emmutaler
github.com • iOS Fuzzing

emmutaler - 用于 Fuzz SecureROM 的一套工具 Jett • 2 days ago

1   

Detecting and Hunting for the PetitPotam NTLM Relay Attack – NCC Group Research
research.nccgroup.com • Tools

基于日志对 PetitPotam NTLM Relay 攻击的检测 Jett • 2 days ago

0   

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation
www.microsoft.com • Malware

Catching the big fish: Analyzing a large-scale phishing-as-a-service operation Jett • 2 days ago

0   

[PDF] https://www.nksc.lt/doc/en/analysis/2021-08-23_5G-CN-analysis_env3.pdf
www.nksc.lt

立陶宛国防部安全中心对 Huawei, Xiaomi、OnePlus 5G 手机的网络安全评估报告 Jett • 2 days ago

0   

IAM Vulnerable - Assessing the AWS Assessment Tools
labs.bishopfox.com • Tools

AWS 环境中对 IAM 提权漏洞的安全评估工具 Jett • 2 days ago

0   

Financially motivated actor breaks certificate parsing to avoid detection
blog.google

有恶意程序利用 OpenSSL 与 Windows 系统对签名解析的不一致性躲避安全软件检查 Jett • 2 days ago

0   

Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program
habr.com • macOS

Disclosure of three 0-day iOS vulnerabilities and critique of Apple Security Bounty program Jett • 2 days ago

0   

Using CodeQL to detect client-side vulnerabilities in web applications | Raz0r.name
raz0r.name • Web

利用 CodeQL 检测 Web 应用中的 client 端漏洞 Jett • 2 days ago

0   

虚假的 RCE vs 真实的 RCE
evilpan.com

研究员 evilpan 经过分析认为前两天的 macOS Finder RCE 不能算作漏洞 Jett • 2 days ago

0   

Monitoring Threat Actors Cobalt Strike C2 Infrastructure with Shodan
michaelkoczwara.medium.com • Tools

Monitoring Threat Actors Cobalt Strike C2 Infrastructure with Shodan lanying37 • 2 days ago

0   

A guide to OWASP’s secure coding
cybersecurity.att.com

OWASP 安全编码指南手册. lanying37 • 2 days ago

0   

PoC-CVE-2021-30632
github.com • Browser

PoC of Out of Bounds Write in V8(CVE-2021-30632) Jett • 3 days ago

0   

Microsoft Exchange Autodiscover bugs leak 100K Windows credentials
www.bleepingcomputer.com

微软 Exchange Autodiscover 协议被发现会向第三方域名泄露用户认证凭据信息 Jett • 3 days ago

0   

Resetting Expired Passwords Remotely
www.n00py.io • Tools

Resetting Expired Passwords Remotely Jett • 3 days ago

0   

Kernel Vmalloc Use-After-Free in the ION Allocator
labs.taszk.io

Android 内核 ION allocator UAF 漏洞分析 Jett • 3 days ago

0   

[PDF] https://nesa.zju.edu.cn/download/pgn_pdf_V-SHUTTLE.pdf
nesa.zju.edu.cn

V-Shuttle: Scalable and Semantics-Aware Hypervisor Virtual Device Fuzzing(Paper) Jett • 3 days ago

0   

Distroless Builds Are Now SLSA 2
Google Online Security Blog

Google 开源了一套供应链安全框架 SLSA2 Jett • 3 days ago

0   

Zero Day Initiative — CVE-2021-26084: Details on the Recently Exploited Atlassian Confluence OGNL Injection Bug
www.zerodayinitiative.com

Atlassian Confluence Server Webwork OGNL 注入漏洞分析(CVE-2021-26084) Jett • 3 days ago

0   

Car Hacking 101: Practical Guide to Exploiting CAN-Bus using Instrument Cluster Simulator — Part I: Setting Up
medium.com • IoT

汽车渗透测试 101:利用仪表板模拟器的CAN 总线的实用指南 - 第一部分:设置介绍 lanying37 • 3 days ago

0   

Loading