sec.today 节点

当前节点:sec.today

时间	节点
2021-01-20 12:25:11	腾讯玄武实验室推送	Shellcode Injection using Nim and Syscalls - ajpc500 Shellcode Injection using Nim and Syscalls
2021-01-20 12:25:11	腾讯玄武实验室推送	delete-self-poc Windows 进程删除自身可执行文件的 PoC
2021-01-20 11:25:09	腾讯玄武实验室推送	DNSpooq Flaws Allow DNS Hijacking of Millions of Devices Dnsmasq 被发现多个漏洞，成功利用可以实现 DNS 劫持
2021-01-20 11:25:09	腾讯玄武实验室推送	Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452 Remediation and Hardening Strategies for Microsoft 365 to Defend Against UNC2452
2021-01-20 11:25:09	腾讯玄武实验室推送	The State of State Machines Project Zero Natalie Silvanovich 对多款语音通讯软件呼叫状态机的分析
2021-01-20 11:25:09	腾讯玄武实验室推送	ZDI-20-1440: An Incorrect Calculation Bug in the Linux Kernel eBPF Verifier Linux 内核 eBPF 包过滤子系统越界访问漏洞分析（Pwn2Own 2020）
2021-01-20 11:05:10	腾讯玄武实验室推送	SolarWinds 供应链攻击持续跟踪进展 SolarWinds 供应链攻击持续跟踪进展
2021-01-19 11:44:33	腾讯玄武实验室推送	CVE-2020-5144 - SonicWall Global VPN New Elevation of Privileges Vulnerability - Cymptom SonicWall Global VPN 提权漏洞分析（CVE-2020-5144）
2021-01-19 11:24:31	腾讯玄武实验室推送	Checking your browser before accessing bleepingcomputer.com. 有用户发现，浏览器打开一个特殊的路径可以导致 Windows 蓝屏崩溃
2021-01-19 11:24:31	腾讯玄武实验室推送	Backdooring MSBuild Backdooring MSBuild
2021-01-19 11:24:31	腾讯玄武实验室推送	Divide and Conquer - A technique to bypass NextGen AV 通过恶意行为拆分成原子操作的方法实现免杀
2021-01-19 11:24:31	腾讯玄武实验室推送	BitLocker Lockscreen bypass \| secret club BitLocker Lockscreen bypass
2021-01-19 11:24:31	腾讯玄武实验室推送	Escaping VirtualBox 6.1: Part 1 \| secret club Escaping VirtualBox 6.1: Part 1
2021-01-19 11:24:31	腾讯玄武实验室推送	Netlogon Domain Controller Enforcement Mode is enabled by default beginning with the February 9, 2021 Security Update, related to CVE-2020-1472 为解决 CVE-2020-1472 漏洞的问题，微软准备默认开启 Netlogon Domain Controller Enforcement Mode
2021-01-19 11:04:29	腾讯玄武实验室推送	智能合约拒绝服务之不安全的 “SafeMath” 智能合约拒绝服务之不安全的 “SafeMath”
2021-01-18 22:24:12	腾讯玄武实验室推送	linux 内核(5.4.81)—内存管理模块源码分析 Linux 5.4.81内核—内存管理模块源码分析。
2021-01-18 22:24:12	腾讯玄武实验室推送	GitHub - h4ckdepy/SeveTools: 多功能的网络安全实战武器库 SeveTools:多功能的网络安全实战工具项目库。
2021-01-17 22:43:57	腾讯玄武实验室推送	Exchange Web Service(EWS)开发指南2——SOAP XML message Exchange Web Service(EWS)开发指南2——SOAP XML message利用。
2021-01-15 11:26:49	腾讯玄武实验室推送	Apple removes feature that allowed its apps to bypass macOS firewalls and VPNs \| ZDNet 前段时间爆出 Apple 在新版本 macOS 网络防火墙中为自家 App 开绿灯的问题已被解决
2021-01-15 11:26:49	腾讯玄武实验室推送	google/nsjail nsjail - Google 开源的一个 Linux 平台进程隔离工具
2021-01-15 11:26:49	腾讯玄武实验室推送	Thoughts dereferenced from the scratchpad noise. \| What is IOMMU and how it can be used? What is IOMMU and how it can be used?
2021-01-15 11:26:49	腾讯玄武实验室推送	macOS Post-Exploitation Shenanigans with VSCode Extensions - MDSec 利用 VSCode 扩展实现 macOS Post-Exploitation 阶段的代码执行
2021-01-15 11:26:49	腾讯玄武实验室推送	[PDF] https://www.usenix.org/system/files/sec20-lehmann.pdf Everything Old is New Again: Binary Security of WebAssembly
2021-01-15 11:26:49	腾讯玄武实验室推送	#943231 SOCK_RAW sockets reachable from Webkit process allows triggering double free in IP6_EXTHDR_CHECK PlayStation 4 WebKit IP6_EXTHDR_CHECK Double Free 漏洞
2021-01-15 11:26:49	腾讯玄武实验室推送	Building XNU 内核 Hook 框架，基于 checkra1n pongoOS
2021-01-15 11:26:49	腾讯玄武实验室推送	Hunting for Bugs in Windows Mini-Filter Drivers Hunting for Bugs in Windows Mini-Filter Drivers
2021-01-15 11:26:49	腾讯玄武实验室推送	Looking Back at the Zero Day Initiative in 2020 ZDI 对最近一年漏洞收录情况的回顾
2021-01-14 23:33:42	腾讯玄武实验室推送	ProFuzzBench - A Benchmark for Stateful Protocol Fuzzing ProFuzzBench-网络状态协议模糊测试的基准实验项目。
2021-01-14 11:53:07	腾讯玄武实验室推送	Analyzing a buffer overflow in the DLINK DIR-645 with Qiling framework, Part II 利用 Qiling 框架分析 DLINK DIR-645 路由器的缓冲区溢出漏洞
2021-01-14 11:53:07	腾讯玄武实验室推送	URGENT: SECURITY: New maintainer is probably malicious #1263 Chrome 浏览器扩展 “The Great Suspender” 作者将该扩展卖给未知恶意组织
2021-01-14 11:53:07	腾讯玄武实验室推送	bladeRF-wiphy - Nuand bladeRF-wiphy - 一款开源的兼容 IEEE 802.11 协议的 SDR VHDL Modem
2021-01-14 11:53:07	腾讯玄武实验室推送	Finding The Origin IP Behind CDNs - ZDResearch 如何定位 CDN 背后服务器的真实 IP
2021-01-14 11:53:07	腾讯玄武实验室推送	Pushing back on userland hooks with Cobalt Strike \| Strategic Cyber LLC Pushing back on userland hooks with Cobalt Strike
2021-01-14 11:53:07	腾讯玄武实验室推送	GitHub - google/android-emulator-hypervisor-driver-for-amd-processors Android Emulator Hypervisor Driver for AMD Processors
2021-01-14 11:53:07	腾讯玄武实验室推送	Hiding execution of unsigned code in system threads Hiding execution of unsigned code in system threads
2021-01-14 11:53:07	腾讯玄武实验室推送	Pentesting the ELK Stack Pentesting the ELK Stack
2021-01-14 11:53:07	腾讯玄武实验室推送	2021 Threat Predictions Report McAfee Labs 发布 2021 威胁预测报告
2021-01-13 11:52:26	腾讯玄武实验室推送	Bypassing Windows protection mechanisms & Playing with OffensiveNim Bypassing Windows protection mechanisms & Playing with OffensiveNim
2021-01-13 11:52:26	腾讯玄武实验室推送	Laravel <= v8.4.2 debug mode: Remote code execution PHP 框架 Laravel v8.4.2 版本调试模式 RCE 漏洞分析
2021-01-13 11:52:26	腾讯玄武实验室推送	Practical Web Cache Poisoning Practical Web Cache Poisoning
2021-01-13 11:52:26	腾讯玄武实验室推送	Guest Blog Post: Leaking silhouettes of cross-origin images – Attack & Defense Firefox、Chrome 浏览器跨域窃取图片信息漏洞(CVE-2020-16012)分析
2021-01-13 11:52:26	腾讯玄武实验室推送	Breaking The Browser - A tale of IPC, credentials and backdoors - MDSec Breaking The Browser – A tale of IPC, credentials and backdoors
2021-01-13 11:32:26	腾讯玄武实验室推送	Critical Microsoft Defender Bug Actively Exploited; Patch Tuesday Offers 83 Fixes 微软发布 1 月份漏洞补丁公告，本次修复 10 个高危漏洞
2021-01-13 11:32:25	腾讯玄武实验室推送	Making Clouds Rain :: Remote Code Execution in Microsoft Office 365 Making Clouds Rain :: Remote Code Execution in Microsoft Office 365
2021-01-13 11:32:25	腾讯玄武实验室推送	Introducing the In-the-Wild Series Project Zero 新 Blog，介绍他们 2020 年春发现的野外攻击代码，经分析从中发现多个 0Day，覆盖 Windows、Android、Chrome 浏览器
2021-01-12 22:52:05	腾讯玄武实验室推送	ES6 入门教程 ES6 标准入门教程资源。
2021-01-12 12:11:48	腾讯玄武实验室推送	CVE-2020-9971 Abusing XPC Service mechanism to elevate privilege in macOS/iOS CVE-2020-9971 Abusing XPC Service mechanism to elevate privilege in macOS/iOS，滥用 XPC Service 机制漏洞实现特权提升，影响 macOS/iOS，来自玄武实验室 Zhipeng Huo 的分析
2021-01-12 12:11:48	腾讯玄武实验室推送	How I stole the data in millions of people’s Google accounts \| by Ethan Elshyeb \| Jan, 2021 \| Medium How I stole the data in millions of people’s Google accounts
2021-01-12 12:11:48	腾讯玄武实验室推送	Exploiting OAuth: Redirect_URI. OAuth/Open Authentication: \| by Gupta Bless \| Jan, 2021 \| Medium Exploiting OAuth: Redirect_URI
2021-01-12 11:51:45	腾讯玄武实验室推送	Malware Development: Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking \| Home Malware Development: Leveraging Beacon Object Files for Remote Process Injection via Thread Hijacking
2021-01-12 11:51:45	腾讯玄武实验室推送	Real World CTF 2020 Game2048 Writeup \| r3kapig Real World CTF 2020 Game2048 Writeup
2021-01-12 11:51:45	腾讯玄武实验室推送	Keep newly created IDBIndex objects in deleted map when IDBTransaction is aborted WebKit IDBIndex UAF 漏洞 Issue
2021-01-12 11:51:45	腾讯玄武实验室推送	Sunburst backdoor – code overlaps with Kazuar Sunburst backdoor – code overlaps with Kazuar
2021-01-12 11:51:45	腾讯玄武实验室推送	BORG ：一个快速进化的僵尸网络 BORG ：一个快速进化的僵尸网络
2021-01-12 11:51:45	腾讯玄武实验室推送	Hyper-V debugging for beginners. 2nd edition. Hyper-V debugging for beginners. 2nd edition
2021-01-12 11:51:45	腾讯玄武实验室推送	SolarWinds Hack Potentially Linked to Turla APT SolarWinds 供应链攻击事件被怀疑与俄罗斯 Turla APT 组织有关