Blog post:
Research Windows 0-day exploit CVE-2019-1458 used in Operation WizardOpium - securelist.com/windows-0-day-e
Reading: 3 min
Published: 12/10/2019

Blog post: Persistence – Office Application Startup - pentestlab.blog/2019/12/11/per
Reading: 4 min
Published: 12/11/2019

Blog post: Updating adconnectdump - a journey into DPAPI - dirkjanm.io/updating-adconnect
Reading: 10 min
Published: 12/11/2019

Tools: SafetyDump - uses the Minidump Windows API to dump process memory before base64 encoding that dump and writing it to standard output. This allows the dump to be redirected to a file or straight back down C2 or through other tools - github.com/m0rv4i/SafetyDump

Blog post by : Unveiling Octopus: The pre-operation C2 for Red Teamers - shells.systems/unveiling-octop
Reading: 8 min
Published: 12/10/2019

Blog post by SANS Penetration Testing: Parsing Zeek JSON Logs with JQ - pen-testing.sans.org/blog/2019
Reading: 5 min
Published: 12/03/2019

Blog post: Azure Privilege Escalation via Cloud Shell - blog.netspi.com/attacking-azur
Reading: 6 min
Published: 12/10/2019

Blog post: CVE-2019-19248: Local Privilege Escalation in EA’s Origin Client - enigma0x3.net/2019/12/10/cve-2
Reading: 4 min
Published: 12/10/2019

Tools: DroneSploit - CLI framework is based on sploitkit and is an attempt to gather hacking techniques and exploits especially focused on drone hacking. For the ease of use, the interface has a layout that looks like Metasploit - github.com/dhondta/dronesploit

Blog post by MDSec: MacOS Filename Homoglyphs Revisited - mdsec.co.uk/2019/12/macos-file
Reading: 12 min
Published: 12/10/2019

Blog post by FireEye: Staying Hidden on the Endpoint: Evading Detection with Shellcode - fireeye.com/blog/threat-resear
Reading: 9 min
Published: 10/10/2019

Tools: Apk-mitm - CLI application that automatically prepares Android APK files for HTTPS inspection - github.com/shroudedcode/apk-mi

Blog post: Breaking the chains on HTTP Request Smuggler - portswigger.net/research/break
Reading: 3 min
Published: 12/09/2019

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.