Wawa Security Links 337

Mardi 04 Octobre 2022


GoogleNCR / Twitter
Hacking tutos / Facebook


GitHub - mvdan/garble: Obfuscate Go builds
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 2 | Nettitude Labs
Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities - Microsoft Security
Unveiling Octopus: The pre-operation C2 for Red Teamers - Shells.Systems
The quiet evolution of phishing - Microsoft Security
CVE-2019-17555: DoS via Retry-After header in Apache Olingo | The blog of a gypsy engineer
https://www.hackingarticles.in/hiding-shell-using-prependmigrate-metasploit/
Exploiting v8: *CTF 2019 oob-v8
https://medium.com/maverislabs/cve-2019-17123-cbc946c99f8
DeCypherIT - All eggs in one basket - Check Point Research
Hack The Real: An exploitation chain to break the Safari browser - Systems Software and Security Lab
GALLIUM: Targeting global telecom
Analyzing ELF Binaries with Malformed Headers Part 2 - Mapping Program Logic with Qiling and Graphviz | Binary Research
Metasploit Wrap-Up
Intezer - ChinaZ Introduces New Undetected Malware
Hack The Box - Smasher2 | 0xRick
https://zeronights.ru/wp-content/themes/zeronights-2019/public/materials/7_PaulAxe_ZN_PWN_Challenge.pdf
Free Proxy / VPN / TOR / Bad IP Detection Service via API and Web Interface | IP Intelligence
GitHub - zodiacon/PEExplorerV2: Portable Executable Explorer version 2
https://rammerlabs.alidml.ru/peanatomist-eng.html

Android Recoverable Keystore
https://isc.sans.edu/forums/diary/Lazy Sunday Maldoc Analysis A Bit More/25608/
GitHub - liamg/scout: Lightweight URL fuzzer: Discover a web server's undisclosed files and directories
Windows-10-Exploitation/Low_Fragmentation_Heap_(LFH)_Exploitation_-_Windows_10_Userspace_by_Saar_Amar.pdf at master · peleghd/Windows-10-Exploitation · GitHub
WinDbg Preview - Timeline - Windows drivers | Microsoft Docs
GitHub - jar-o/rotvpn: Run a personal VPN in the cloud. And rotate it regularly.
https://isc.sans.edu/forums/diary/VirusTotal Email Submissions/25610/
malware-analysis-writeups/swrort-stager-analysis.pdf at master · itsKindred/malware-analysis-writeups · GitHub
https://isc.sans.edu/diary/Malicious .DWG Files?/25612
https://www.thezdi.com/blog/2019/12/15/syncing-out-of-the-firefox-sandbox
https://blog.talosintelligence.com/2019/12/vulnerability-spotlight-multiple.html
SMTP Protocol with Wireshark
Hack the Box (HTB) machines walkthrough series — Haystack
DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet - TrendLabs Security Intelligence Blog
Interactive guide to Buffer Overflow exploitation | Nagarro Security
GitHub - jonathanmetzman/wasm-fuzzing-demo: Demos of and walkthroughs on in-browser fuzzing using WebAssembly
GraphQL Batching Attack - Wallarm Blog
Persistence – Application Shimming | Penetration Testing Lab
watevrCTF 2019 Writeup - CTFするぞ
Multiple Vulnerabilities in Barco ClickShare

The Vault: Is ReactOS Great Again (2019)?
GitHub - den4uk/andriller: Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
https://ired.team/miscellaneous-reversing-forensics/windows-kernel/how-kernel-exploits-abuse-tokens-for-privilege-escalation
Blogger
#include </etc/shadow> - Hanno's blog
https://isc.sans.edu/forums/diary/Is it Possible to Identify DNS over HTTPs Without Decrypting TLS/25616/
GitHub - P4T12ICK/Sigma-Hunting-App: A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
Dropping Anchor: From a TrickBot Infection to the Discovery of the Anchor Malware
Access control vulnerabilities and privilege escalation
Tetrane - Automated Reverse Engineering Platform
https://blog.talosintelligence.com/2019/12/IR-Lessons-Maze.html
URGENT/11 vulnerability
OilRig’s Poison Frog – old samples, same trick | Securelist
CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI
BreakingApp – WhatsApp Crash & Data Loss Bug - Check Point Research
A Deep Dive Into Samsung's TrustZone (Part 2)
Live response automation with Velociraptor - Matt's DFIR Blog
Positive Technologies - learn and secure : Turkish tricks with worms, RATs… and a freelancer
https://www.zerodayinitiative.com/blog/2019/12/16/local-privilege-escalation-in-win32ksys-through-indexed-color-palettes
https://medium.com/onehackman/learning-xss-part-1-reflected-xss-brief-concept-techniques-challenge-walkthrough-85f6b165541b

https://medium.com/rootxharsh_90844/abusing-feature-to-steal-your-tokens-f15f78cebf74
https://medium.com/nishantrustlingup/step-by-step-bug-bounty-d753798facb8
GitHub - fekle/simple-blacklist: A simple tool to fetch and filter domain blacklists for use with tools like https://github.com/DNSCrypt/dnscrypt-proxy
Project Zero: Calling Local Windows RPC Servers from .NET
chasingpolarbears/vmwarebug at master · SandboxEscaper/chasingpolarbears · GitHub
phra's blog ~ Technical posts about InfoSec
GitHub - curi0usJack/rubeus2ccache: Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
4 Google Cloud Shell bugs explained – Offensi
Dacls, the Dual platform RAT
Spelevo exploit kit debuts new social engineering trick - Malwarebytes Labs | Malwarebytes Labs
Frida 12.8 Released | Frida • A world-class dynamic instrumentation framework
Update: oledump.py Version 0.0.44 | Didier Stevens
https://blog.sucuri.net/2019/12/how-websites-are-used-to-spread-emotet-malware.html
ConnectWise Control Abused Again to Deliver Zeppelin Ransomware
Demystifying AWS' AssumeRole and sts:ExternalId – NCC Group Research
Global Payments Vulnerability – Winter Dragon
GitHub - pia-foss/desktop: Private Internet Access - Desktop VPN Client for Windows/macOS/Linux
GitHub - ucsb-seclab/karonte: Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware
From dropbox(updater) to NT AUTHORITY\SYSTEM – Decoder's Blog
Signal Desktop Windows Elevation of Privilege Vulnerability – Rich Mirch


Translate / Map
Wikipedia [ENG] / GIT

Metasploit / ExploitDB
Converter / Project 0

Hotmail / Gmail / ODA
eprint.iacr / Youtube