C# dll injection tutorial
http://ift.tt/2f0Pg2O
Submitted September 06, 2017 at 03:14AM by _____WINTERMUTE_____
via reddit http://ift.tt/2gKKqKK
http://ift.tt/2f0Pg2O
Submitted September 06, 2017 at 03:14AM by _____WINTERMUTE_____
via reddit http://ift.tt/2gKKqKK
coding.vision
C# Inject a Dll into a Process (w/ CreateRemoteThread) | coding.vision
Since I’ve been asked if this is possible - well…you can do Dll Injection using C# but the injected Dll must be written in a language that doesn’t depend on a CLR (C/C++ would be a good option here, but...
Graftor - But I Never Asked for This…
http://ift.tt/2wEidsQ
Submitted September 06, 2017 at 02:17AM by majorllama
via reddit http://ift.tt/2vJfCR2
http://ift.tt/2wEidsQ
Submitted September 06, 2017 at 02:17AM by majorllama
via reddit http://ift.tt/2vJfCR2
Talosintelligence
Graftor - But I Never Asked for This…
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Flattened Version of MITRE ATT&CK Matrix
http://ift.tt/2w4P5ce
Submitted September 06, 2017 at 05:58AM by huntoperator
via reddit http://ift.tt/2vKbuR1
http://ift.tt/2w4P5ce
Submitted September 06, 2017 at 05:58AM by huntoperator
via reddit http://ift.tt/2vKbuR1
Flattened MITRE ATT&CK Matrix
http://ift.tt/2gKNSVP
Submitted September 06, 2017 at 06:26AM by huntoperator
via reddit http://ift.tt/2xMzXT9
http://ift.tt/2gKNSVP
Submitted September 06, 2017 at 06:26AM by huntoperator
via reddit http://ift.tt/2xMzXT9
Austin Taylor
Flattened MITRE ATT&CK Matrix
MITRE ATT&CK Matrix flattened and mapped by category to threat actor groups and software examples of each attack.
A look at the Boeing 787's web based In Flight Entertainment System
http://ift.tt/2eJUtPq
Submitted September 06, 2017 at 10:39AM by x8BitRain
via reddit http://ift.tt/2gKbDgo
http://ift.tt/2eJUtPq
Submitted September 06, 2017 at 10:39AM by x8BitRain
via reddit http://ift.tt/2gKbDgo
Struts 2.5.x RCE Proof of Concept
http://ift.tt/2x9Pnnf
Submitted September 06, 2017 at 12:26PM by stbernardy
via reddit http://ift.tt/2vKGmk8
http://ift.tt/2x9Pnnf
Submitted September 06, 2017 at 12:26PM by stbernardy
via reddit http://ift.tt/2vKGmk8
GitHub
Add Apache Struts 2 REST Plugin XStream RCE by wvu-r7 · Pull Request #8924 · rapid7/metasploit-framework
WIP
Linux
Windows
CmdStager
ARCH_CMD
check
Linux
Windows
CmdStager
ARCH_CMD
check
A security analyst’s guide to NSAppTransportSecurity on Apple iOS
http://ift.tt/2eJPvSV
Submitted September 06, 2017 at 12:06PM by 0xdea
via reddit http://ift.tt/2wEYXNH
http://ift.tt/2eJPvSV
Submitted September 06, 2017 at 12:06PM by 0xdea
via reddit http://ift.tt/2wEYXNH
Nowsecure
Guide to iOS App Transport Security (ATS) | NowSecure
I’ve recently noticed a spike in questions from our customers -- and specifically security analysts -- about App Transport Security (ATS), or
Phishy Basic Authentication prompts
http://ift.tt/2j3gn1F
Submitted September 06, 2017 at 07:53PM by Matasareanu13
via reddit http://ift.tt/2wGisFk
http://ift.tt/2j3gn1F
Submitted September 06, 2017 at 07:53PM by Matasareanu13
via reddit http://ift.tt/2wGisFk
Security Café
Phishy Basic Authentication prompts
In one of our previous posts, we noted that a popular tool – Responder – uses Basic Authentication prompts to harvest user credentials when they accidentally enter invalid domains in we…
All the Pretty Pwnies
http://ift.tt/2eGT2xG
Submitted September 07, 2017 at 12:12AM by tedcarstensen
via reddit http://ift.tt/2gMJUvR
http://ift.tt/2eGT2xG
Submitted September 07, 2017 at 12:12AM by tedcarstensen
via reddit http://ift.tt/2gMJUvR
LaunchDarkly
All the Pretty Ponies
August is always full of security awareness in the wake of DefCon, BlackHat USA and t...
Evading CloudFlare: Bypass Cloud Security Protections with CFire
http://ift.tt/2gHN00l
Submitted September 07, 2017 at 01:06AM by cslakin
via reddit http://ift.tt/2j24vNa
http://ift.tt/2gHN00l
Submitted September 07, 2017 at 01:06AM by cslakin
via reddit http://ift.tt/2j24vNa
Rhino Security Labs
Cloudflare: Evading Cloud Security Protections | Rhino Security Labs
CloudFlare can be subverted, exposing the real IP addresses of cloud targets. You can use CFire to identify misconfigurations in your cloud architecture.
Vulnerability Spotlight: Content Security Policy bypass in Microsoft Edge, Google Chrome and Apple Safari
http://ift.tt/2wGmSvY
Submitted September 07, 2017 at 02:14AM by majorllama
via reddit http://ift.tt/2f3KgKD
http://ift.tt/2wGmSvY
Submitted September 07, 2017 at 02:14AM by majorllama
via reddit http://ift.tt/2f3KgKD
Talosintelligence
Vulnerability Spotlight: Content Security Policy bypass in Microsoft Edge, Google Chrome and Apple Safari
A blog from the world class Intelligence Group, Talos, Cisco's Intelligence Group
Uber Bug Bounty: Gaining Access To An Internal Chat System
http://ift.tt/2vN3JtE
Submitted September 07, 2017 at 02:09AM by mishre
via reddit http://ift.tt/2f4XQO4
http://ift.tt/2vN3JtE
Submitted September 07, 2017 at 02:09AM by mishre
via reddit http://ift.tt/2f4XQO4
(ISC)² Announces Showcased Honorees and Community Service Star Award for 11th Annual ISLA Recognition Program
http://ift.tt/2w8NG4J
Submitted September 07, 2017 at 05:39AM by bloon_hack
via reddit http://ift.tt/2vNc9RH
http://ift.tt/2w8NG4J
Submitted September 07, 2017 at 05:39AM by bloon_hack
via reddit http://ift.tt/2vNc9RH
New Microsoft Kernel Bug Could Permit Malicious Modules
http://ift.tt/2vJcxAQ
Submitted September 07, 2017 at 06:27AM by majorllama
via reddit http://ift.tt/2vNhh8q
http://ift.tt/2vJcxAQ
Submitted September 07, 2017 at 06:27AM by majorllama
via reddit http://ift.tt/2vNhh8q
Hunting Pastebin with YaraRules
http://ift.tt/2iXfbwR
Submitted September 07, 2017 at 12:55PM by kev-thehermit
via reddit http://ift.tt/2wINTih
http://ift.tt/2iXfbwR
Submitted September 07, 2017 at 12:55PM by kev-thehermit
via reddit http://ift.tt/2wINTih
TechAnarchy
Hunting Pastebin with PasteHunter
From a security analytics and Threat Intelligence perspective pastebin is a treasure trove of information. All content that is uploaded to pastebin and not explicitly set to private (which requires an account) is listed and can be viewed by anyone. tl;dr…
Intro. to Windows Kernel Driver Exploitation - Setup
http://ift.tt/2xcMEcW
Submitted September 07, 2017 at 04:45PM by Glenny5
via reddit http://ift.tt/2f79VT0
http://ift.tt/2xcMEcW
Submitted September 07, 2017 at 04:45PM by Glenny5
via reddit http://ift.tt/2f79VT0
glem
Introduction to Windows Kernel Driver Exploitation (Pt. 1)
This is the first part of a series of posts I am going to do about Windows kernel exploitation, via vulnerable drivers. The project I will be using for the exploit is HackSys Extreme Vulnerable Driver, which is a really cool little vulnerable windows driver…
RHME3 Quals - Exploitation Solution
http://ift.tt/2vOxIS3
Submitted September 07, 2017 at 05:58PM by Glenny5
via reddit http://ift.tt/2j6YvTp
http://ift.tt/2vOxIS3
Submitted September 07, 2017 at 05:58PM by Glenny5
via reddit http://ift.tt/2j6YvTp
glem
RHME3 Quals - Exploitation
This was a fun challenge, a lot of mistakes were made and a lot of things were learnt! Shout out to 0x4a47 my team mate for the RHME3 CTF aswell. As a good exploit challenge starts, we begin by running file on the binary to see what we learn about
Reliable sleep-based detection payload for the new Struts REST vulnerability (CVE-2017-9805)
http://ift.tt/2wL4dOa
Submitted September 07, 2017 at 06:46PM by 0xdea
via reddit http://ift.tt/2xdguOm
http://ift.tt/2wL4dOa
Submitted September 07, 2017 at 06:46PM by 0xdea
via reddit http://ift.tt/2xdguOm
Expired domain names and malvertising - Malwarebytes Labs
http://ift.tt/2j0nXKa
Submitted September 07, 2017 at 06:19PM by majorllama
via reddit http://ift.tt/2eJnPK8
http://ift.tt/2j0nXKa
Submitted September 07, 2017 at 06:19PM by majorllama
via reddit http://ift.tt/2eJnPK8
Malwarebytes Labs
Expired domain names and malvertising - Malwarebytes Labs
A look at how expired domain names can be turned into a lucrative malicious traffic redirection tool.
TrickBot Banking Trojan Dropper Analysis
http://ift.tt/2j60g3k
Submitted September 07, 2017 at 07:27PM by majorllama
via reddit http://ift.tt/2wKkq7J
http://ift.tt/2j60g3k
Submitted September 07, 2017 at 07:27PM by majorllama
via reddit http://ift.tt/2wKkq7J
Ringzerolabs
TrickBot Banking Trojan - DOC00039217.doc
Malware Analysis - VBA noscripts used to download TrickBot banking trojan
Chaos Computer Club finds fundamental security problems in "PC-Wahl'-software which is used for general elections
http://ift.tt/2xQfzk3
Submitted September 07, 2017 at 08:44PM by Skaarj
via reddit http://ift.tt/2xe0ewo
http://ift.tt/2xQfzk3
Submitted September 07, 2017 at 08:44PM by Skaarj
via reddit http://ift.tt/2xe0ewo
reddit
Chaos Computer Club finds fundamental security problems... • r/netsec
9 points and 0 comments so far on reddit