SMB RCE CVE-2022-35804的介绍
v-v.space • Tools

SMB RCE CVE-2022-35804漏洞介绍 lanying37 • 16 hours ago

0   

The Poor Man's Obfuscator
跳跳糖 - 安全与分享社区

The Poor Man's Obfuscator lanying37 • 1 day ago

0   

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling | PortSwigger Research
portswigger.net • Browser

Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling Jett • 2 days ago

0   

CVE-2022-22252: Huawei HWLog Vmalloc Use-After-Free
labs.taszk.io • Vulnerability

CVE-2022-22252: Huawei HWLog Vmalloc Use-After-Free Jett • 2 days ago

0   

[PDF] https://www.s3.eurecom.fr/docs/ccs22_fioraldi.pdf
www.s3.eurecom.fr

LibAFL: A Framework to Build Modular and Reusable Fuzzers Jett • 2 days ago

0   

Microsoft Office to publish symbols starting August 2022
Microsoft Security Response Center • Windows

8 月份开始,微软将公开 Office 的调试符号 Jett • 2 days ago

0   

Cisco Talos Intelligence Group - Comprehensive Threat Intelligence: Cisco Talos shares insights related to recent cyber attack on Cisco
blog.talosintelligence.com

思科 Talos Lab 对思科 5 月份被黑事件的分析 Jett • 2 days ago

0   

The quantum state of Linux kernel garbage collection CVE-2021-0920 (Part I)
Project Zero • Linux Android

Linux 内核 GC 漏洞(CVE-2021-0920)的分析,该漏洞已有野外利用 Jett • 2 days ago

0   

How to Attack and Remediate Excessive Network Share Permissions in Active Directory Environments
www.netspi.com • Windows Tools

Active Directory 环境网络共享配置权限不当问题的分析和利用 Jett • 2 days ago

0   

From Shared Dash to Root Bash :: Pre-Authenticated RCE in VMWare vRealize Operations Manager
Source Incite

VMWare vRealize Operations Manager Pre-Authenticated RCE 漏洞的分析 Jett • 2 days ago

0   

building
github.com

gorilla - 用于生成密码字段的工具 Jett • 2 days ago

0   

SVF
svf-tools.github.io

SVF - 针对 C/C++ 的过程间依赖分析的静态分析工具 Jett • 3 weeks ago

1   

2314 - project-zero - Project Zero - Monorail
bugs.chromium.org • Browser Tools

Issue 2314: Chrome: raw_ptr broke implicit scoped_refptr for receivers in base::Bind. Jett • 3 weeks ago

0   

MyBB 0day Authenticated Remote code execution
0x1337.ninja • Vulnerability

MyBB 0day Authenticated Remote code execution Jett • 3 weeks ago

0   

The Return of Candiru: Zero-days in the Middle East - Avast Threat Labs
decoded.avast.io

有攻击者利用 Chrome WebRTC 的 0Day 攻击中东地区的 Avast 用户 Jett • 3 weeks ago

0   

API Key, a Key to Credential Leakage & Manipulation | CIP Blog
blog.criminalip.io

有团队研究发现,通过搜索开启 Debug 模式的 Django 发现,超过 3100 个应用的 API Keys 暴露在公网 Jett • 3 weeks ago

0   

Gitlab Project Import RCE Analysis (CVE-2022-2185) | STAR Labs
starlabs.sg

Gitlab Project Import RCE Analysis (CVE-2022-2185) Jett • 3 weeks ago

0   

GitHub - Muirey03/CVE-2022-32832: Proof-of-concept and write-up for the CVE-2022-32832 vulnerability patched in iOS 15.6
github.com

iOS 15.6 昨天修复的 APFS CVE-2022-32832 漏洞的 PoC Jett • 3 weeks ago

0   

Dependency Confusion
Doyensec's Blog • Tools

用 Confuser 工具检测类 NPM 包管理器存在的 Dependency Confusion 依赖注入问题 Jett • 3 weeks ago

0   

云沙箱流量识别技术剖析
paper - Last paper

从流量的角度识别云沙箱 Jett • 3 weeks ago

0   

Loading