你可能會喜歡
lol whole new calling conventions for PIC literally a day after I release my kit 😅 aff-wg.org/2025/10/13/wee…
New blog from me on using CLR customizations to improve the OPSEC of your .NET execution harness. This includes a novel AMSI bypass that I identified in 2023. By taking control of CLR assembly loads, we can load assemblies from memory with no AMSI scan. securityintelligence.com/x-force/being-…
I've been getting questions about this again recently, so I wrote a small post. Patching .NET functions from an unmanaged CLR harness: outflank.nl/blog/2024/02/0…
We just released Reflective Call Stack Detections and Evasions! This was co-authored by our @XForce Red intern Dylan Tran @d_tranman! Dylan is wicked smart and it was fun working with him! Check it out!🥷 securityintelligence.com/x-force/reflec…
New blogpost by @0vercl0k: "Competing in Pwn2Own ICS 2022 Miami: Exploiting a zero click remote memory corruption in ICONICS Genesis64" doar-e.github.io/blog/2023/05/0…
Wrote a blog post for my company on how we implement obfuscation for our C# post-exploitation arsenal. Discussing some detection opportunities and our ways around them. Special thx to @Flangvik for his video on SharpCollection, which is our pipelines base r-tec.net/r-tec-blog-net…
I have posted the slides for the #BlackHat talk @chompie1337 and I gave yesterday -> Close encounters of the advanced persistent kind: Leveraging rootkits for post-exploitation github.com/FuzzySecurity/…
Lo prometido es deuda, el research sobre el CVE-2023-28252 ya esta publicado con su PoC junto a la explicacion detallada del reversing que hicimos con mi amigo @solidclt. github.com/fortra/CVE-202… Mas dificil que barrer escaleras para arriba. Ojala les sirva.
Short write-up on baby's first UAF challenge h0mbre.github.io/PAWNYABLE_UAF_…. Post is meant to serve more as an advertisement for pawnyable.cafe/linux-kernel/. It was a great resource for me to get started on Linux Kernel exploitation. Also I need a new blog layout yikes
Today I am finally releasing a new 3-part browser exploitation series on Chrome! This was written to help beginners break into the browser exploitation field. Part 1 covers V8 internals such as objects, properties, and memory optimizations. Enjoy! jhalon.github.io/chrome-browser…
This is probably the most complex exploit I've done so far. A UAF in Android kernel freed by kfree_rcu (introduces a delay) in a tight race + kCFI + Samsung RKP. Yet its still possible to gain arbitrary kernel RW, disable SE and root from untrusted app. github.blog/2022-06-16-the…
Up your security research skills: This Windows LoadLibrary port for Linux by @taviso is a great project to contribute to. You'll learn how *both* OS's work internally. Use it to fuzz Win binaries faster on Linux github.com/taviso/loadlib…
Do you want to learn how to find vulnerabilities in Google Chrome? @Nosoynadiemas just released the last exercise of Fuzzing101! github.co/3s8m12H
I just released more details about the recent Samba (pwn2own) vulnerability. #CVE-2021-44142. as hot 🔥 as still being reserved on Mitre. 🙃 writeup: 0xsha.io/blog/a-samba-h… PoC (level-0) : gist.github.com/0xsha/0859033e… 1/2
Here are the slides from the "Attacking JavaScript Engines in 2022" talk by @itszn13 and myself @offensive_con. It's a high-level talk about JS, JIT, various bug classes, and typical exploitation flows but with lots of references for further digging! saelo.github.io/presentations/…
Check my first blog about alternative process injection without allocating new memory to bypass EDR. netero1010-securitylab.com/eavsion/altern…
United States 趨勢
- 1. Elander 2,666 posts
- 2. Tosin 7,218 posts
- 3. Tony Vitello 10.9K posts
- 4. Danny White 2,266 posts
- 5. Caicedo 14.7K posts
- 6. Ajax 61.1K posts
- 7. Ekitike 18.7K posts
- 8. Estevao 13.3K posts
- 9. Enzo 24.5K posts
- 10. Frank Anderson N/A
- 11. East Wing 132K posts
- 12. Frankfurt 38.3K posts
- 13. #YesOnProp50 3,606 posts
- 14. SNAP 635K posts
- 15. Brahim 6,953 posts
- 16. Surviving Mormonism N/A
- 17. #LoveIsBlindS9 3,089 posts
- 18. Juventus 54.4K posts
- 19. Konate 4,002 posts
- 20. #13YearsofRED 1,379 posts
你可能會喜歡
-
`Ivan
@Ivanlef0u -
Axel Souchet
@0vercl0k -
Stephen Fewer
@stephenfewer -
Adnan (xanda) Mohd Shukor
@xanda -
Tarjei Mandt
@kernelpool -
Evilcry_
@Blackmond_ -
Kostya Kortchinsky
@crypt0ad -
Omair 🇵🇸
@w3bd3vil -
Roberto Martínez
@r0bertmart1nez -
Gadix
@GadixCRK -
Mayuresh 🇮🇳
@pentestit -
Dmitriy Evdokimov
@evdokimovds -
Anastasios Pingios
@xorlgr -
Tomislav Pericin
@ap0x
Something went wrong.
Something went wrong.