Malware Analysis - ElmersGlue ransomware can be unlocked without paying
http://ift.tt/2tUF8lF
Submitted August 11, 2017 at 06:30PM by majorllama
via reddit http://ift.tt/2uMOxHA
http://ift.tt/2tUF8lF
Submitted August 11, 2017 at 06:30PM by majorllama
via reddit http://ift.tt/2uMOxHA
Ringzerolabs
ElmersGlue_3.exe
Malware Analysis - ElmersGlue ransomware
When a web application SSRF causes the cloud to rain credentials & more
http://ift.tt/2hJQDXB
Submitted August 11, 2017 at 06:28PM by digicat
via reddit http://ift.tt/2uv7B1D
http://ift.tt/2hJQDXB
Submitted August 11, 2017 at 06:28PM by digicat
via reddit http://ift.tt/2uv7B1D
Negative Result: Reading Kernel Memory From User Mode
http://ift.tt/2w8jx5W
Submitted August 11, 2017 at 07:49PM by This_Is_The_End
via reddit http://ift.tt/2vWJQ2a
http://ift.tt/2w8jx5W
Submitted August 11, 2017 at 07:49PM by This_Is_The_End
via reddit http://ift.tt/2vWJQ2a
cyber.wtf
Negative Result: Reading Kernel Memory From User Mode
I were going to write an introduction about how important negative results can be. I didn’t. I assume you can figure out for yourself why that is and if not you got all the more reason to read this…
Week of Evading Microsoft ATA - Day 5 - Attacking ATA, Closing thoughts and Microsoft's response
http://ift.tt/2uNFiqw
Submitted August 11, 2017 at 09:33PM by SamratAsh0k
via reddit http://ift.tt/2vM0IZv
http://ift.tt/2uNFiqw
Submitted August 11, 2017 at 09:33PM by SamratAsh0k
via reddit http://ift.tt/2vM0IZv
Labofapenetrationtester
Week of Evading Microsoft ATA - Day 5 - Attacking ATA, Closing thoughts and Microsoft's response
Home of Nikhil SamratAshok Mittal. Posts about Pen Testing.
How to backdoor Atom with malicious plugins
http://ift.tt/2vt4B39
Submitted August 11, 2017 at 07:28PM by marcoslaviero
via reddit http://ift.tt/2vqg5WM
http://ift.tt/2vt4B39
Submitted August 11, 2017 at 07:28PM by marcoslaviero
via reddit http://ift.tt/2vqg5WM
Thinkst
All your devs are belong to us: how to backdoor the Atom editor
This is the first post in a series highlighting bits from our recent BlackHat USA 2017 talk. An index of all the posts in the series is h...
Getting updates when CVE's are added or removed from Docker images
http://ift.tt/2wQbhrG
Submitted August 12, 2017 at 12:40AM by Kailuaboys
via reddit http://ift.tt/2wQms3u
http://ift.tt/2wQbhrG
Submitted August 12, 2017 at 12:40AM by Kailuaboys
via reddit http://ift.tt/2wQms3u
Anchore
The Case of the Missing Vulnerability
SQL Injection CTF with a difference
http://ift.tt/2fAHP5G
Submitted August 12, 2017 at 05:47PM by netsecwarrior
via reddit http://ift.tt/2wRStYZ
http://ift.tt/2fAHP5G
Submitted August 12, 2017 at 05:47PM by netsecwarrior
via reddit http://ift.tt/2wRStYZ
Reverse Engineering Malware - Edition 2
http://ift.tt/2uPIAcO
Submitted August 13, 2017 at 04:42AM by huntoperator
via reddit http://ift.tt/2fBshOU
http://ift.tt/2uPIAcO
Submitted August 13, 2017 at 04:42AM by huntoperator
via reddit http://ift.tt/2fBshOU
reddit
Reverse Engineering Malware - Edition 2 • r/netsec
2 points and 0 comments so far on reddit
Malware Analysis - Phishing Site Leads To Unusual AES Encrypted Design
http://ift.tt/2vRRJWX
Submitted August 13, 2017 at 08:13PM by majorllama
via reddit http://ift.tt/2wUMLFH
http://ift.tt/2vRRJWX
Submitted August 13, 2017 at 08:13PM by majorllama
via reddit http://ift.tt/2wUMLFH
Ringzerolabs
AES Encrypted Phishing Site
Malware Analysis - AES Encrypted Phishing Site
Reverse Engineering Malware 101
http://ift.tt/2npzRvO
Submitted August 13, 2017 at 09:53PM by huntoperator
via reddit http://ift.tt/2w12aYC
http://ift.tt/2npzRvO
Submitted August 13, 2017 at 09:53PM by huntoperator
via reddit http://ift.tt/2w12aYC
Interesting article on the dnc "hack"
http://ift.tt/2hIWSdY
Submitted August 14, 2017 at 01:08AM by pokesomi
via reddit http://ift.tt/2w3Sdsz
http://ift.tt/2hIWSdY
Submitted August 14, 2017 at 01:08AM by pokesomi
via reddit http://ift.tt/2w3Sdsz
The Nation
A New Report Raises Big Questions About Last Year’s DNC Hack
Former NSA experts say it wasn’t a hack at all, but a leak—an inside job by someone with access to the DNC’s system.
Bypassing Device guard UMCI in Windows 10 using CHM - CVE-2017-8625
http://ift.tt/2hXjKqs
Submitted August 14, 2017 at 03:12AM by oddvarmoe
via reddit http://ift.tt/2wVa2Yd
http://ift.tt/2hXjKqs
Submitted August 14, 2017 at 03:12AM by oddvarmoe
via reddit http://ift.tt/2wVa2Yd
MSitPros Blog
Bypassing Device guard UMCI using CHM – CVE-2017-8625
TL;DR You could/can bypass Device Guard user mode code integrity with a custom CHM and execute code. The last 6 months I have done some security research on my (little) spare time, because I…
Powershell noscript to forward local or remote tcp ports through smb pipes
http://ift.tt/2v4BXFh
Submitted August 14, 2017 at 08:39AM by p3nt4
via reddit http://ift.tt/2uF8Xmy
http://ift.tt/2v4BXFh
Submitted August 14, 2017 at 08:39AM by p3nt4
via reddit http://ift.tt/2uF8Xmy
GitHub
p3nt4/Piper
Piper - Creates a local or remote port forwarding through named pipes.
Breaking Instacart
http://ift.tt/2wWtDXT
Submitted August 14, 2017 at 12:32PM by lazykid07
via reddit http://ift.tt/2uB6nC2
http://ift.tt/2wWtDXT
Submitted August 14, 2017 at 12:32PM by lazykid07
via reddit http://ift.tt/2uB6nC2
what I'm breaking...
Breaking Instacart
Instacart is an American company that operates as a same-day grocery delivery service. Customers select groceries through a web application from various retailers and delivered by a personal shoppe…
The plugin dumps the array of functions pointers SrvTransaction2DispatchTable from the srv.sys driver and checks that all of them points to the binary address space.
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:17PM by bmerino
via reddit http://ift.tt/2wJkdj5
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:17PM by bmerino
via reddit http://ift.tt/2wJkdj5
Shelliscoming
DoublePulsar SMB implant detection from Volatility
In the last months there have been various groups of attackers as well as noscript kiddies that have been using the FuzzBunch Framework to co...
DoublePulsar SMB implant detection from Volatility
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:24PM by bmerino
via reddit http://ift.tt/2vUsW4s
http://ift.tt/2vBb3oN
Submitted August 14, 2017 at 06:24PM by bmerino
via reddit http://ift.tt/2vUsW4s
Shelliscoming
DoublePulsar SMB implant detection from Volatility
In the last months there have been various groups of attackers as well as noscript kiddies that have been using the FuzzBunch Framework to co...
Tutorial A2 Introduction to Glitch Attacks (including Glitch Explorer)
http://ift.tt/2uURHcp
Submitted August 14, 2017 at 06:21PM by maxxori
via reddit http://ift.tt/2vCfbF4
http://ift.tt/2uURHcp
Submitted August 14, 2017 at 06:21PM by maxxori
via reddit http://ift.tt/2vCfbF4
Splunk Spotlight - Alerting From Logs
http://ift.tt/2uCpP1e
Submitted August 14, 2017 at 07:08PM by MattHodge
via reddit http://ift.tt/2wWMzG2
http://ift.tt/2uCpP1e
Submitted August 14, 2017 at 07:08PM by MattHodge
via reddit http://ift.tt/2wWMzG2
hodgkins.io
Splunk Spotlight - Alerts
We take a close look at alerting in Splunk, including sending nice Slack notifications.
Checking for Breached Password Requests in Active Directory
http://ift.tt/2w3uDNI
Submitted August 14, 2017 at 08:25PM by General_Menace
via reddit http://ift.tt/2w3oi4H
http://ift.tt/2w3uDNI
Submitted August 14, 2017 at 08:25PM by General_Menace
via reddit http://ift.tt/2w3oi4H
dcrawl - Smart, multi-threaded web crawler for scraping huge lists of unique domain names (GO)
http://ift.tt/2uV0Kdp
Submitted August 14, 2017 at 09:33PM by kgretzky
via reddit http://ift.tt/2uHtKpo
http://ift.tt/2uV0Kdp
Submitted August 14, 2017 at 09:33PM by kgretzky
via reddit http://ift.tt/2uHtKpo
GitHub
kgretzky/dcrawl
dcrawl - Simple, but smart, multi-threaded web crawler for randomly gathering huge lists of unique domain names.
Turning LFI into RFI on *nix systems
http://ift.tt/2uI4GyS
Submitted August 15, 2017 at 01:18AM by but_im_made_of_lava
via reddit http://ift.tt/2w7kWgp
http://ift.tt/2uI4GyS
Submitted August 15, 2017 at 01:18AM by but_im_made_of_lava
via reddit http://ift.tt/2w7kWgp
l.avala.mp's place
Turning LFI into RFI
Have you ever been testing a web application for vulnerabilities, found a local file include (LFI) that could pay serious dividends if you had the right file on the web server, but couldn’t f…