GitHub - trailofbits/pip-audit: Audits Python environments and dependency trees for known vulnerabilities
github.com

pip-audit - 用于扫描 Python 环境依赖库是否涉及已知漏洞的工具 Jett • 2 hours ago

0   

Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon
palisade.consulting

Exploiting Vulnerabilities in a TLD Registrar to Takeover Tether, Google, and Amazon Jett • 2 hours ago

0   

Tracking a P2P network related to TA505 – NCC Group Research
research.nccgroup.com

Tracking a P2P network related to TA505 Jett • 2 hours ago

0   

Azure Privilege Escalation via Azure API Permissions Abuse
posts.specterops.io

Azure Privilege Escalation via Azure API Permissions Abuse Jett • 2 hours ago

0   

Jumping the air gap: 15 years of nation‑state effort | WeLiveSecurity
www.welivesecurity.com

ESET 研究员对近 15 年公开攻击中涉及的穿透物理隔离边界的框架的分析 Jett • 2 hours ago

0   

Where in the World is Carmen Sandiego: Abusing Location Services on macOS | by Justin Bui | Dec, 2021 | Medium
medium.com

Abusing Location Services on macOS Jett • 2 hours ago

0   

Project Zero: This shouldn't have happened: A vulnerability postmortem
googleprojectzero.blogspot.com

Project Zero Tavis Ormandy 在 Mozilla NSS 加密库中发现一个内存破坏漏洞 Jett • 2 hours ago

0   

TALOS-2021-1352 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
talosintelligence.com

Google Chrome Blink setBaseAndExtent use after free vulnerability Jett • 3 hours ago

0   

GitHub - l0ggg/VMware_vCenter: VMware vCenter 7.0.2.00100 unauth Arbitrary File Read + SSRF + Reflected XSS
github.com • Web

VMware vCenter 7.0.2.00100 版本任意文件读、SSRF、XSS 漏洞 Jett • 3 hours ago

0   

Watch Your Step(ping): Atoms Breaking Apart
grsecurity.net

研究员发现 Intel(R) Atom CPU Bug Jett • 1 day ago

0   

[PDF] https://labs.f-secure.com/assets/BlogFiles/Printing-Shellz.pdf
labs.f-secure.com

Printing-Shellz - 惠普多功能打印机的安全研究报告 Jett • 1 day ago

0   

Discovering Full Read SSRF in Jamf (CVE-2021-39303 & CVE-2021-40809) – Assetnote
blog.assetnote.io • Pentest

IT 管理软件 Jamf Pro SSRF 漏洞分析 Jett • 1 day ago

0   

CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal
pyn3rd.github.io

CVE-2021-21234 Spring Boot Actuator Logview Directory Traversal Jett • 1 day ago

0   

Arbitrary package tampering in Deno registry + Code Injection in encoding/yaml
blog.ryotak.me

Arbitrary package tampering in Deno registry + Code Injection in encoding/yaml Jett • 1 day ago

0   

Apache Storm 漏洞分析
noahblog.360.cn

Apache Storm 漏洞分析 Jett • 1 day ago

1   

xray 终极反制实践
koalr.me

xray 终极反制实践 Jett • 1 day ago

0   

CVE-2021-22205 GitLab RCE之未授权访问深入分析(一)
天融信阿尔法实验室

CVE-2021-22205 GitLab RCE 之未授权访问深入分析(一) Jett • 1 day ago

0   

New Sony patent: "Spoofing CPUID For Backwards Compatibility" (filed by Mark Cerny)
www.neogaf.com • iOS

New Sony patent: "Spoofing CPUID For Backwards Compatibility" . lanying37 • 1 day ago

0   

PetitPotam - NTLM Relay to AD CS
www.youtube.com

PetitPotam - 对 AD CS 证书服务进行 NTLM 中继攻击演示视频. lanying37 • 1 day ago

0   

安卓 APT 间谍软件 GnatSpy 分析
paper - Last paper

针对安卓 APT 间谍软件 GnatSpy 分析. lanying37 • 1 day ago

0   

Tags

Tools Malware Windows Browser Vulnerability Web Android Attack iOS Linux Pentest Conference macOS Network IoT Wireless Fuzzing Defend Reverse Engineering CTF Virtualization Crypto Data Breach Programming Machine Learning Firmware Report Forensics PoC Mitigation Backdoor SCADA Side Channel Threat Intelligence Hardware Blockchain Exploit Supply Chain Bug Bounty Privacy Power Analysis
Loading