CVE-2021-32606: CAN ISOTP local privilege escalation
github.com

Linux 内核 CAN 网络子系统 ISOTP CAN 协议本地提权漏洞分析 Jett • 1 day ago

0   

Exploiting custom protocol handlers for cross-browser tracking in Tor, Safari, Chrome and Firefox
fingerprintjs.com

利用 Custom Protocol Handlers 实现跨浏览器的用户指纹跟踪 Jett • 1 day ago

0   

How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
swarm.ptsecurity.com

How we bypassed bytenode and decompiled Node.js bytecode in Ghidra Jett • 1 day ago

0   

Slides & Recordings
mobisec.reyammer.io

MOBISEC 2020 会议的议题 PPT 和视频公开了 Jett • 1 day ago

0   

A tale of solving all the recent XSS challenges using chrome 1-day.
blog.s1r1us.ninja

A tale of solving all the recent XSS challenges using chrome 1-day. Jett • 1 day ago

0   

CVE‑2021‑1079 – NVIDIA GeForce Experience Command Execution
voidsec.com

NVIDIA GeForce Experience 任意文件写漏洞的细节 Jett • 1 day ago

0   

From Binary Patch to Proof-of-concept: a VMware ESXi vmxnet3 Case Study
zerodayengineering.com

Pwn2Own VMware ESXi vmxnet3 漏洞背后的发现过程 Jett • 1 day ago

0   

Add Exploit For CVE-2021-21551 (Dell DBUtil_2_3 IOCTL) by zeroSteiner · Pull Request #15190 · rapid7/metasploit-framework
github.com

Metasploit 框架新加入了 DELL 固件更新驱动 dbutil_2_3.sys 提权漏洞的 Exploit Jett • 1 day ago

0   

【Black Hat Asia 2021系列分享】兼容的代价:通过文件扩展属性攻陷macOS内核
mp.weixin.qq.com

兼容的代价:通过文件扩展属性攻陷macOS内核 Jett • 1 day ago

0   

Apple’s ‘Find My’ Network Exploited via Bluetooth
Threatpost • macOS Wireless

研究人员发现Apple的设备通过利用的“Find My”网络功能收集蓝牙设备信息。 lanying37 • 1 day ago

0   

Useful Resources when Developing Chrome Extensions
textslashplain.com

开发Chrome扩展程序的有用技巧总结。 lanying37 • 1 day ago

0   

Incident response playbooks
docs.microsoft.com

Microsoft的事件响应指南手册。 lanying37 • 1 day ago

0   

The implications of neglecting IPv6 on your internet facing services
grimminck.medium.com

The implications of neglecting IPv6 on your internet facing services Jett • 2 days ago

0   

G.O.S.S.I.P 学术论文推荐 2021-05-12
mp.weixin.qq.com

USENIX Security 2021 论文推荐 ”Assessing Browser-level Defense against IDN-based Phishing“ Jett • 2 days ago

0   

sigstore
sigstore.dev

Sigstore - Linux Foundation 发起的一个项目,用以解决开源软件供应链中缺少代码签名验证机制的问题 Jett • 2 days ago

0   

Executive Order on Improving the Nation’s Cybersecurity
www.whitehouse.gov

美国白宫发布行政令:提高国家的网络安全实力 Jett • 2 days ago

0   

README.md
github.com

利用 Windows Defender ASR 规则的漏洞执行 Shellcode Jett • 2 days ago

0   

Gaining Threat-Intelligence the dodgy way
blog.tofile.dev

不进入 Test Signing Mode,从 Microsoft-Windows-Threat-Intelligence ETW Provider 获取日志 Jett • 2 days ago

0   

Send My: Arbitrary data transmission via Apple's Find My network
positive.security

模拟 AirTag 利用 Apple 的 Find My 网络传输任意数据 Jett • 2 days ago

0   

Black Hat USA 2021 | Briefings Schedule
www.blackhat.com

Black Hat USA 2021 会议的议题列表陆续开始公布了 Jett • 2 days ago

0   

Tags

Tools Malware Windows Browser Vulnerability Web Android Attack iOS Linux Pentest Conference macOS Network IoT Wireless Defend Fuzzing Reverse Engineering CTF Virtualization Crypto Data Breach Programming Machine Learning Firmware Report Forensics PoC Mitigation SCADA Backdoor Side Channel Threat Intelligence Blockchain Hardware Exploit Supply Chain Bug Bounty Privacy Power Analysis
Loading