Papers News -
Update 10.08.2018 20:15:24


64bit (4)  Cracking (1)  Exploit (29)  Forenzní (1)  Hacking (5)  Linux (6)  Mobil (2)  NFC bezpečnost (1)  Ochrany (2)  Operační paměť (2)  Ostatní (28)  Penetrace (2)  Počítačové útoky (5)  Počítačové viry (13)  Programování (3)  Reverzní inženýrství (5)  Systémy IDS/IPS (1)  Zranitelnosti (23) Magazines (7)  (NICE) Cybersecurity Workforce Framework  Framework for Improving Critical Infrastructure Cybersecurity 2.0  Industrial Internet of Things Volume G4: Security Framework


Datum

Název

Kategorie

10.8.2018A Deep Dive into macOS MDM (and how it can be compromised)
6.8.2018Don’t @ Me Hunting Twitter Bots at Scale
29.7.2018Analyzing potential bounds check bypass vulnerabilities
18.7.2018Abusing Kerberos - Kerberoasting
18.7.2018VLAN Hopping Attack
18.7.2018Exploiting the Obvious - Bluetooth Trust Relationships
18.7.2018Sony Playstation 4 (PS4) - PS4 5.05 BPF Double Free Kernel Exploit Writeup
18.7.2018Symbolic deobfuscation: from virtualized code back to the original
26.6.2018Case Study: Security of Modern Bluetooth Keyboards
7.6.2018SEVered: Subverting AMD’s Virtual Machine Encrypti
12.5.2018Throwhammer: Rowhammer Attacks over the Network and Defenses
9.5.2018POP SS Vulnerability
4.5.2018Grand Pwning Unit: Accelerating Microarchitectural Attacks with the GPU
3.5.2018Windows Kernel Exploitation Tutorial Part 8: Use After Free
1.5.2018Trusted Cyber Physical Systems
2.4.2018Sony Playstation 4 (PS4) - PS4 4.55 BPF Race Condition Kernel Exploit Writeup
2.4.2018Error based SQL Injection in "Order By" clause (MSSQL)
2.4.2018DOSfuscation: Exploring the Depths of Cmd.exe Obfuscation and Detection Techniques
27.3.2018BranchScope AttackCPU Attack
27.3.2018Cross Site Scripting ‘XSS’ in a Nutshell
22.3.2018Windows Kernel Exploitation Tutorial Part 7: Uninitialized Heap Variable
22.3.2018WEB APPLICATION PENETRATION TESTING
13.3.20182018 State of Security Operations: Report of the Capabilities and Maturity of Cyber Defense Organizations Worldwide
13.3.2018Severe Security Advisory on AMD ProcessorsCPU Attack
13.3.2018aIR-Jumper: Covert Air-Gap Exfiltration/Infiltration via SecurityCameras & Infrared (IR)Attack
13.3.2018USBee: Air-Gap Covert-Channel via Electromagnetic Emission from USB Attack
13.3.2018Fansmitter: Acoustic Data Exfiltration from (Speakerless) Air-Gapped Computers Attack
13.3.2018GSMem: Data Exfiltration from Air-Gapped Computers over GSM FrequenciesAttack
13.3.2018MOSQUITO: Covert Ultrasonic Transmissions between Two Air-Gapped Computers using Speaker-to-Speaker CommunicationAttack
5.3.2018LTEInspector: A Systematic Approach for Adversarial Testing of 4G LTE Mobil
4.3.2018SGXPECTRE Attacks: Leaking Enclave Secrets via Speculative Execution CPU Attack

4.3.2018

Sony Playstation 4 (PS4) - WebKit 'setAttributeNodeNS' User After Free Write-up

4.3.2018

The Easiest Metasploit Guide You’ll Ever Read

4.3.2018

Parasiting web server process with webshells in permissive environments

4.3.2018

Mobile Application Hacking Diary Ep.2

4.3.2018

MySQL UDF Exploitation

17.2.2018

From APK to Golden Ticket

17.2.2018

MySQL UDF Exploitation

17.2.2018

The Easiest Metasploit Guide You’ll Ever Read

17.2.2018

Zero day Zen garden: Windows Exploit Development

13.2.2018

TCP Starvation

2.2.2018

Jailbreaking iOS 11.1.2: An adventure into the XNU kernel

2.2.2018

ARM Exploitation for IoT

2.2.2018HackSysTeam Windows Kernel Vulnerable Driver: Type Confusion Vulnerability Exploitation
2.2.2018Hardcore SAP Penetration Testing

4.1.2018

Meltdown AttackCPU Hardware

4.1.2018

Spectre attackCPU Hardware

3.1.2018

PoC||GTFO Proof Concept Get The Fuck Ou 0x14

3.1.2018

nt!_SEP_TOKEN_PRIVILEGES - Single Write EoP Protect

 

3.1.2018

Introduction to Manual Backdooring

3.1.2018

BluedIoT: When a mature and immature technology mixes, becomes an “idiot” situation

3.1.2018

Local File Disclosure using SQL Injection

3.1.2018

Stealing Windows Credentials Using Google Chrome

3.1.2018

PoC||GTFO Proof Concept Get The Fuck 0x15

3.1.2018

HOW TO EXPLOIT ETERNALBLUE TO GET A METERPRETER SESSION ON WINDOWS SERVER 2012 R2

3.1.2018

HOW TO EXPLOIT ETERNALROMANCE/SYNERGY TO GET A METERPRETER SESSION ON WINDOWS SERVER 2016

3.1.2018

Code Injection – HTML Injection

3.1.2018

Hidden Network: Detecting Hidden Networks created with USB Devices

3.1.2018

Fully Undetectable Malware

3.1.2018

Of Mice and Keyboards On the Security of Modern Wireless Desktop Sets

3.1.2018

DirtyTooth: it’s only Rock’n’Roll, but I like it!

3.1.2018

Kernel Driver mmaphandler exploitation

3.1.2018

Command Injection/Shell Injection

3.1.2018

Exploiting Node.js deserialization bug for Remote Code Execution (CVE-2017-5941)

3.1.2018

Art of Anti Detection – 3 Shellcode Alchemy

3.1.2018

Art of Anti Detection – 2 PE Backdoor Manufacturing

3.1.2018

ATTACKING RDP How to Eavesdrop on Poorly Secured RDP Connections

3.1.2018

Alternative for Information_Schema.Tables in MySQL

3.1.2018

Injecting SQLite database based application

3.1.2018

RSA ASYMMETRIC POLYMORPHIC SHELLCODE

3.1.2018

CVE-2017-7344 Fortinet FortiClient Windows privilege escalation at logon

3.1.2018

MySQL Out-of-Band Hacking

3.1.2018

MySQL Injection in Update, Insert and Delete

3.1.2018

Local File Inclusion (LFI) Testing Techniques

12.12.2017

Bleichenbacher attack

Krypto

8.12.2017

Spinner: Semi-Automatic Detection of Pinning without Hostname Verification

Krypto

16.11.2017

Terdot Zeus based malware strikes back with a blast from the past

Malware

8.11.2017

Standardizing Bad Cryptographic Practice

Krypto

2.11.2017

A generative vision model that trains with high data efficiency and breaks text-based CAPTCHAs

Safety

26.10.2017

Top-of-mind Threats and Their Impact on Endpoint Security Decisions

Threats

24.10.2017

Practical state recovery attacks against legacy RNG implementations

Krypto

16.10.2017

Key Reinstallation Attacks: Forcing Nonce Reuse in WPA2

Wi-Fi

6.10.2017

Another Flip in the Wall of Rowhammer Defenses

Operační paměť

4.10.2017

“Walking in Your Enemy’s Shadow: When Fourth-Party Collection Becomes Attribution Hell”

APT

28.9.2017

Phrack: VM escape - QEMU Case Study

Magazines

28.9.2017

Phrack: Team Shellphish - Cyber Grand Shellphish

Magazines

28.9.2017

Phrack: Attacking JavaScript Engines: A case study of JavaScriptCore and CVE-2016-4622

Magazines

28.9.2017

Phrack #69

Magazines

28.9.2017

Phrack #68

Magazines

28.9.2017

Phrack #67

Magazines

28.9.2017

Phrack #66

Magazines

27.9.2017

Cardiac Scan: A Non-Contact and Continuous Heart-Based User

Hacking

30.8.2017

Command Injection/Shell Injection

Exploint

28.8.2017

Abusing Token Privileges For LPE

Exploint

5.8.2017

How to exploit ETERNALROMANCE/SYNERGY on Windows Server 2016

Tool

5.8.2017

Hidden Network: Detecting Hidden Networks created with USB Devices

Tool

5.8.2017

How to Exploit ETERNALBLUE on Windows Server 2012 R2

Tool

5.8.2017

64 bits Linux Stack Based Buffer Overflow

64bit

5.8.2017

64-bit calc.exe Stack Overflow Root Cause Analysis

64bit

5.8.2017

64-bit Linux Stack Based Buffer Overflow

64bit

5.8.2017

64-bit calc.exe Stack Overflow Root Cause Analysis

64bit

5.8.2017

CUDA Cracking

Cracking

5.8.2017

Whitepaper : Exploiting Transparent User Identification

Exploint

5.8.2017

Metasploit -The Exploit Learning Tree

Exploint

5.8.2017

nginx Exploit Documentation About a Generic Way to Exploit Linux Targets

Exploint

5.8.2017

Post XSS Exploitation: Advanced Attacks and Remedies

Exploint

5.8.2017

Windows "Meterpreter"less Post Exploitation

Exploint

5.8.2017

Novell GroupWise Untrusted Pointer Dereference Exploitation

Exploint

5.8.2017

JDWP Arbitrary Java Code Execution Exploitation

Exploint

5.8.2017

A Short Guide on ARM Exploitation

Exploint

5.8.2017

Abusing, Exploiting and Pwning with Firefox Add-ons

Exploint

5.8.2017

Windows Heap Overflow Exploitation

Exploint

5.8.2017

Exploitation notes on CVE-2014-0160

Exploint

5.8.2017

TP-Link TD-W89 Config File Download / Exploiting the Host

Exploint

5.8.2017

Radio-Frequency Identification Exploitation

Exploint

5.8.2017

JDWP Arbitrary Java Code Execution Exploitation

Exploint

5.8.2017

Exploiting CVE-2014-4113 on Windows 8.1

Exploint

5.8.2017

Exploit-Sources (Part One)

Exploint

5.8.2017

Anatomy of Exploit - World of Shellcode

Exploint

5.8.2017

Backdooring with netcat shellcode

Exploint

5.8.2017

Zine: D-Link DSR Router Series - Remote Root Shell

Exploint

5.8.2017

Reverse Engineering of x86 Linux Shellcodes the Easy Way

Exploint

5.8.2017

Radio-Frequency Identification Exploitation

Exploint

5.8.2017

Exploitation notes on CVE-2014-0160

Exploint

5.8.2017

Windows Heap Overflow Exploitation

Exploint

5.8.2017

Heap Spraying - ActiveX Controls Under Attack

Exploint

5.8.2017

SQL Injection in Insert, Update and Delete Statements

Exploint

5.8.2017

Uploading PHP Shell Through SQL Injection

Exploint

5.8.2017

TP-Link TD-W89 Config File Download / Exploiting the Host

Exploint

5.8.2017

Hacking Trust Relationships Between SIP Gateways

Hacking

5.8.2017

Developing MIPS Exploits to Hack Routers

Hacking

5.8.2017

Hacking Blind

Hacking

5.8.2017

Dynamic-Link Library Hijacking

Hacking

5.8.2017

Linux Classic Return-to-libc & Return-to-libc Chaining Tutorial

Linux

5.8.2017

Linux Stack Based Buffer Overflows

Linux

5.8.2017

Understanding C Integer Boundaries (Overflows & Underflow)

Linux

5.8.2017

Linux Format String Exploitation

Linux

5.8.2017

Linux Integer Overflow and Underflow

Linux

5.8.2017

Linux Off By One Vulnerabilities

Linux

5.8.2017

Blackberry Z10 Research Primer - Dissecting Blackberry 10 - An Initial Analysis

Mobil

5.8.2017

Mobile Application Hacking Diary Ep.1

Mobil

5.8.2017

Analyzing Near Field Communication (NFC) Security

NFC bezpečnost

5.8.2017

Bypassing AvastSandBox Using Alternate Data Streaming

Ochrany

5.8.2017

Bypassing SSL Pinning on Android via Reverse Engineering

Ochrany

5.8.2017

Manipulating Memory for Fun & Profit

Operační paměť

5.8.2017

Adventures in Automotive Networks and Control Units

Other

5.8.2017

CloudFlare vs Incapsula (WAF) : Round 2 (PDF)

Other

5.8.2017

CloudFlare vs Incapsula vs ModSecurity

Other

5.8.2017

Flash JIT – Spraying info leak gadgets

Other

5.8.2017

From Write to root on AIX

Other

5.8.2017

Fuzzing: An introduction to Sulley Framework

Other

5.8.2017

GAME ENGINES: A 0-DAY’S TALE

Other

5.8.2017

Methodology: Security plan for wireless networks

Other

5.8.2017

Smashing the stack, an example from 2013

Other

5.8.2017

SQL Injection in Insert, Update and Delete Statements

Other

5.8.2017

The Audit DSOs of the RTLD

Other

5.8.2017

Uploading PHP Shell Through SQL Injection 

Other

5.8.2017

WordPress 3.6 - Crafted String URL Redirect Restriction Bypass

Other

5.8.2017

Android KeyStore Stack Buffer Overflow

Other

5.8.2017

Whatsapp Forensic/Stealer (Android) POC Paper

Forenzní

5.8.2017

Socket Learning

Other

5.8.2017

NMAP - Port-Scanning: A Practical Approach Modified for better

Other

5.8.2017

Asterisk Phreaking How-To

Other

5.8.2017

Searching SHODAN For Fun And Profit

Other

5.8.2017

Breaking the Sandbox

Other

5.8.2017

Back To The Future: Unix Wildcards Gone Wild

Other

5.8.2017

Deep Dive into ROP Payload Analysis

Other

5.8.2017

Bypassing SSL Pinning on Android via Reverse Engineering

Other

5.8.2017

Introduction to Android Malware Analysis

Other

5.8.2017

CloudFlare vs Incapsula (WAF) : Round 2 (PDF)

Other

5.8.2017

The Audit DSOs of the RTLD

Other

5.8.2017

Whatsapp Forensic/Stealer (Android) PoC Paper

Other

5.8.2017

Methodology: Security plan for wireless networks

Other

5.8.2017

HTML5 Security Cheat Sheet

Other

5.8.2017

A Pentester's Guide to Hacking OData

Penetrace

5.8.2017

Metasploit -The Exploit Learning Tree

Penetrace

5.8.2017

Chip and Skim: cloning EMV cards with the pre-play attack

Počítačový útok

5.8.2017

Story of a Client-Side Attack

Počítačový útok

5.8.2017

Heap Spraying - ActiveX Controls Under Attack

Počítačový útok

5.8.2017

Dynamic-Link Library Hijacking

Počítačový útok

5.8.2017

Smashing the stack, an example from 2013

Počítačový útok

5.8.2017

Win32-Worm:VBS/Jenxcus.A Malware Report

Počítačové viry

5.8.2017

Win32-China Chopper CnC/Webshell Malware Report

Počítačové viry

5.8.2017

Win32-Rovnix Malware Report

Počítačové viry

5.8.2017

DFIRCON APT Malware Analysis

Počítačové viry

5.8.2017

DFIRCON APT Malware analýza - část 2

Počítačové viry

5.8.2017

DFIRCON APT Malware analýza (anglická verze)

Počítačové viry

5.8.2017

DFIRCON APT Malware Analysis - Part 2

Počítačové viry

5.8.2017

Flow Control Obfuscations v malware

Počítačové viry

5.8.2017

Control Flow Obfuscations in Malwares

Počítačové viry

5.8.2017

Introduction to Android Malware Analysis

Počítačové viry

5.8.2017

Outsmarted - Why Malware Works in the Face of Antivirus Software

Počítačové viry

5.8.2017

DFIRCON APT Malware Analysis

Počítačové viry

5.8.2017

Control Flow Obfuscations in Malwares

Počítačové viry

5.8.2017

Return Oriented Programming (ROP FTW)

Programování

5.8.2017

Understanding C Integer Boundaries (Overflows & Underflow)

Programování

5.8.2017

Windows rcrypt PE EXE/DDL Packer Writeup 

Programování

5.8.2017

Reversing & Malware Analysis Training Articles

Reverzní inženýrství

5.8.2017

Reversing & Malware Analysis Training Presentations

Reverzní inženýrství

5.8.2017

Reverse Engineering of x86 Linux Shellcodes the Easy Way

Reverzní inženýrství

5.8.2017

Reversing Encrypted Callbacks and COM Interfaces

Reverzní inženýrství

5.8.2017

Reversing Encrypted Callbacks and COM Interfaces

Reverzní inženýrství

5.8.2017

Manipulating Memory for Fun & Profit

Systémy IDS/IPS

5.8.2017

CVE-2012-5076 Technical Analysis Report

Zranitelnosti

5.8.2017

CVE-2012-1535: Adobe Flash Player Integer Overflow Vulnerability Analysis

Zranitelnosti

5.8.2017

CVE-2012-4969 Technical Analysis Report

Zranitelnosti

5.8.2017

Checkpoint/SofaWare Firewall Vulnerability Research

Zranitelnosti

5.8.2017

Atlassian Confluence 4.3.5 - Multiple Vulnerabilities

Zranitelnosti

5.8.2017

Microsoft Windows Help Systems Vulnerabilities. 

Zranitelnosti

5.8.2017

Atlassian Confluence 4.3.5 - Multiple Vulnerabilities

Zranitelnosti

5.8.2017

WordPress 3.6 - Crafted String URL Redirect Restriction Bypass

Zranitelnosti

5.8.2017

Zine: D-Link DSR Series Router - Remote Root Shell

Zranitelnosti

5.8.2017

WinRar 4.20 - File Extension Spoofing (0Day)

Zranitelnosti

5.8.2017

Checkpoint/SofaWare Firewall Vulnerability Research

Zranitelnosti

5.8.2017

Technical Information on Vulnerabilities of Hypercall Handlers

Zranitelnosti

5.8.2017

Privilege Escalation via Client Management Software

Zranitelnosti

5.8.2017

Ghost Vulnerability CVE-2015-0235 White Paper

Zranitelnosti

5.8.2017

Analysis of CVE-2014-4113 (Windows Privilege Escalation Vulnerability)

Zranitelnosti

5.8.2017

The Ultimate XSS Protection Cheat Sheet for Developers

Zranitelnosti

5.8.2017

Microsoft Windows Help Systems Vulnerabilities.

Zranitelnosti

5.8.2017

Fuzzing & Software Vulnerabilities Part 1 - Turkish

Zranitelnosti

5.8.2017

Escaping VMware Workstation through COM1

Zranitelnosti

5.8.2017

WordPress 3.6 - Crafted String URL Redirect Restriction Bypass

Zranitelnosti

5.8.2017

Windows rcrypt PE EXE/DDL Packer Writeup

Zranitelnosti

5.8.2017

WinRar 4.20 - File Extension Spoofing (0Day)

Zranitelnosti

5.8.2017

Privilege Escalation via Client Management Software - Part II

Zranitelnosti