How Windows Processes Work - Creation, APIs, Data Structures (Part 1)
https://ift.tt/YmgLbN8
Submitted July 13, 2022 at 10:10PM by sciencestudent99
via reddit https://ift.tt/4YhnErx
https://ift.tt/YmgLbN8
Submitted July 13, 2022 at 10:10PM by sciencestudent99
via reddit https://ift.tt/4YhnErx
FourCore
Genesis - The Birth of a Windows Process (Part 1) - FourCore
What happens when you run an executable on your Windows machine? This blog provides a brief overview and the flow for creating a Windows Process, the APIs and structures involved, and the Process Internals.
Attacking Active Directory: 0 to 0.9
https://ift.tt/1uXPGeN
Submitted July 14, 2022 at 12:12AM by CyberMasterV
via reddit https://ift.tt/v9XW1zR
https://ift.tt/1uXPGeN
Submitted July 14, 2022 at 12:12AM by CyberMasterV
via reddit https://ift.tt/v9XW1zR
CVE-2022-29885 - Apache Tomcat Cluster Service DoS
https://ift.tt/GnabYki
Submitted July 14, 2022 at 01:33AM by voidz0r
via reddit https://ift.tt/b1ER5aZ
https://ift.tt/GnabYki
Submitted July 14, 2022 at 01:33AM by voidz0r
via reddit https://ift.tt/b1ER5aZ
Voidzone
CVE-2022-29885 - Apache Tomcat Cluster Service DoS
An analysis of a Denial Of Service vulnerability on the Apache Tomcat Cluster Service listener.
Dealing with Failure: Failure Escalation Policy in CLR Hosts
https://ift.tt/q5WwQ3s
Submitted July 14, 2022 at 01:13AM by jeandrew
via reddit https://ift.tt/VBtwMmg
https://ift.tt/q5WwQ3s
Submitted July 14, 2022 at 01:13AM by jeandrew
via reddit https://ift.tt/VBtwMmg
Medium
Dealing with Failure: Failure Escalation Policy in CLR Hosts
Offensive tooling built upon the .NET framework and its runtime environment, the Common Language Runtime (CLR), is an important part of…
Introducing Decompiler Explorer (🐶⚡️)
https://ift.tt/edNoWkj
Submitted July 14, 2022 at 03:28AM by Psifertex
via reddit https://ift.tt/7bcQAld
https://ift.tt/edNoWkj
Submitted July 14, 2022 at 03:28AM by Psifertex
via reddit https://ift.tt/7bcQAld
Binary Ninja
Binary Ninja - Introducing Decompiler Explorer
Binary Ninja is a modern reverse engineering platform with a noscriptable and extensible decompiler.
This Salesforce Tableau Server XSS vulnerability will not get a CVE attributed. Here is the PoC and the fixed versions.
https://ift.tt/zGUqmpH
Submitted July 13, 2022 at 09:22PM by obilodeau
via reddit https://ift.tt/4BRrS8O
https://ift.tt/zGUqmpH
Submitted July 13, 2022 at 09:22PM by obilodeau
via reddit https://ift.tt/4BRrS8O
GoSecure
Tableau Server Leaks Sensitive Information From Reflected XSS - GoSecure
Penetration testing identifies Tableau Server was vulnerable to reflected XSS which could lead to exposure of sensitive data.
Researching access tokens for fun and knowledge
https://ift.tt/Cl4Tzhn
Submitted July 14, 2022 at 04:15PM by One-Assistance-8552
via reddit https://ift.tt/qxgfnRJ
https://ift.tt/Cl4Tzhn
Submitted July 14, 2022 at 04:15PM by One-Assistance-8552
via reddit https://ift.tt/qxgfnRJ
Huntandhackett
Researching access tokens for fun and knowledge
In this blog we dive into compound identities, Azure Key Vault, JWT tokens and bound identities. For fun and to understand their inner workings.
BGGP3: Crash on the Cob
https://ift.tt/yV2IAlP
Submitted July 14, 2022 at 08:36PM by netsecfriends
via reddit https://ift.tt/Jm5PkTD
https://ift.tt/yV2IAlP
Submitted July 14, 2022 at 08:36PM by netsecfriends
via reddit https://ift.tt/Jm5PkTD
remyhax.xyz
BGGP3: Crash on the Cob
For this years Binary Golf Grand Prix I started off by learning to fuzz properly, use a debugger properly, and various tooling. The objective was originally to hit all of the bonus points:
+1024 pts, if you submit a writeup about your process and details…
+1024 pts, if you submit a writeup about your process and details…
Exploiting Arbitrary Object Instantiations in PHP without Custom Classes
https://ift.tt/TSJPy54
Submitted July 14, 2022 at 08:34PM by albinowax
via reddit https://ift.tt/dihQfJZ
https://ift.tt/TSJPy54
Submitted July 14, 2022 at 08:34PM by albinowax
via reddit https://ift.tt/dihQfJZ
PT SWARM
Exploiting Arbitrary Object Instantiations in PHP without Custom Classes
We discovered an application with "new $a($b)" and no user-defined classes. We turned it to RCE.
CVE-2022-29593
https://ift.tt/OYv1ncg
Submitted July 15, 2022 at 09:30AM by 9lyph
via reddit https://ift.tt/bJAdhCf
https://ift.tt/OYv1ncg
Submitted July 15, 2022 at 09:30AM by 9lyph
via reddit https://ift.tt/bJAdhCf
GitHub
GitHub - 9lyph/CVE-2022-29593
Contribute to 9lyph/CVE-2022-29593 development by creating an account on GitHub.
IDA Plugin to reconstruct .proto files used in the analyzed binary
https://ift.tt/63ujKXB
Submitted July 15, 2022 at 01:02PM by Martypx00
via reddit https://ift.tt/UxrhDdl
https://ift.tt/63ujKXB
Submitted July 15, 2022 at 01:02PM by Martypx00
via reddit https://ift.tt/UxrhDdl
GitHub
GitHub - Accenture/protobuf-finder: IDA Pro plugin for reconstructing original .proto files from binary.
IDA Pro plugin for reconstructing original .proto files from binary. - GitHub - Accenture/protobuf-finder: IDA Pro plugin for reconstructing original .proto files from binary.
Mantis - The most powerful botnet
https://ift.tt/T8GnaBF
Submitted July 15, 2022 at 06:45PM by MiguelHzBz
via reddit https://ift.tt/P02Od7W
https://ift.tt/T8GnaBF
Submitted July 15, 2022 at 06:45PM by MiguelHzBz
via reddit https://ift.tt/P02Od7W
How Windows Processes Work - CreateProcess Workflow (Part 2)
https://ift.tt/alR9jeQ
Submitted July 16, 2022 at 10:49PM by sciencestudent99
via reddit https://ift.tt/fXCzL0y
https://ift.tt/alR9jeQ
Submitted July 16, 2022 at 10:49PM by sciencestudent99
via reddit https://ift.tt/fXCzL0y
FourCore
Genesis - The Birth of a Windows Process (Part 2) - FourCore
What happens when you run an executable on your Windows machine? In this second and final part of the series, we will go through the exact flow CreateProcess carries out to launch a process on Windows.
Build your first LLVM Obfuscator
https://ift.tt/zoBuEWT
Submitted July 17, 2022 at 03:59PM by CyberMasterV
via reddit https://ift.tt/a8Ev3Hj
https://ift.tt/zoBuEWT
Submitted July 17, 2022 at 03:59PM by CyberMasterV
via reddit https://ift.tt/a8Ev3Hj
Medium
Build your first LLVM Obfuscator
Welcome to a tutorial on building your first LLVM based obfuscator. In this post we will list the advantages of using LLVM tools, briefly…
GitHub - karimhabush/cyberowl: A daily updated summary of the most frequent types of security incidents currently being reported from different sources.
https://ift.tt/dDkHIQL
Submitted July 17, 2022 at 07:32PM by karimhabush
via reddit https://ift.tt/GY1iNV7
https://ift.tt/dDkHIQL
Submitted July 17, 2022 at 07:32PM by karimhabush
via reddit https://ift.tt/GY1iNV7
GitHub
GitHub - karimhabush/cyberowl: A daily updated summary of the most frequent types of security incidents currently being reported…
A daily updated summary of the most frequent types of security incidents currently being reported from different sources. - GitHub - karimhabush/cyberowl: A daily updated summary of the most freque...
A Deep Dive Into ALPHV/BlackCat Ransomware
https://ift.tt/fiwKnVb
Submitted July 18, 2022 at 07:39PM by CyberMasterV
via reddit https://ift.tt/eIYw1dB
https://ift.tt/fiwKnVb
Submitted July 18, 2022 at 07:39PM by CyberMasterV
via reddit https://ift.tt/eIYw1dB
SecurityScorecard
A Deep Dive Into ALPHV/BlackCat Ransomware
ALPHV/BlackCat is the first widely known ransomware written in Rust. The malware must run with an access token consisting of a 32-byte value (--access-token parameter), and other parameters can be specified. Learn about its particular behaviors.
Research: Auditing WordPress Plugins (35 CVEs in 3 months)
https://ift.tt/K9Zj2ym
Submitted July 18, 2022 at 06:52PM by andersonmvd
via reddit https://ift.tt/hXg9CWc
https://ift.tt/K9Zj2ym
Submitted July 18, 2022 at 06:52PM by andersonmvd
via reddit https://ift.tt/hXg9CWc
cyllective Blog
Research: Auditing WordPress Plugins
A summarized post about security research of WordPress plugins and the explorational audit spree which followed.
unRAR CVE-2022-30333 deep dive (including full exploit for Zimbra)
https://ift.tt/Ywy1q3L
Submitted July 18, 2022 at 10:30PM by iagox86
via reddit https://ift.tt/4rWzVGy
https://ift.tt/Ywy1q3L
Submitted July 18, 2022 at 10:30PM by iagox86
via reddit https://ift.tt/4rWzVGy
AttackerKB
CVE-2022-30333 | AttackerKB
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an extract (aka unpack) operation, as demonstrated by creating a…
Disrupting Kill Chains with Just-in-Time Access Environments
https://ift.tt/PDTvYm8
Submitted July 18, 2022 at 09:54PM by mesok8
via reddit https://ift.tt/kuxc65m
https://ift.tt/PDTvYm8
Submitted July 18, 2022 at 09:54PM by mesok8
via reddit https://ift.tt/kuxc65m
Akeyless
Disrupting the Kill Chain with Just-in-Time Access | Akeyless
The classic perimeter concept evolved to focus on identities, so will our use of secrets. By virtually eliminating the long time window an attacker gets with compromised static secrets, dynamic secrets severely limit an attacker’s ability to maintain access…
/r/netsec's Q3 2022 Information Security Hiring Thread
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted July 18, 2022 at 11:21PM by ranok
via reddit https://ift.tt/Du9mpl4
OverviewIf you have open positions at your company for information security professionals and would like to hire from the /r/netsec user base, please leave a comment detailing any open job listings at your company.We would also like to encourage you to post internship positions as well. Many of our readers are currently in school or are just finishing their education.Please reserve top level comments for those posting open positions.Rules & GuidelinesInclude the company name in the post. If you want to be topsykret, go recruit elsewhere. Include the geographic location of the position along with the availability of relocation assistance or remote work.If you are a third party recruiter, you must disclose this in your posting.Please be thorough and upfront with the position details.Use of non-hr'd (realistic) requirements is encouraged.While it's fine to link to the position on your companies website, provide the important details in the comment.Mention if applicants should apply officially through HR, or directly through you.Please clearly list citizenship, visa, and security clearance requirements.You can see an example of acceptable posts by perusing past hiring threads.FeedbackFeedback and suggestions are welcome, but please don't hijack this thread (use moderator mail instead.)
Submitted July 18, 2022 at 11:21PM by ranok
via reddit https://ift.tt/Du9mpl4
new privesc on AWS (DataScientist policy)
https://ift.tt/stlRCkS
Submitted July 19, 2022 at 02:00AM by stk_
via reddit https://ift.tt/GxXfErQ
https://ift.tt/stlRCkS
Submitted July 19, 2022 at 02:00AM by stk_
via reddit https://ift.tt/GxXfErQ