Windows admin to kernel
LPE from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/
LPE from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled.
https://hakaisecurity.io/cve-2024-21338-from-admin-to-kernel-through-token-manipulation-and-windows-kernel-exploitation/research-blog/
👍4🔥2🤡2
PuTTY vulnerability vuln-p521-bias
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/vuln-p521-bias.html
👍3🔥2
Anything you want you can search and ippsec show how
https://ippsec.rocks/?#
https://ippsec.rocks/?#
👍2🔥2
👍3🔥2🥱1
Forwarded from Source Chat (GOJO)
Please open Telegram to view this post
VIEW IN TELEGRAM
Keylogging in the Windows kernel with undocumented data structures
https://eversinc33.com/posts/kernel-mode-keylogging/
https://eversinc33.com/posts/kernel-mode-keylogging/
👍2🔥2
A technique of hiding malicious shellcode via Shannon encoding.
https://github.com/kleiton0x00/Shelltropy.git
https://github.com/kleiton0x00/Shelltropy.git
👍2🔥2
Little AV/EDR bypassing lab for training & learning purposes
https://github.com/Xacone/BestEdrOfTheMarket
https://github.com/Xacone/BestEdrOfTheMarket
👍2🔥2
Name: Serious Cryptography
Requirements: Nothing
Level: Basics and Basis
Author: Jean-Phillippe Aumassen
“
Chapters:
1 - Encryption
2 - Randomness
3 - Cryptography Security
4 - Block Ciphers
5 - Stream Ciphers
6 - Hash Functions
7 - Keyed Hashing
8 - Authenticated Encryption
9 - Hard Problems
10 - RSA
11 - Diffie-Hellman
12 - Elliptic Curves
13 - TLS
14 - Quantum and Post-Quantom”
Requirements: Nothing
Level: Basics and Basis
Author: Jean-Phillippe Aumassen
“
Chapters:
1 - Encryption
2 - Randomness
3 - Cryptography Security
4 - Block Ciphers
5 - Stream Ciphers
6 - Hash Functions
7 - Keyed Hashing
8 - Authenticated Encryption
9 - Hard Problems
10 - RSA
11 - Diffie-Hellman
12 - Elliptic Curves
13 - TLS
14 - Quantum and Post-Quantom”
👍3
Vulnerability Management Goes Much Deeper Than Patching
https://www.kolide.com/blog/vulnerability-management-goes-much-deeper-than-patching
What Is Vulnerability Management?
Vulnerability Management For Compliance
Elements of Vulnerability Management
Improving Vulnerability Management With Zero Trust
Vulnerability Management Is a Journey, Not a Destination
https://www.kolide.com/blog/vulnerability-management-goes-much-deeper-than-patching
❤5👍2
Hack.lu 2023: Malware Av evasion tricks by cocmelonc
https://youtu.be/0Xa4E4ZpX2E?si=xbfueQY-gmEYS6lx
His book:
https://news.1rj.ru/str/source_chat/923
https://youtu.be/0Xa4E4ZpX2E?si=xbfueQY-gmEYS6lx
His book:
https://news.1rj.ru/str/source_chat/923
❤7👍1
Windows-based credential dumper using C++ and MASM x64.
https://github.com/Meowmycks/LetMeowIn
https://github.com/Meowmycks/LetMeowIn
👍7
کانال بایت امن
#Webinar Malware Development Workshop Speakers : Uriel Kosayev, Pavel Yosifovich | TrainSec.net What you will learn in the workshop 1. What is Malware Analysis 2. What is Malware Development 3. The Malware Development Life Cycle 4. Why it's important…
GitHub
GitHub - zodiacon/MalDevWorkshopWebinar: Demo from the Malware Analysis and Development Webinar
Demo from the Malware Analysis and Development Webinar - zodiacon/MalDevWorkshopWebinar
❤11
Forwarded from white2hack 📚
Notes ver.1.0 Stuff about IT security that might be good to know by xapax
This is some documentation I have build up over the years. Everything is work in progress, some stuff is years old and might not be relevant. Other stuff is new and not so bad.
Source
GitHub
#useful #defensive #web #hardening
This is some documentation I have build up over the years. Everything is work in progress, some stuff is years old and might not be relevant. Other stuff is new and not so bad.
Source
GitHub
#useful #defensive #web #hardening
❤5
Forwarded from Offensive Xwitter
😈 [ Evan McBroom @mcbroom_evan ]
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March.
If you are interested in getting credentials from LSASS without accessing its memory, check it out!
Blog:
🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b
Tool:
🔗 https://github.com/Meowmycks/LetMeowIn
Crossposted on GH:
🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279
🐥 [ tweet ]
I just published a blog and tool for the LSA Whisperer work that was presented at the SpecterOps Conference (SOCON) back in March.
If you are interested in getting credentials from LSASS without accessing its memory, check it out!
Blog:
🔗 https://medium.com/specter-ops-posts/lsa-whisperer-20874277ea3b
Tool:
🔗 https://github.com/Meowmycks/LetMeowIn
Crossposted on GH:
🔗 https://gist.github.com/EvanMcBroom/dceb1c7070ee3278eaedd04b42aed279
🐥 [ tweet ]
👍4
Forwarded from Reverse Dungeon
YouTube
CppCon 2017: Matt Godbolt “What Has My Compiler Done for Me Lately? Unbolting the Compiler's Lid”
http://CppCon.org
—
Presentation Slides, PDFs, Source Code and other presenter materials are available at: https://github.com/CppCon/CppCon2017
—
In 2012, Matt and a colleague were arguing whether it was efficient to use the then-new-fangled range for. During…
—
Presentation Slides, PDFs, Source Code and other presenter materials are available at: https://github.com/CppCon/CppCon2017
—
In 2012, Matt and a colleague were arguing whether it was efficient to use the then-new-fangled range for. During…
👍4