TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution
https://arxiv.org/abs/2406.08719
https://arxiv.org/abs/2406.08719
arXiv.org
TikTag: Breaking ARM's Memory Tagging Extension with...
ARM Memory Tagging Extension (MTE) is a new hardware feature introduced in ARMv8.5-A architecture, aiming to detect memory corruption vulnerabilities. The low overhead of MTE makes it an...
This vulnerability exploits the nuances of the OAuth protocol and iOS’s handling of Custom URL Schemes and Safari browser sessions to steal OAuth Authentication Codes from vulnerable OAuth implementations, thereby allowing an attacker to gain access to a victim’s account.
https://evanconnelly.github.io/post/ios-oauth/
https://evanconnelly.github.io/post/ios-oauth/
Evan Connelly
Mobile OAuth Attacks - iOS URL Scheme Hijacking Revamped
Summary
We (Julien Ahrens @MrTuxracer and myself @Evan_Connelly) identified nearly 30 popular apps, as well as a feature within iOS itself, vulnerable to an attack in which any installed iOS app from the Apple App Store could perform an account takeover of…
We (Julien Ahrens @MrTuxracer and myself @Evan_Connelly) identified nearly 30 popular apps, as well as a feature within iOS itself, vulnerable to an attack in which any installed iOS app from the Apple App Store could perform an account takeover of…
How to Keep Your Cool and Write Powerful Incident Response Reports
https://www.youtube.com/watch?v=fMWUDZOkRR4
https://www.youtube.com/watch?v=fMWUDZOkRR4
YouTube
How to Keep Your Cool and Write Powerful Incident Response Reports
Presenter: Lenny Zeltser, CISO, Axonius
Learn how to create stronger incident response reports that get read and drive action. We’ll cover report structure, enhancing clarity, capturing crucial technical and business details, and writing summaries decision…
Learn how to create stronger incident response reports that get read and drive action. We’ll cover report structure, enhancing clarity, capturing crucial technical and business details, and writing summaries decision…
"Becoming a Vulnerability Researcher roadmap: my personal experience"
https://gist.github.com/tin-z/a469e996f8107a5ca8d3c858a2a4b65f
https://gist.github.com/tin-z/a469e996f8107a5ca8d3c858a2a4b65f
Gist
Becoming a Vulnerability Researcher roadmap: my personal experience
Becoming a Vulnerability Researcher roadmap: my personal experience - VR_roadmap.md
Про обфускацию Control Flow Flattening
https://nerodesu017.github.io/posts/2023-12-01-antibots-part-8
https://nerodesu017.github.io/posts/2023-12-01-antibots-part-8
Nerodesu017
ANTIBOTS - PART VIII - Geetest - CFF
In-Depth Control-Flow-Flattening Analysis
Только что вышла книга Windows Native API Programming от крутого автора Pavel Yosifovich!
Я ее купил для вас и выложил бесплатно. Качайте!
EPUB
PDF
Я ее купил для вас и выложил бесплатно. Качайте!
EPUB
Свежак! Каждый найдет для себя что-то интересное
Collection of Golang projects designed specifically for red teamers
x86 Real-Mode MS-DOS Emulator using Windows Hypervisor Platform
How a Clever 1960s Memory Trick Changed Computing (видео)
Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
Fuzzer Development 4: Snapshots, Code-Coverage, and Fuzzing
My iOS Web Hacking Setup - Surge, Termius, and Caido
LLM for automated hacking (набор ссылок)
Exploiting Trend Micro EDR
ChatGPT's Advanced Data Analysis and Code Execution - Experiments
Офигеная статья по внутренностям китайского иб
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation
How To Use Dumpulator For Malware Analysis
Writing an IR (intermidiate representation) from Scratch ( Android analysis tool)
Obfuscate the payload while simultaneously lowering its entropy
Incremental Symbolic Execution for the Clang Static Analyzer (видео) (слайды)
Collection of Golang projects designed specifically for red teamers
x86 Real-Mode MS-DOS Emulator using Windows Hypervisor Platform
How a Clever 1960s Memory Trick Changed Computing (видео)
Provides automated reverse engineering assistance through the use of local large language models (LLMs) on consumer hardware.
Fuzzer Development 4: Snapshots, Code-Coverage, and Fuzzing
My iOS Web Hacking Setup - Surge, Termius, and Caido
LLM for automated hacking (набор ссылок)
Exploiting Trend Micro EDR
ChatGPT's Advanced Data Analysis and Code Execution - Experiments
Офигеная статья по внутренностям китайского иб
Take a Step Further: Understanding Page Spray in Linux Kernel Exploitation
How To Use Dumpulator For Malware Analysis
Writing an IR (intermidiate representation) from Scratch ( Android analysis tool)
Obfuscate the payload while simultaneously lowering its entropy
Incremental Symbolic Execution for the Clang Static Analyzer (видео) (слайды)
Обновленная статья от известного в узких кругах DebugPrivilege про исследование crash dump
GitHub
InsightEngineering/Debugging 101/Section 9: Triaging a Crash Dump at main · DebugPrivilege/InsightEngineering
Hardcore Debugging. Contribute to DebugPrivilege/InsightEngineering development by creating an account on GitHub.
Сокрытие пейлода в памяти gpu, для антиав
https://raw.githubusercontent.com/vxunderground/VXUG-Papers/main/GpuMemoryAbuse.cpp
https://raw.githubusercontent.com/vxunderground/VXUG-Papers/main/GpuMemoryAbuse.cpp
Exploiting Steam
https://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/
https://www.darknavy.org/blog/exploiting_steam_usual_and_unusual_ways_in_the_cef_framework/
DARKNAVY
Exploiting Steam: Usual and Unusual Ways in the CEF Framework
Introduction
The Chromium Embedded Framework (CEF) is an open-source framework that allows developers to embed the Chromium engine in their applications. Although CEF is widely employed in a range of popular software, including WeChat and the Epic Games Launcher…
The Chromium Embedded Framework (CEF) is an open-source framework that allows developers to embed the Chromium engine in their applications. Although CEF is widely employed in a range of popular software, including WeChat and the Epic Games Launcher…
(dis)assembly framework. It supports all LLVM 15 architectures, with C++, Rust, and Python bindings.
блог
гитхаб
блог
гитхаб
Emproof
Introducing Nyxstone: An LLVM-based (Dis)assembly Framework - Emproof
At Emproof, our mission is to enhance the security and integrity of embedded systems through innovative binary rewriting techniques. We are committed to providing advanced […]
Order of Six Angles
By combining Frida with an enhanced version of Tenet, Frinet facilitates the study of large programs, vulnerability research and root-cause analysis on iOS, Android, Windows and most architectures. https://www.synacktiv.com/publications/frinet-reverse-engineering…
Интересный плагин, но пока чето не могу подобрать под него кейс 😐
Forwarded from RME-DisCo @ UNIZAR [www.reversea.me]
Breaking Custom Encryption Using Frida (Mobile Application Pentesting) #CustomEncryption #Frida #MobileApp #PenTesting #ApplicationSecurity https://labs.cognisys.group/posts/Breaking-Custom-Ecryption-Using-Frida-Mobile-Application-pentesting/
Cognisys Group Labs
Breaking Custom Encryption Using Frida (Mobile Application Pentesting)
Overview