Wawa Security Links 337

Mardi 04 Octobre 2022

GoogleNCR / Twitter
Hacking tutos / Facebook

GitHub - mvdan/garble: Obfuscate Go builds
CVE-2019-12750: Symantec Endpoint Protection Local Privilege Escalation – Part 2 | Nettitude Labs
Multi-stage downloader Trojan sLoad abuses BITS almost exclusively for malicious activities - Microsoft Security
Unveiling Octopus: The pre-operation C2 for Red Teamers - Shells.Systems
The quiet evolution of phishing - Microsoft Security
CVE-2019-17555: DoS via Retry-After header in Apache Olingo | The blog of a gypsy engineer
Exploiting v8: *CTF 2019 oob-v8
DeCypherIT - All eggs in one basket - Check Point Research
Hack The Real: An exploitation chain to break the Safari browser - Systems Software and Security Lab
GALLIUM: Targeting global telecom
Analyzing ELF Binaries with Malformed Headers Part 2 - Mapping Program Logic with Qiling and Graphviz | Binary Research
Metasploit Wrap-Up
Intezer - ChinaZ Introduces New Undetected Malware
Hack The Box - Smasher2 | 0xRick
Free Proxy / VPN / TOR / Bad IP Detection Service via API and Web Interface | IP Intelligence
GitHub - zodiacon/PEExplorerV2: Portable Executable Explorer version 2

Android Recoverable Keystore
https://isc.sans.edu/forums/diary/Lazy Sunday Maldoc Analysis A Bit More/25608/
GitHub - liamg/scout: Lightweight URL fuzzer: Discover a web server's undisclosed files and directories
Windows-10-Exploitation/Low_Fragmentation_Heap_(LFH)_Exploitation_-_Windows_10_Userspace_by_Saar_Amar.pdf at master · peleghd/Windows-10-Exploitation · GitHub
WinDbg Preview - Timeline - Windows drivers | Microsoft Docs
GitHub - jar-o/rotvpn: Run a personal VPN in the cloud. And rotate it regularly.
https://isc.sans.edu/forums/diary/VirusTotal Email Submissions/25610/
malware-analysis-writeups/swrort-stager-analysis.pdf at master · itsKindred/malware-analysis-writeups · GitHub
https://isc.sans.edu/diary/Malicious .DWG Files?/25612
SMTP Protocol with Wireshark
Hack the Box (HTB) machines walkthrough series — Haystack
DDoS Attacks and IoT Exploits: New Activity from Momentum Botnet - TrendLabs Security Intelligence Blog
Interactive guide to Buffer Overflow exploitation | Nagarro Security
GitHub - jonathanmetzman/wasm-fuzzing-demo: Demos of and walkthroughs on in-browser fuzzing using WebAssembly
GraphQL Batching Attack - Wallarm Blog
Persistence – Application Shimming | Penetration Testing Lab
watevrCTF 2019 Writeup - CTFするぞ
Multiple Vulnerabilities in Barco ClickShare

The Vault: Is ReactOS Great Again (2019)?
GitHub - den4uk/andriller: Andriller - is software utility with a collection of forensic tools for smartphones. It performs read-only, forensically sound, non-destructive acquisition from Android devices.
#include </etc/shadow> - Hanno's blog
https://isc.sans.edu/forums/diary/Is it Possible to Identify DNS over HTTPs Without Decrypting TLS/25616/
GitHub - P4T12ICK/Sigma-Hunting-App: A Splunk App containing Sigma detection rules, which can be updated from a Git repository.
Dropping Anchor: From a TrickBot Infection to the Discovery of the Anchor Malware
Access control vulnerabilities and privilege escalation
Tetrane - Automated Reverse Engineering Platform
URGENT/11 vulnerability
OilRig’s Poison Frog – old samples, same trick | Securelist
CVE-2019-18935: Remote Code Execution via Insecure Deserialization in Telerik UI
BreakingApp – WhatsApp Crash & Data Loss Bug - Check Point Research
A Deep Dive Into Samsung's TrustZone (Part 2)
Live response automation with Velociraptor - Matt's DFIR Blog
Positive Technologies - learn and secure : Turkish tricks with worms, RATs… and a freelancer

GitHub - fekle/simple-blacklist: A simple tool to fetch and filter domain blacklists for use with tools like https://github.com/DNSCrypt/dnscrypt-proxy
Project Zero: Calling Local Windows RPC Servers from .NET
chasingpolarbears/vmwarebug at master · SandboxEscaper/chasingpolarbears · GitHub
phra's blog ~ Technical posts about InfoSec
GitHub - curi0usJack/rubeus2ccache: Extracts all base64 ticket data from a rubeus /dump file and converts the tickets to ccache files for easy use with other tools.
4 Google Cloud Shell bugs explained – Offensi
Dacls, the Dual platform RAT
Spelevo exploit kit debuts new social engineering trick - Malwarebytes Labs | Malwarebytes Labs
Frida 12.8 Released | Frida • A world-class dynamic instrumentation framework
Update: oledump.py Version 0.0.44 | Didier Stevens
ConnectWise Control Abused Again to Deliver Zeppelin Ransomware
Demystifying AWS' AssumeRole and sts:ExternalId – NCC Group Research
Global Payments Vulnerability – Winter Dragon
GitHub - pia-foss/desktop: Private Internet Access - Desktop VPN Client for Windows/macOS/Linux
GitHub - ucsb-seclab/karonte: Karonte is a static analysis tool to detect multi-binary vulnerabilities in embedded firmware
From dropbox(updater) to NT AUTHORITY\SYSTEM – Decoder's Blog
Signal Desktop Windows Elevation of Privilege Vulnerability – Rich Mirch

Translate / Map
Wikipedia [ENG] / GIT

Metasploit / ExploitDB
Converter / Project 0

Hotmail / Gmail / ODA
eprint.iacr / Youtube