SMB RCE CVE-2022-35804的介绍
v-v.space • Tools

SMB RCE CVE-2022-35804漏洞介绍 lanying37 • 16 hours ago

0   

The Poor Man's Obfuscator
跳跳糖 - 安全与分享社区

The Poor Man's Obfuscator lanying37 • 1 day ago

0   

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research
portswigger.net • Browser

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling Jett • 2 days ago

0   

CVE-2022-22252: Huawei HWLog Vmalloc Use-After-Free
labs.taszk.io • Vulnerability

CVE-2022-22252: Huawei HWLog Vmalloc Use-After-Free Jett • 2 days ago

0   

[PDF] https://www.s3.eurecom.fr/docs/ccs22_fioraldi.pdf
www.s3.eurecom.fr

LibAFL: A Framework to Build Modular and Reusable Fuzzers Jett • 2 days ago

0   

Microsoft Office to publish symbols starting August 2022
Microsoft Security Response Center • Windows

8 月份开始,微软将公开 Office 的调试符号 Jett • 2 days ago

0   

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
blog.talosintelligence.com

思科 Talos Lab 对思科 5 月份被黑事件的分析 Jett • 2 days ago

0   

The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
Project Zero • Linux Android

Linux 内核 GC 漏洞(CVE-2021-0920)的分析,该漏洞已有野外利用 Jett • 2 days ago

0   

How to Attack and Remediate Excessive Network Share Permissions in Active Directory Environments
www.netspi.com • Windows Tools

Active Directory 环境网络共享配置权限不当问题的分析和利用 Jett • 2 days ago

0   

From Shared Dash to Root Bash :: Pre-Authenticated RCE in VMWare vRealize Operations Manager
Source Incite

VMWare vRealize Operations Manager Pre-Authenticated RCE 漏洞的分析 Jett • 2 days ago

0   

building
github.com

gorilla - 用于生成密码字段的工具 Jett • 2 days ago

0   

SVF
svf-tools.github.io

SVF - 针对 C/C++ 的过程间依赖分析的静态分析工具 Jett • 3 weeks ago

1   

2314 - project-zero - Project Zero - Monorail
bugs.chromium.org • Browser Tools

Issue 2314: Chrome: raw_ptr broke implicit scoped_refptr for receivers in base::Bind. Jett • 3 weeks ago

0   

MyBB 0day Authenticated Remote code execution
0x1337.ninja • Vulnerability

MyBB 0day Authenticated Remote code execution Jett • 3 weeks ago

0   

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs
decoded.avast.io

有攻击者利用 Chrome WebRTC 的 0Day 攻击中东地区的 Avast 用户 Jett • 3 weeks ago

0   

API Key, a Key to Credential Leakage & Manipulation | CIP Blog
blog.criminalip.io

有团队研究发现,通过搜索开启 Debug 模式的 Django 发现,超过 3100 个应用的 API Keys 暴露在公网 Jett • 3 weeks ago

0   

Gitlab Project Import RCE Analysis (CVE-2022-2185) | STAR Labs
starlabs.sg

Gitlab Project Import RCE Analysis (CVE-2022-2185) Jett • 3 weeks ago

0   

GitHub - Muirey03/CVE-2022-32832: Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6
github.com

iOS 15.6 昨天修复的 APFS CVE-2022-32832 漏洞的 PoC Jett • 3 weeks ago

0   

Dependency Confusion
Doyensec's Blog • Tools

用 Confuser 工具检测类 NPM 包管理器存在的 Dependency Confusion 依赖注入问题 Jett • 3 weeks ago

0   

云沙箱流量识别技术剖析
paper - Last paper

从流量的角度识别云沙箱 Jett • 3 weeks ago

0   

Tags

Tools Malware Windows Vulnerability Browser Web Android Attack iOS Linux Pentest Conference macOS Network IoT Wireless Fuzzing Reverse Engineering Defend Virtualization CTF Crypto Data Breach Programming Machine Learning Firmware Report Forensics Mitigation PoC SCADA Backdoor Blockchain Side Channel Threat Intelligence Hardware Exploit Supply Chain Bug Bounty Privacy Power Analysis
Loading