通知:最近一直在出差,更新会比较晚,导读就不弄了,大家凑合着看吧

1、securityd PoC overflow vulnerability in securityd(iOS 11.3/15E5189f)
https://github.com/iabem97/securityd-racer2

2、In-App browsers allow iOS apps to steal user credentials, inject or replace ads and add extra analytics without the user knowing
https://krausefx.com/blog/follow-user

3、CVE-2017-13868: A fun XNU infoleak
http://bazad.github.io/bazad.github.io/2018/03/a-fun-xnu-infoleak/

4、Hacking into NET router for fun and profit
https://mthbernardes.github.io/persistence/2018/03/02/hacking-into-NET-router-for-fun-and-profit.html

5、Creating Persistence with DCShadow
https://blog.stealthbits.com/creating-persistence-with-dcshadow/

6、Gaining Domain Admin from Outside Active Directory
https://markitzeroday.com/pass-the-hash/crack-map-exec/2018/03/04/da-from-outside-the-domain.html

7、Java Unmarshalling Security - 攻击Hessian协议
http://blog.csdn.net/u011721501/article/details/79443598

8、爬虫基础篇(Web 漏洞扫描器)
https://paper.seebug.org/537/

9、《看雪论坛精华17》
https://bbs.pediy.com/thread-224671.htm

10、Bypassing Google’s authentication to access their Internal Admin panels — Vishnu Prasad P G
https://medium.com/bugbountywriteup/bypassing-googles-fix-to-access-their-internal-admin-panels-12acd3d821e3

工具#psgetsystemSimple:powershell/C# to spawn a process under a different parent process
https://github.com/decoder-it/psgetsystem

工具#symrepl is a small utility that helps you investigate the type information inside binaries.
https://github.com/agustingianni/symrepl

工具#Xplico is a Network Forensic Analisys Tool NFAT, for Unix and Unix-like operating systems.
https://github.com/xplico/xplico

工具#prithvi:A Report Generation Tool for Security Assessment
https://github.com/vegabird/prithvi

工具#AppLockerBPG:AppLocker/Bypassing For Execution APT Service,everytime Update
https://github.com/homjxi0e/AppLockerBPG

点击收藏 | 0 关注 | 1
  • 动动手指,沙发就是你的了!
登录 后跟帖