone

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.14.md
These Weeks In Firefox: Issue 123 - https://blog.nightly.mozilla.org/2022/09/09/these-weeks-in-firefox-issue-122-2/
Active Directory Certificate Services Abuse - https://rayrt.gitlab.io/posts/Active-Directory-Certificate-Services-Abuse/
CVE-2017-2533 - The details behind - https://theevilbit.github.io/posts/cve-2017-2533/
Suborner: The Invisible Account Forger - https://github.com/r4wd3r/Suborner
Blind exploits to rule WatchGuard firewalls - https://www.ambionics.io/blog/hacking-watchguard-firewalls

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.12.md
Keyhacks is a repository which shows quick ways in which API keys - https://github.com/streaak/keyhacks
The Elastic Container Project - https://github.com/peasead/elastic-container
Step-by-Step Walkthrough of CVE-2022-32792 - WebKit B3ReduceStrength Out-of-Bounds Write - https://starlabs.sg/blog/2022/09-step-by-step-walkthrough-of-cve-2022-32792/
My Offensive Security Exploit Developer Review - https://nop-blog.tech/blog/osed/
WriteProcessMemoryAPC - Write memory to a remote process using APC calls - https://www.x86matthew.com/view_post?id=writeprocessmemory_apc

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.10.md
Working with HTTP/2 in Burp Suite - https://portswigger.net/burp/documentation/desktop/http2
Anatomy of an exploit in Windows win32k – CVE-2022-21882 - https://www.avira.com/en/blog/anatomy-of-an-exploit-in-windows-win32k-cve-2022-21882
Windows System Calls For Hunters - https://marcoramilli.com/2022/08/23/windows-system-calls-for-hunters/
Bypassing UAC in the most Complex Way Possible! - https://www.tiraniddo.dev/2022/03/bypassing-uac-in-most-complex-way.html
Blackhat 2022 all the slides - https://twitter.com/akaclandestine/status/1564696286443487233

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.09.08.md
Hacking my Helium Crypto Miner - https://zolder.io/hacking-my-helium-crypto-miner/
James Webb JPEG With Malware - https://www.youtube.com/watch?v=_JHYGpYAuAQ
Living-Off-the-Blindspot - Operating into EDRs’ blindspot - https://www.naksyn.com/edr%20evasion/2022/09/01/operating-into-EDRs-blindspot.html
OSCP tips and tricks - https://therealunicornsecurity.github.io/OSCP/
A Syscall Journey in the Windows Kernel - https://alice.climent-pommeret.red/posts/a-syscall-journey-in-the-windows-kernel/

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.08.29.md
OFRAK: unpack, modify, and repack binaries - https://github.com/redballoonsecurity/ofrak
SATisfying our way into remote code execution in the OPC UA industrial stack - https://jfrog.com/blog/satisfying-our-way-into-remote-code-execution-in-the-opc-ua-industrial-stack/
MHDDoS - DDoS Attack Script With 56 Methods - https://github.com/MatrixTM/MHDDoS
FwHunt Community Scanner - https://github.com/binarly-io/fwhunt-scan
Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling - https://portswigger.net/research/browser-powered-desync-attacks