Compiler-assisted Code Randomization – Kevin's Attic for Security Research
https://ift.tt/2u3cETX
Submitted July 04, 2018 at 04:15PM by mttd
via reddit https://ift.tt/2MO86bP
https://ift.tt/2u3cETX
Submitted July 04, 2018 at 04:15PM by mttd
via reddit https://ift.tt/2MO86bP
Kevin's Attic for Security Research
Compiler-assisted Code Randomization
I. MotivationII. Compiler-assisted Code Randomization (CCR) OverviewIII. Identifying Essential Information for RandomizationIV. Obtaining Metadata from the LLVM BackendV. Metadata Definition with G…
Top hackers' softwares you gotta get familiar with.
https://ift.tt/2lIFViV
Submitted July 04, 2018 at 07:27PM by HouseJustice
via reddit https://ift.tt/2ISuYEx
https://ift.tt/2lIFViV
Submitted July 04, 2018 at 07:27PM by HouseJustice
via reddit https://ift.tt/2ISuYEx
Spyhood
7 top Hacker tools and software
The top hacker tools and software gadgets for 2018...The keyllama hacking tool is the best undetectable softw..
All ways lead to Rome ! Remote Code Execution on MicroFocus Secure Messaging Gateway
https://ift.tt/2K9rKkW
Submitted July 04, 2018 at 10:26PM by wtfse
via reddit https://ift.tt/2IRhbOT
https://ift.tt/2K9rKkW
Submitted July 04, 2018 at 10:26PM by wtfse
via reddit https://ift.tt/2IRhbOT
Pentest Blog
Unexpected Journey #6 – All ways lead to Rome ! Remote Code Execution on MicroFocus Secure Messaging Gateway
It has been a quite while since I haven’t released a new part of unexpected journey article serie. Particularly this small 0-day research project has been certainly didactic to me. Thus, I’ve decided to write down the process of achieving remote code execution…
Profiling China based employees or organizations with a China presence
https://ift.tt/2Ky4a2e
Submitted July 05, 2018 at 04:41PM by vysec
via reddit https://ift.tt/2NmP6lX
https://ift.tt/2Ky4a2e
Submitted July 05, 2018 at 04:41PM by vysec
via reddit https://ift.tt/2NmP6lX
Vincent Yiu
MaiInt - Profiling China based Employees
Introduction MaiInt is a tool to perform OSINT, gather employee names and predict e-mail addresses for China based companies. The output is in HTML and CSV format. The Challenge The primary issue we’re trying to solve is that there are no good tools to enumerate…
How We Discovered a Virus Infecting Tens of Thousands of Fortnite Players
https://ift.tt/2ILYw6L
Submitted July 05, 2018 at 06:59PM by Bonfeu
via reddit https://ift.tt/2z9BqYw
https://ift.tt/2ILYw6L
Submitted July 05, 2018 at 06:59PM by Bonfeu
via reddit https://ift.tt/2z9BqYw
Rainway
How We Discovered a Virus Infecting Tens of Thousands of Fortnite Players | Rainway
Fortnite is the most popular game right now; it’s a genuine cultural phenomenon that is sweeping the world. Sadly, where there is a popular channel there will always be malicious actors. Today we want to diverge from our usual tech and vision blogs and share…
The $12,000 Intersection between Clickjacking and XSS
https://ift.tt/2Nn9vax
Submitted July 05, 2018 at 06:37PM by albinowax
via reddit https://ift.tt/2KSbFx5
https://ift.tt/2Nn9vax
Submitted July 05, 2018 at 06:37PM by albinowax
via reddit https://ift.tt/2KSbFx5
reddit
r/netsec - The $12,000 Intersection between Clickjacking and XSS
1 votes and 0 so far on reddit
Frida Engage | Part Three | You Down With XPC?
https://ift.tt/2Gk76tg
Submitted July 06, 2018 at 12:16AM by marketingversprite
via reddit https://ift.tt/2u7AZIo
https://ift.tt/2Gk76tg
Submitted July 06, 2018 at 12:16AM by marketingversprite
via reddit https://ift.tt/2u7AZIo
VerSprite | Integrated Security Services and Consulting
Frida Engage Part Three: You Down With XPC? | VerSprite
In the final installment of the Frida Engage blog series, we will demonstrate how to use Frida for hooking and inspecting Apple's NSXPC API using the CleanMyMac 3 application as our guinea pig.
Using the Aorus Gaming Box 1080 eGPU for Password Cracking & Security
https://ift.tt/2KDVzLy
Submitted July 06, 2018 at 12:53PM by vysec
via reddit https://ift.tt/2lYIEoQ
https://ift.tt/2KDVzLy
Submitted July 06, 2018 at 12:53PM by vysec
via reddit https://ift.tt/2lYIEoQ
Vincent Yiu
Aorus Gaming Box for Password Cracking
Introduction The Aorus Gaming box is an external GPU (eGPU) that is light-weight and you can carry it around with you on different penetration tests. Let's take for example you might have a client who does not want you to take any data off-site (for obvious…
Hackability Inspector
https://ift.tt/2MUWS5n
Submitted July 06, 2018 at 07:33PM by albinowax
via reddit https://ift.tt/2MUhL0E
https://ift.tt/2MUWS5n
Submitted July 06, 2018 at 07:33PM by albinowax
via reddit https://ift.tt/2MUhL0E
Web Security Blog | PortSwigger
Hackability inspector
The Hackability inspector enables you to quick enumerate objects and discover interesting functions to exploit.
Apfell - A macOS red teaming framework
https://ift.tt/2lZtwHw
Submitted July 06, 2018 at 08:31PM by NeatIce
via reddit https://ift.tt/2u9OUxG
https://ift.tt/2lZtwHw
Submitted July 06, 2018 at 08:31PM by NeatIce
via reddit https://ift.tt/2u9OUxG
GitHub
GitHub - its-a-feature/Mythic: A collaborative, multi-platform, red teaming framework
A collaborative, multi-platform, red teaming framework - GitHub - its-a-feature/Mythic: A collaborative, multi-platform, red teaming framework
Airties AIR5444TT - Cross-Site Scripting Vulnerability
https://ift.tt/2NvzQDl
Submitted July 06, 2018 at 10:22PM by rdincel1
via reddit https://ift.tt/2u7VUer
https://ift.tt/2NvzQDl
Submitted July 06, 2018 at 10:22PM by rdincel1
via reddit https://ift.tt/2u7VUer
reddit
r/netsec - Airties AIR5444TT - Cross-Site Scripting Vulnerability
1 votes and 0 so far on reddit
Why Did I Open a Malware Research Channel
https://ift.tt/2u1OpX5
Submitted July 07, 2018 at 01:45AM by GelosSnake
via reddit https://ift.tt/2zdgM9P
https://ift.tt/2u1OpX5
Submitted July 07, 2018 at 01:45AM by GelosSnake
via reddit https://ift.tt/2zdgM9P
@GelosSnake
Why Did I Open a Malware Research Channel
One day I was sitting, looking at my screen trying to solve a problem. I was stuck and I knew I was not the only one who had this problem. As a malware researcher what were my options to seek help? Twitter? I felt like it was too public, and
Five Easy Steps To Bypass Analysis of Mails in Antivirus by Manipulating MIME
https://ift.tt/2J0Vv2y
Submitted July 07, 2018 at 01:32AM by maulwuff
via reddit https://ift.tt/2KP01q2
https://ift.tt/2J0Vv2y
Submitted July 07, 2018 at 01:32AM by maulwuff
via reddit https://ift.tt/2KP01q2
reddit
r/netsec - Five Easy Steps To Bypass Analysis of Mails in Antivirus by Manipulating MIME
3 votes and 0 so far on reddit
HTTPView - In-browser Web Application Security Testing Tool (client-side only)
https://ift.tt/2B9QyAz
Submitted July 07, 2018 at 03:01AM by _pdp_
via reddit https://ift.tt/2KUOgLw
https://ift.tt/2B9QyAz
Submitted July 07, 2018 at 03:01AM by _pdp_
via reddit https://ift.tt/2KUOgLw
enumerid - Enumerating valid ranges after initial compromise
https://ift.tt/2KYzvHp
Submitted July 07, 2018 at 12:35AM by krieger_0x00
via reddit https://ift.tt/2KRdDkr
https://ift.tt/2KYzvHp
Submitted July 07, 2018 at 12:35AM by krieger_0x00
via reddit https://ift.tt/2KRdDkr
Gitea RCE via fake JWT, race condition and git hooks chain
https://ift.tt/2KMLlHS
Submitted July 07, 2018 at 01:58PM by kszurek
via reddit https://ift.tt/2u2MZeX
https://ift.tt/2KMLlHS
Submitted July 07, 2018 at 01:58PM by kszurek
via reddit https://ift.tt/2u2MZeX
Msfenum: automation of MSF auxiliary modules
https://ift.tt/2ud26lc
Submitted July 07, 2018 at 02:46PM by rikvduijn
via reddit https://ift.tt/2zhoWOj
https://ift.tt/2ud26lc
Submitted July 07, 2018 at 02:46PM by rikvduijn
via reddit https://ift.tt/2zhoWOj
reddit
r/netsec - Msfenum: automation of MSF auxiliary modules
14 votes and 0 comments so far on Reddit
Tool for exploiting unauthenticated RCE over T3 protocol on Weblogic servers (i.e. version 12.2.1.1, 12.1.3.0), CVE-2017-3248
https://ift.tt/2u4FmEI
Submitted July 07, 2018 at 06:54PM by HeadProfessional
via reddit https://ift.tt/2u9u2Xe
https://ift.tt/2u4FmEI
Submitted July 07, 2018 at 06:54PM by HeadProfessional
via reddit https://ift.tt/2u9u2Xe
GitHub
quentinhardy/noscriptsAndExploits
noscriptsAndExploits - Some noscripts and exploits
How to search for Open Amazon s3 Buckets and their contents - New free online tool
https://ift.tt/2MSIVVw
Submitted July 08, 2018 at 12:05AM by grayhatwarfare
via reddit https://ift.tt/2J3cmlk
https://ift.tt/2MSIVVw
Submitted July 08, 2018 at 12:05AM by grayhatwarfare
via reddit https://ift.tt/2J3cmlk
Medium
How to search for Open Amazon s3 Buckets and their contents — https://buckets.grayhatwarfare.com
Intro
Hacking With AWS Lambda
https://ift.tt/2ucL8U5
Submitted July 08, 2018 at 01:54AM by lmaohtp
via reddit https://ift.tt/2lZX1ZS
https://ift.tt/2ucL8U5
Submitted July 08, 2018 at 01:54AM by lmaohtp
via reddit https://ift.tt/2lZX1ZS
Hacking a game to learn FRIDA basics
https://ift.tt/2udNp19
Submitted July 08, 2018 at 02:21AM by gid0rah
via reddit https://ift.tt/2ziLZrZ
https://ift.tt/2udNp19
Submitted July 08, 2018 at 02:21AM by gid0rah
via reddit https://ift.tt/2ziLZrZ
x-c3ll.github.io
Hacking a game to learn FRIDA basics (Pwn Adventure 3) ::
DoomsDay Vault
DoomsDay Vault
Learn the basic usage of Frida with this tutorial. Build your own cheat with Frida.