курс

Learn how to write and unit test Beacon Object Files (BOFs) for use in Cobalt Strike and other C2 frameworks.

Real World CVE-2022-24834 Exploitation on an Alpine mallocng Heap

https://research.nccgroup.com/2024/06/11/pumping-iron-on-the-musl-heap-real-world-cve-2022-24834-exploitation-on-an-alpine-mallocng-heap/

Fuzzing embedded systems - Part 1, Introduction

As a result I developed a fuzzer to search for vulnerabilities in CGI binaries and a Binary Ninja plugin to search for ROP chains in MIPS binaries, as well as an exploit for one of the crashes triaged.

https://blog.sparrrgh.me/fuzzing/embedded/2024/06/05/fuzzing-embedded-systems-1.html

Adventures of Ox64 BL808 RISC-V SBC with Apache NuttX RTOS (видео)

Guide to Hardware Debug Ports (классный гайд)

Attacking Samsung Galaxy A* Boot Chain (слайды). Видео

ROPing Routers from scratch: Step-by-step Tenda Ac8v4 Mips 0day Flow-control ROP -> RCE (мощный чувак и блог)

new persistence method macOS

Когда напиздил статей с твитера и несешь в телегу

охуенная статья, жаль что сам фаззинг будет только в следующих частях, но затравка интересная. Спросил у автора когда будет вторая часть, его ответ:

I think the second part will come out in around a month. I have to fix the code of the fuzzer to make it a little more pretty and write the article :D

Поиск по исходникам малвари (платный, 8 долларов в месяц)

https://malsearch.com/

Я изучаю фазинг и как раз вышло видео с воркшопом

https://www.youtube.com/live/gTISW-5Uy6I?si=sKLw02ws2mco7rza

чтобы паралельно проходить этот воркшоп есть соответствующие материалы на гитхабе

https://github.com/20urc3/Talks/tree/main/Off-By-One

a write-up of analyzing a memory dump of a ViewState Deserialization attack

https://github.com/DebugPrivilege/InsightEngineering/tree/main/Debugging%20Case%20Studies/Debug%20Case%20Study%3A%20ViewState%20Deserialization%20Exploitation

Презентация find bugs in the linux kernel

https://github.com/sam4k/talk-slides/blob/main/so_you_wanna_find_bugs_in_the_linux_kernel.pdf

Writing a Linux scheduler in Rust that runs in user-space

https://youtu.be/HQRHo8E_4Ks

Catching Your Favorite C2 In Memory Using Stack & Thread Telemetry.

https://sabotagesec.com/gotta-catch-em-all-catching-your-favorite-c2-in-memory-using-stack-thread-telemetry/

PE-LiteScan (or PELS) is a simple heuristic analyzer for common PE-anomalies, specifically focusing on the detection of packers and protectors. Designed for Windows and Linux.

https://github.com/DosX-dev/PE-LiteScan

а через пару недель этому каналу исполнится также 5 лет 😊

pt security

https://x.com/Malwar3Ninja/status/1802354455364727068

TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution

https://arxiv.org/abs/2406.08719

This vulnerability exploits the nuances of the OAuth protocol and iOS’s handling of Custom URL Schemes and Safari browser sessions to steal OAuth Authentication Codes from vulnerable OAuth implementations, thereby allowing an attacker to gain access to a victim’s account.

https://evanconnelly.github.io/post/ios-oauth/