Telegram Web Link
bootg.com
»
United States
»
Information Security
» Telegram Web
Information Security
https://tmpout.sh/1/
Information Security
https://blog.ryotak.me/post/homebrew-security-incident-en/
blog.ryotak.net
Remote code execution in Homebrew by compromising the official Cask repository
この記事は日本語でも投稿されています: https://blog.ryotak.net/post/homebrew-security-incident/ (もし日本語が読める場合、筆者は英語がそこまで得意ではないため、日本語の記事を読むことをお勧めします。) (Official blog post about this incident is available here: https://brew.sh/2021/04/21/security-incident-disclosure/) Preface…
Information Security
https://www.cloaked.pl/2021/04/cve-2021-26415/
www.cloaked.pl
CVE-2021-26415
Windows Installer Elevation of Privilege Vulnerability
Information Security
https://blog.scrt.ch/2021/04/22/bypassing-lsa-protection-in-userland/
Information Security
https://wwws.nightwatchcybersecurity.com/2021/04/25/supply-chain-attacks-via-github-com-releases/
Nightwatch Cybersecurity
Supply Chain Attacks via GitHub.com Releases
Summary Release functionality on GitHub.com allows modification of assets within a release by any project collaborator. This can occur after the release is published, and without notification or au…
Information Security
https://blog.mozilla.org/attack-and-defense/2021/04/27/examining-javascript-inter-process-communication-in-firefox/
Attack & Defense
Examining JavaScript Inter-Process Communication in Firefox
Firefox uses Inter-Process Communication (IPC) to implement privilege separation, which makes it an important cornerstone in our security architecture. A previous blog post focused on fuzzing the C++ side ...
Information Security
https://github.com/pielco11/fav-up
GitHub
GitHub - pielco11/fav-up: IP lookup by favicon using Shodan
IP lookup by favicon using Shodan. Contribute to pielco11/fav-up development by creating an account on GitHub.
Information Security
http://dronesec.pw/blog/2021/03/10/on-exploiting-cve-2021-1648/
Information Security
https://www.dustri.org/b/detecting-and-annoying-burp-users.html
dustri.org
Detecting and annoying Burp users
Personal blog of Julien (jvoisin) Voisin
Information Security
https://medium.com/@markmotig/finding-writable-folders-and-hijackable-dlls-3594a9a0b1c8
Medium
Finding writable folders and hijackable DLLs
This is pretty straight forward. All of the hard work was already done by Petr Hinchley and Matt Hand. This finds writable folders and…
Information Security
https://ctf.re//source-engine/exploitation/2021/05/01/source-engine-2/
Reversing Engineering for the Soul
Exploiting the Source Engine (Part 2) - Full-Chain Client RCE in Source using Frida
Exploiting a clientside RCE using a two-step bug chain utilizing Frida.RE
Information Security
https://github.com/googleprojectzero/Hyntrospect
GitHub
GitHub - googleprojectzero/Hyntrospect
Contribute to googleprojectzero/Hyntrospect development by creating an account on GitHub.
Information Security
https://devcraft.io/2021/05/04/exiftool-arbitrary-code-execution-cve-2021-22204.html
devcraft.io
ExifTool CVE-2021-22204 - Arbitrary Code Execution
Background
Information Security
https://twitter.com/_Bugbountytips_/status/1393483510556545024?s=20
Twitter
BugBountyTips.tech
How to Find Secret token , apikey, etc in js files & source code using bash (xkeys) | recon youtube.com/watch?v=_7EM7f… #bugbounty #recon #bash #bugbountytips The post How to Find Secret token , apikey, etc in js files & source code using bash (xke… appeared…
Information Security
https://blog.doyensec.com/2021/05/20/graphql-csrf.html
Information Security
https://voidsec.com/reverse-engineering-and-exploiting-dell-cve-2021-21551/
VoidSec
Reverse Engineering & Exploiting Dell CVE-2021-21551 - VoidSec
Didactic blog post regarding the process and methodology used to Reverse Engineering & Weaponize Dell's CVE-2021-21551.
Information Security
https://googleprojectzero.blogspot.com/2021/05/fuzzing-ios-code-on-macos-at-native.html
Blogspot
Fuzzing iOS code on macOS at native speed
Or how iOS apps on macOS work under the hood Posted by Samuel Groß, Project Zero This short post explains how code compiled for iOS ...
Information Security
https://github.com/samwcyo/CVE-2021-27651-PoC/blob/main/RCE.md
GitHub
CVE-2021-27651-PoC/RCE.md at main · samwcyo/CVE-2021-27651-PoC
RCE for Pega Infinity >= 8.2.1, Pega Infinity <= 8.5.2 - samwcyo/CVE-2021-27651-PoC
Information Security
https://docs.google.com/presentation/d/19JaXHFMT-R2le6x-vPKw5D1Cxlw2aLtxHEIDwWBNXCQ/edit?usp=drivesdk
Google Docs
2021, PHDays: Fuzzing the Linux kernel
Fuzzing the Linux kernel Andrey Konovalov, xairy.io May 20th 2021
Information Security
https://www.zerodayinitiative.com/blog/2021/5/17/cve-2021-31166-a-wormable-code-execution-bug-in-httpsys
Zero Day Initiative
Zero Day Initiative — CVE-2021-31166: A Wormable Code Execution Bug in HTTP.sys
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Kc Udonsi and Yazhi Wang of the Trend Micro Research Team detail a recent code execution vulnerability in the Microsoft Internet Information Services (IIS) for Windows.…
2024/10/01 10:12:39
Back to Top
HTML Embed Code:
TW
HK
DE
US
CA
RU
NO
CN
UA
SG
YE
IN
SA
FR
IQ
UK
EG