CVE-2021-32606: CAN ISOTP local privilege escalation
github.com

Linux 内核 CAN 网络子系统 ISOTP CAN 协议本地提权漏洞分析 Jett • 1 day ago

0   

Exploiting custom protocol handlers for cross-browser tracking in Tor, Safari, Chrome and Firefox
fingerprintjs.com

利用 Custom Protocol Handlers 实现跨浏览器的用户指纹跟踪 Jett • 1 day ago

0   

How we bypassed bytenode and decompiled Node.js bytecode in Ghidra
swarm.ptsecurity.com

How we bypassed bytenode and decompiled Node.js bytecode in Ghidra Jett • 1 day ago

0   

Slides & Recordings
mobisec.reyammer.io

MOBISEC 2020 会议的议题 PPT 和视频公开了 Jett • 1 day ago

0   

A tale of solving all the recent XSS challenges using chrome 1-day.
blog.s1r1us.ninja

A tale of solving all the recent XSS challenges using chrome 1-day. Jett • 1 day ago

0   

CVE‑2021‑1079 – NVIDIA GeForce Experience Command Execution
voidsec.com

NVIDIA GeForce Experience 任意文件写漏洞的细节 Jett • 1 day ago

0   

From Binary Patch to Proof-of-concept: a VMware ESXi vmxnet3 Case Study
zerodayengineering.com

Pwn2Own VMware ESXi vmxnet3 漏洞背后的发现过程 Jett • 1 day ago

0   

Add Exploit For CVE-2021-21551 (Dell DBUtil_2_3 IOCTL) by zeroSteiner · Pull Request #15190 · rapid7/metasploit-framework
github.com

Metasploit 框架新加入了 DELL 固件更新驱动 dbutil_2_3.sys 提权漏洞的 Exploit Jett • 1 day ago

0   

【Black Hat Asia 2021系列分享】兼容的代价:通过文件扩展属性攻陷macOS内核
mp.weixin.qq.com

兼容的代价:通过文件扩展属性攻陷macOS内核 Jett • 1 day ago

0   

Apple’s ‘Find My’ Network Exploited via Bluetooth
Threatpost • macOS Wireless

研究人员发现Apple的设备通过利用的“Find My”网络功能收集蓝牙设备信息。 lanying37 • 1 day ago

0   

Useful Resources when Developing Chrome Extensions
textslashplain.com

开发Chrome扩展程序的有用技巧总结。 lanying37 • 1 day ago

0   

Incident response playbooks
docs.microsoft.com

Microsoft的事件响应指南手册。 lanying37 • 1 day ago

0   

The implications of neglecting IPv6 on your internet facing services
grimminck.medium.com

The implications of neglecting IPv6 on your internet facing services Jett • 2 days ago

0   

G.O.S.S.I.P 学术论文推荐 2021-05-12
mp.weixin.qq.com

USENIX Security 2021 论文推荐 ”Assessing Browser-level Defense against IDN-based Phishing“ Jett • 2 days ago

0   

sigstore
sigstore.dev

Sigstore - Linux Foundation 发起的一个项目,用以解决开源软件供应链中缺少代码签名验证机制的问题 Jett • 2 days ago

0   

Executive Order on Improving the Nation’s Cybersecurity
www.whitehouse.gov

美国白宫发布行政令:提高国家的网络安全实力 Jett • 2 days ago

0   

README.md
github.com

利用 Windows Defender ASR 规则的漏洞执行 Shellcode Jett • 2 days ago

0   

Gaining Threat-Intelligence the dodgy way
blog.tofile.dev

不进入 Test Signing Mode,从 Microsoft-Windows-Threat-Intelligence ETW Provider 获取日志 Jett • 2 days ago

0   

Send My: Arbitrary data transmission via Apple's Find My network
positive.security

模拟 AirTag 利用 Apple 的 Find My 网络传输任意数据 Jett • 2 days ago

0   

Black Hat USA 2021 | Briefings Schedule
www.blackhat.com

Black Hat USA 2021 会议的议题列表陆续开始公布了 Jett • 2 days ago

0   

Loading