vmlinux-to-elf: A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) https://github.com/marin-m/vmlinux-to-elf
GitHub
GitHub - marin-m/vmlinux-to-elf: A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol…
A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms) - marin-m/vmlinux-to-elf
Protobuf Magic: extension for Burp Suite designed to intuitively handle Protobuf (Protocol Buffers) messages, even in the absence of complete .proto definitions https://github.com/DeiteriyLab/protobuf-magic
GitHub
GitHub - DeiteriyLab/protobuf-magic
Contribute to DeiteriyLab/protobuf-magic development by creating an account on GitHub.
Exploiting Zenbleed from Chrome https://vu.ls/blog/exploiting-zenbleed-from-chrome/
👌1
Lazarus Group Targeting Defense Experts with Fake Interviews via Trojanized VNC Apps https://thehackernews.com/2023/10/lazarus-group-targeting-defense-experts.html
Hackers Exploit QR Codes with QRLJacking for Malware Distribution https://www.hackread.com/hackers-exploit-qr-codes-qrljacking-malware/
Hackread
Hackers Exploit QR Codes with QRLJacking for Malware Distribution
Follow us on Twitter @Hackread - Facebook @ /Hackread.
Lord Of The Ring0 - Part 1 | Introduction https://idov31.github.io/2022/07/14/lord-of-the-ring0-p1.html
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs https://www.horizon3.ai/vmware-aria-operations-for-logs-cve-2023-34051-technical-deep-dive-and-iocs/
Horizon3.ai
VMware Aria Operations for Logs CVE-2023-34051 Technical Deep Dive and IOCs
Technical deep-dive, indicators of compromise, and exploit POC for CVE-2023-34051 which affects VMware vRealize Log Insight RCE as reported in VMSA-2023-0021. This vulnerability leads to remote code execution and full system compromise.
Lord Of The Ring0 - Part 2 | A tale of routines, IOCTLs and IRPs https://idov31.github.io/2022/08/04/lord-of-the-ring0-p2.html
Lord Of The Ring0 - Part 3 | Sailing to the land of the user (and debugging the ship) https://idov31.github.io/2022/10/30/lord-of-the-ring0-p3.html
Sshimpanzee (fork of openssh server packaged with different network tunnels) https://blog.lexfo.fr/sshimpanzee.html
NVMe: New Vulnerabilities Made Easy https://www.cyberark.com/resources/all-blog-posts/nvme-new-vulnerabilities-made-easy
Cyberark
NVMe: New Vulnerabilities Made Easy
As vulnerability researchers, our primary mission is to find as many vulnerabilities as possible with the highest severity as possible. Finding vulnerabilities is usually challenging. But could...
Lord Of The Ring0 - Part 4 | The call back home https://idov31.github.io/2023/02/24/lord-of-the-ring0-p4.html
Lord Of The Ring0 - Part 5 | Saruman's Manipulation https://idov31.github.io/2023/07/19/lord-of-the-ring0-p5.html
Researching Xiaomi’s TEE to get to Chinese money https://research.checkpoint.com/2022/researching-xiaomis-tee/
Check Point Research
Researching Xiaomi’s TEE to get to Chinese money - Check Point Research
Research By: Slava Makkaveev Introduction Have you ever wondered if it is safe to make payments from a mobile device? Can a malicious app steal money from your digital wallet? According to the latest statistics, the Far East and China accounted for two-thirds…
👍1
Low-Level Software Security for Compiler Developers https://llsoftsec.github.io/llsoftsecbook/
👍1
Evolution of Data Lifecycle Management at Uber https://www.uber.com/en-GB/blog/evolution-of-data-lifecycle-management-at-uber/
Your Comprehensive Guide to Kubernetes Security https://medium.com/@paritoshblogs/your-comprehensive-guide-to-kubernetes-security-0a215518b710
Medium
Your Comprehensive Guide to Kubernetes Security
Kubernetes, often referred to as K8s, has revolutionized the world of container orchestration and application deployment. Its flexibility…
👍1
People who say “PHP is insecure” are uninformed https://hakluke.com/people-who-say-php-is-insecure-are-uninformed/
Hakluke
People who say “PHP is insecure” are uninformed
I hear a lot of folks parrot the opinion that PHP is somehow less secure than other languages. This simply isn't true. Here's why.
Abusing gdb Features for Data Ingress & Egress https://www.archcloudlabs.com/projects/debuginfod/
Archcloudlabs
Abusing gdb Features for Data Ingress & Egress
About The Project Modern Software Development environments have significant debugging capabilities to troubleshoot issues with the complex nature of modern software . These debugging capabilities typically manifest in Interactive Development Environment (IDE)…