| Tweetovi |
| 0x00pico proslijedio/la je tweet | ||
|
Chris Williams
@diodesign
|
24 h |
|
This is pretty sweet. You can make your own USB security key using an off-the-shelf Arm-based dongle and Google's OpenSK firmware running on TockOS, all virtually written in @rustlang theregister.co.uk/2020/02/04/bur…
OpenSK: github.com/google/OpenSK
TockOS: github.com/tock/tock
|
||
|
||
| 0x00pico proslijedio/la je tweet | ||
|
b0bb
@0xb0bb
|
1. velj |
|
Here is my massive lib db (for ctfs/wargames/blind pwns etc.). It consists of thousands of libs across over a dozen Linux distributions and architectures spanning the last 20 years. It indexes symbols & gadgets (including one gadgets AKA magic gadgets). github.com/0xb0bb/karkinos pic.twitter.com/T76K3lkQ3r
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Nicolas Krassas
@Dinosn
|
4. velj |
|
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo
github.com/TH3xACE/SUDO_K…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Ruben Santamarta
@reversemode
|
4. velj |
|
Root cause analysis and exploit for a Windows kernel ws2ifsl.sys use-after-free vulnerability.
labs.bluefrostsecurity.de/blog/2020/01/0…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Nicolas Krassas
@Dinosn
|
3. velj |
|
TeamViewer stored user passwords encrypted, not hashed, and the key is now public
whynotsecurity.com/blog/teamviewe…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Internet of Shit
@internetofshit
|
3. velj |
|
99 smart phones in a pull-cart = instant traffic jam simonweckert.com/googlemapshack… pic.twitter.com/gNDa05OeVi
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Evilcry_
@Blackmond_
|
2. velj |
|
Virtual Method Table for newbies #1 littlemastermind.codes/2020/02/01/vir…
Virtual Method Table for newbies #2
littlemastermind.codes/2020/02/01/vir…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
FireF0X
@hFireF0X
|
2. velj |
|
KDU, Kernel Driver Utility - driver loader (and not only) bypassing Windows x64 Driver Signature Enforcement with support of various "functionality" providers - including Unwinder's RTCore, github.com/hfiref0x/KDU pic.twitter.com/s154qYlIKR
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Evilcry_
@Blackmond_
|
2. velj |
|
Hardware Debugging for Reverse Engineers Part 1: SWD, OpenOCD and Xbox One Controllers wrongbaud.github.io/stm-xbox-jtag/
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Nicolas Krassas
@Dinosn
|
2. velj |
|
GDA Android Reversing Tool - A New Decompiler Written Entirely In C++, So It Does Not Rely On The Java Platform, Which Is Succinct, Portable And Fast, And Supports APK, DEX, ODEX, Oat kitploit.com/2020/02/gda-an…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Nicolas Krassas
@Dinosn
|
14. sij |
|
Ryuk Ransomware Uses Wake-on-Lan To Encrypt Offline Devices bleepingcomputer.com/news/security/…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Binni Shah
@binitamshah
|
14. sij |
|
Reverse engineering course (Focuses on x64 Windows) : github.com/0xZ0F/Z0FCours… cc @0xZ0F
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Binni Shah
@binitamshah
|
14. sij |
|
Awesome Forensics Resources : Almost 300 open source forensics tools and 600 blog posts about forensics &1000+ Github Repos about Security Resource Collection : github.com/alphaSeclab/aw…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Azeria
@Fox0x01
|
3. sij |
|
Reverse Engineering Encrypted Code Segments:
medium.com/@ryancor/rever…
by Ryan Cornateanu
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Azeria
@Fox0x01
|
30. pro |
|
Apple: we’re the most secure OS! No bugs, don’t look.
Corellium: *provides researches with a proper research environment to find bugs and test their apps*
Researchers: *find and report bugs using Corellium*
Apple: no no no no nooo NO 😱 *sues Corellium*
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
|
Nicolas Krassas
@Dinosn
|
30. pro |
|
Open source RAT collection, and malicious RAT analysis reports.
github.com/alphaSeclab/aw…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
R136a1
@TheEnergyStory
|
14. pro |
|
Archive of kernelmode.info is now available | All attachments are public | Note that attachments have PHP file extension but are actually archives | Rename according to its file type (ZIP, RAR, ...) and open it | Thanks for everybody who contributed over those ~10 years!
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
ElfMaster
@ryan_elfmaster
|
11. pro |
|
Understand attack surface of statically linked binaries in Linux and learn how to harden them leviathansecurity.com/blog/aslr-prot…
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Somdev Sangwan
@s0md3v
|
11. pro |
|
DLL Hijacking for Dummies [1/2]
> Download and run this process monitor (docs.microsoft.com/en-us/sysinter…)
> Download and run target's desktop app
> Look for processes with result "name not found"
> Note down the paths of these processes
|
||
|
|
||
| 0x00pico proslijedio/la je tweet | ||
|
Clément Labro
@itm4n
|
11. pro |
|
New blog post: "CDPSvc DLL Hijacking - From LOCAL SERVICE to SYSTEM" where I mostly talk about Tokens and Impersonation. 🔥
👉 itm4n.github.io/cdpsvc-dll-hij… pic.twitter.com/pqi7k2thcS
|
||
|
|
||