#informatyka

10
Przeglądasz wpisy z tego tagu
0
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.24.md Linux.Nasty: Assembly x64 ELF virus - https://www.guitmz.com/linux-nasty-elf-virus/ Red Team Tactics: Utilizing Syscalls in C# - Prerequisite Knowledge - https://jhalon.github.io/utilizing-syscalls-in-csharp-1/ Dogwalk Proof-of-Conceptfeet - https://github.com/ariary/Dogwalk-rce-poc iOS 16 - restricted Userclients - https://saaramar.github.io/ios16_restricted_iouserclients/ Ransomware Group Debuts Searchable Victim Data - https://krebsonsecurity.com/2022/06/ransomware-group-debuts-searchable-victim-data/
news-and-links/2022.06.24.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.24.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.22.md Not all "Internet Connections" are Equal - https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/not-all-internet-connections-are-equal/ Linux Threat Hunting: ‘Syslogk’ a kernel rootkit - https://decoded.avast.io/davidalvarez/linux-threat-hunting-syslogk-a-kernel-rootkit-found-under-development-in-the-wild/ Hands-on: X25519 Key Exchange - https://x25519.ulfheim.net/ The Android kernel mitigations obstacle race - https://github.blog/2022-06-16-the-android-kernel-mitigations-obstacle-race/ A not-so-common and stupid privilege escalation - https://decoder.cloud/2022/04/25/a-not-so-common-and-stupid-privilege-escalation/
news-and-links/2022.06.22.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.22.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

0
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.20.md Guide to Reversing and Exploiting iOS binaries Part 2: ARM64 ROP Chains - https://www.inversecos.com/2022/06/guide-to-reversing-and-exploiting-ios.html Android 101 - https://secrary.com/android-reversing/android101/ How to download eBooks from Google Play Store without paying for them - https://webs3c.com/t/how-to-download-ebooks-from-google-play-store-without-paying-for-them/79 Unbricking SHIELD TV (2015) with a Bootrom Exploit - https://yifan.lu/2022/06/17/unbricking-shield-tv-2015-with-a-bootrom-exploit/ Zimbra Email - Stealing Clear-Text Credentials via Memcache injection - https://blog.sonarsource.com/zimbra-mail-stealing-clear-text-credentials-via-memcache-injection/
news-and-links/2022.06.20.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.20.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.18.md Awesome list of secrets in environment variables - https://github.com/Puliczek/awesome-list-of-secrets-in-environment-variables V8 Heap pwn and /dev/memes - WebOS Root LPE - https://www.da.vidbuchanan.co.uk/blog/webos-wampage.html MS-FSRVP coercion abuse PoC - https://github.com/ShutdownRepo/ShadowCoerce Course repository for PowerShell for Pentesters Course - https://github.com/dievus/PowerShellForPentesters Analysis and reverse-engineering of the original Starlink router - https://olegkutkov.me/2021/12/25/analysis-and-reverse-engineering-of-the-original-starlink-router/
news-and-links/2022.06.18.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.18.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.16.md Maintained collection of OSINT related resources - https://github.com/Ph055a/OSINT_Collection The Race To Zero Defects In Auto ICs - https://semiengineering.com/the-race-to-zero-defects-in-auto-ics/ CVE-2022-26937: Microsoft Windows Network File System NLM Portmap Stack Buffer Overflow - https://www.zerodayinitiative.com/blog/2022/6/7/cve-2022-26937-microsoft-windows-network-file-system-nlm-portmap-stack-buffer-overflow Scan installed EDRs and AVs on Windows - https://github.com/FourCoreLabs/EDRHunt Reverse engineering the 1988 NeXT keyboard protocol - https://journal.spencerwnelson.com/entries/nextkb.html
news-and-links/2022.06.16.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.16.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

ink on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.14.md Cracking 22 year old DRM: Pac-Man Adventures in Time - https://openpunk.com/pages/cracking-22-yr-old-drm/ Khepri Post-exploiton tool written in Golang and C++ - https://github.com/geemion/Khepri CVE-2019-13382: Local Privilege Escalation in SnagIt - https://enigma0x3.net/2019/07/24/cve-2019-13382-privilege-escalation-in-snagit/ TA570 Qakbot (Qbot) tries CVE-2022-30190 (Follina) exploit - https://isc.sans.edu/diary/28728 Pwn2Own 2021 Canon ImageCLASS MF644Cdw writeup - https://doar-e.github.io/blog/2022/06/11/pwn2own-2021-canon-imageclass-mf644cdw-writeup/
news-and-links/2022.06.14.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.14.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.12.md A journey into IoT – Unknown Chinese alarm – Part 2 – Firmware dump and analysis - https://security.humanativaspa.it/a-journey-into-iot-unknow-chinese-alarm-part-2-firmware-dump-and-analysis/ Understanding Follina (CVE-2022-30190) - Malware for Fun - https://www.youtube.com/watch?v=G_CFSF4Vh-s Does a USB drive get heavier as you store more files on it? - https://www.sciencefocus.com/future-technology/does-a-usb-drive-get-heavier-as-you-store-more-files-on-it/ Exploration of the Dirty Pipe Vulnerability (CVE-2022-0847) - https://lolcads.github.io/posts/2022/06/dirty_pipe_cve_2022_0847/ A Story of a Bug Found Fuzzing - https://microsoftedge.github.io/edgevr/posts/a-story-of-a-bug-found-fuzzing/
news-and-links/2022.06.12.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.12.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

0
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.10.md Subdomain Enumeration & Analysis - https://github.com/Screetsec/Sudomy x86-64 Assembler based on Zydis - https://github.com/zyantific/zasm Hardware-accelerated virtual machines on jailbroken iPhone 12 / iOS 14.1 - https://worthdoingbadly.com/hv/ ACTIVE DIRECTORY #00 Creating our Server + Workstation Virtual Environment - https://www.youtube.com/watch?v=pKtDQtsubio Brute force attacks against Windows Remote Desktop - https://trunc.org/learning/brute-force-attacks-against-windows-remote-desktop
news-and-links/2022.06.10.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.10.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.08.md UPnProxyChain: a Tool to Exploit Devices Vulnerable to UPnProxy - https://shufflingbytes.com/posts/upnproxychain-a-tool-to-exploit-devices-vulnerable-to-upnproxy/ How NAT traversal works - https://tailscale.com/blog/how-nat-traversal-works/ Weird Ways to Run Unmanaged Code in .NET - https://blog.xpnsec.com/weird-ways-to-execute-dotnet/ Creating a backdoor in PAM in 5 line of code - https://0x90909090.blogspot.com/2016/06/creating-backdoor-in-pam-in-5-line-of.html CVE Farming through Software Center – A group effort to flush out zero-day privilege escalations - https://clearbluejar.github.io/posts/mining-google-chrome-cve-data/
news-and-links/2022.06.08.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.08.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.06.md SSD Advisory – Rocket.Chat Client-side Remote Code Execution https://ssd-disclosure.com/ssd-advisory-rocket-chat-client-side-remote-code-execution/ Conti RaaS group chat leaked (English translation) https://github.com/hardenedvault/bootkit-samples/blob/master/osint/conti_leaked_chat.md Arbitrary File Upload Tricks In Java https://pyn3rd.github.io/2022/05/07/Arbitrary-File-Upload-Tricks-In-Java/ Turbo Intruder: Embracing the billion-request attack https://clearbluejar.github.io/posts/mining-google-chrome-cve-data/ Mining Google Chrome CVE data https://clearbluejar.github.io/posts/mining-google-chrome-cve-data/
news-and-links/2022.06.06.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.06.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.04.md WELA (Windows Event Log Analyzer - https://github.com/Yamato-Security/WELA Malware Analysis Report – APT29 C2-Client Dropbox Loader - https://github.com/Dump-GUY/Malware-analysis-and-Reverse-engineering/blob/main/APT29_C2-Client_Dropbox_Loader/APT29-DropboxLoader_analysis.md Twitch Internal Security Tools: In-depth Analysis of the Leaked Twitch Security Tools - https://mazinahmed.net/blog/indepth-analysis-twitch-security-tools/ All the Fake Data for All Your Real Needs - https://github.com/ngneat/falso Advanced SQL Injection Cheatsheet - https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet
news-and-links/2022.06.04.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.04.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

0
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.06.02.md The printer goes brrrrr!!! - https://www.synacktiv.com/en/publications/the-printer-goes-brrrrr.html npm security update: Attack campaign using stolen OAuth tokens - https://github.blog/2022-05-26-npm-security-update-oauth-tokens/ Hacking Ham Radio: WinAPRS – Part 5 - https://www.coalfire.com/the-coalfire-blog/hacking-ham-radio-winaprs-part-5 Laserlock RE Techical Paper - https://www.lucadamico.dev/papers/laserlock/Evolva.pdf DEF CON 26 - Sean Metcalf - Exploiting Active Directory Administrator Insecurities - https://www.youtube.com/watch?v=ze1UcSLOypw
news-and-links/2022.06.02.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.06.02.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.31.md Hacking Ham Radio: WinAPRS – Part 1 - https://www.coalfire.com/the-coalfire-blog/hacking-ham-radio-winaprs-part1 Working with 010 Hex-Editor - https://www.youtube.com/playlist?list=PLCS2zI95IiNwheFCTaUEytA1GT0mNOOdn CppCon 2017: James McNellis “Everything You Ever Wanted to Know about DLLs” - https://www.youtube.com/watch?v=JPQWQfDhICA Zyxel firmware extraction and password analysis - https://security.humanativaspa.it/zyxel-firmware-extraction-and-password-analysis/ .ISO Files With Office Maldocs & Protected View in Office 2019 and 2021 - https://blog.didierstevens.com/2022/04/04/iso-files-with-office-maldocs-protected-view-in-office-2019-and-2021/
news-and-links/2022.05.31.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.31.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.29.md New Research Paper: Pre-hijacking Attacks on Web User Accounts - https://msrc-blog.microsoft.com/2022/05/23/pre-hijacking-attacks/ ELF file viewer/editor f or Windows, Linux and MacOS - https://github.com/horsicq/XELFViewer Apple, Google and Microsoft Commit to Expanded Support for FIDO Standard to Accelerate Availability of Passwordless Sign-Ins - https://fidoalliance.org/apple-google-and-microsoft-commit-to-expanded-support-for-fido-standard-to-accelerate-availability-of-passwordless-sign-ins/ Automated Crossword Solving - https://arxiv.org/pdf/2205.09665.pdf Take domains on stdin and output them on stdout if they get resolved - https://github.com/thelicato/fire
news-and-links/2022.05.29.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.29.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.27.md mip22 is a advanced phishing tool - https://github.com/makdosx/mip22 Fuzzing ClamAV with real malware samples - https://mmmds.pl/clamav/ S4fuckMe2selfAndUAndU2proxy - A low dive into Kerberos delegations - https://luemmelsec.github.io/S4fuckMe2selfAndUAndU2proxy-A-low-dive-into-Kerberos-delegations/ Programming Attacks Using RISC-V Instruction Trace Data - https://ieeexplore.ieee.org/document/9762913 A fully-modern text-based browser, rendering to TTY and browsers - https://github.com/browsh-org/browsh
news-and-links/2022.05.27.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.27.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.25.md SigOverinjector - https://github.com/SysSec-KAIST/sigover_injector Linux.Nasty: Assembly x64 ELF virus - https://www.guitmz.com/linux-nasty-elf-virus/ Exploiting RBCD Using a Normal User Account* - https://www.tiraniddo.dev/2022/05/exploiting-rbcd-using-normal-user.html Hunting evasive vulnerabilities - https://portswigger.net/research/hunting-evasive-vulnerabilities SourcePoint is a C2 profile generator for Cobalt Strike command - https://github.com/Tylous/SourcePoint
news-and-links/2022.05.25.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.25.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.23.md Hydra with Three Heads: BlackByte & The Future of Ransomware Subsidiary Groups - https://www.advintel.io/post/hydra-with-three-heads-blackbyte-the-future-of-ransomware-subsidiary-groups Another fast subdomain enumeration tool - https://github.com/duty1g/subcat Dorks collections list - https://github.com/cipher387/Dorks-collections-list DNS Tunneling using powershell to download and execute a payload - https://github.com/Octoberfest7/DNS_Tunneling Awesome RCE techniques - https://github.com/p0dalirius/Awesome-RCE-techniques
news-and-links/2022.05.23.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.23.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.21.md A tool for automating interactions with Android devices - https://github.com/user1342/AutoDroid A PoC project for embedding shellcode to Hint/Name Table - https://github.com/frkngksl/HintInject Windows Feature Hunter (WFH) - https://github.com/ConsciousHacker/WFH Constrained Delegation Considerations for Lateral Movement - https://sensepost.com/blog/2022/constrained-delegation-considerations-for-lateral-movement/ No-Fix Local Privilege Escalation Using KrbRelay With Shadow Credentials - https://icyguider.github.io/2022/05/19/NoFix-LPE-Using-KrbRelay-With-Shadow-Credentials.html
news-and-links/2022.05.21.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.21.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.17.md Three ways to hack an ATM - https://diablohorn.com/2022/05/14/three-ways-to-hack-an-atm/ TikTok Scraper & Downloader - https://github.com/drawrowfly/tiktok-scraper From Project File to Code Execution - https://claroty.com/2022/05/11/blog-research-from-project-file-to-code-execution-exploiting-vulnerabilities-in-xinje-plc-program-tool/ Qiling Advanced Binary Emulation Framework - https://github.com/qilingframework/qiling Browser In The Browser (BITB) Attack - https://mrd0x.com/browser-in-the-browser-phishing-attack/
news-and-links/2022.05.17.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.17.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

0
Link on Github --> https://github.com/Nieuport/news-and-links/blob/gh-pages/docs/2022.05.15.md Awesome cloud enumerator - https://github.com/0xsha/CloudBrute Multiple bugs chained to takeover Facebook Accounts which uses Gmail - https://ysamm.com/?p=763 iPhone Setup for Reversing and Debugging - https://naehrdine.blogspot.com/2022/05/iphone-setup-for-reversing-and-debugging.html A machine learning malware analysis framework for Android apps - https://github.com/user1342/DroidDetective Malicious PDF Generator - https://github.com/jonaslejon/malicious-pdf
news-and-links/2022.05.15.md at gh-pages · Nieuport/news-and-links

news-and-links/2022.05.15.md at gh-pages · Nieuport/news-and-links

Contribute to Nieuport/news-and-links development by creating an account on GitHub.

GitHubGitHub

Zaloguj się aby komentować

12