Thu, 14 Jun 2018 03:33:33 GMT
Database Security Threats And Injection Technique
Whitepaper called Database Security Threats and Injection Technique. Written in Persian.
Thu, 14 Jun 2018 02:22:22 GMT
EggHunter Buffer Overflow For Windows
Whitepaper called EggHunter Buffer Overflow for Windows. Written in Arabic.
Mon, 11 Jun 2018 04:44:44 GMT
Lateral Movement Using WinRM
Whitepaper called Lateral Movement using WinRM. Written in Arabic.
Fri, 01 Jun 2018 12:22:22 GMT
Reverse Engineering - Simple Patching
Whitepaper called Reverse Engineering - Simple Patching. Written in Arabic.
Fri, 01 Jun 2018 02:22:22 GMT
Android Application Pentest With Drozer
Whitepaper called Android Application Pentest With Drozer. Written in Persian.
Sat, 26 May 2018 10:11:11 GMT
SEH Buffer Overflow Basic Exploitation Tutorial
This is a SEH buffer overflow basic exploitation tutorial. Written in Arabic.
Wed, 23 May 2018 04:44:44 GMT
This whitepaper explains deserialization vulnerabilities in Java, Python, PHP, and Ruby.
Wed, 23 May 2018 01:11:11 GMT
Introduction To Wireless Network Penetration Testing
Whitepaper called Introduction to Wireless Network Penetration Testing. Written in Persian.
Thu, 10 May 2018 09:59:58 GMT
Code Review Steps And Methodologies
Whitepaper called Code Review Steps and Methodologies.
Wed, 09 May 2018 17:56:28 GMT
Whitepaper called Web Forensics. Written in Vietnamese.
Sun, 06 May 2018 13:01:11 GMT
t2'18 Call For Papers
The t2'18 Call For Papers has been announced. It will take place October 25th through the 26th, 2018 in Helsinki, Finland.
Fri, 04 May 2018 01:14:13 GMT
Linux Restricted Shell Bypass Guide
Whitepaper titled Linux Restricted Shell Bypass Guide.
Fri, 27 Apr 2018 14:54:32 GMT
Windows Kernel Exploitation Tutorial Part 8: Use After Free
Whitepaper called Windows Kernel Exploitation Tutorial Part 8: Use After Free.
Thu, 26 Apr 2018 14:14:05 GMT
Hack In The Box GSEC 2018 Singpaore Call For Papers
Final call for the 2018 Hack In The Box (HITB) GSEC conference in Singapore. HITB GSEC is a 3-day deep knowledge security conference where attendees get to vote on the final agenda of talks and and to meet with the speakers they voted for.
Tue, 24 Apr 2018 23:51:18 GMT
Nintendo Switch / Nvidia Fusee Gelee Disclosure
This report documents Fusee Gelee, a coldboot vulnerability that allows full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM) on NVIDIA's Tegra line of embedded processors. As this vulnerability allows arbitrary code execution on the Boot and Power Management Processor (BPMP) before any lock-outs take effect, this vulnerability compromises the entire root-of-trust for each processor, and allows exfiltration of secrets e.g. burned into device fuses.
Tue, 24 Apr 2018 23:23:23 GMT
Building A Simple Proxy Fuzzer For THe MQTT Protocol Using The Polymorph Framework
Whitepaper that shows how easy you can build a fuzzer for the MQTT protocol by using the Polymorph framework.
Sat, 21 Apr 2018 15:29:26 GMT
Bridging The Gap Between SIPR And NIPR Using KVM Switches
This paper documents a minor but somewhat easy way to compromise air gapped systems that share a kvm.
Wed, 18 Apr 2018 10:11:11 GMT
The Origin And Impact Of Security Vulnerabilities In ST Chipsets
This whitepaper explores the origin and impact of the vulnerabilities discovered in ST chipsets.
Mon, 16 Apr 2018 10:22:22 GMT
Diamorphine LKM Analysis
This whitepaper provides diamorphine linux kernel rootkit analysis. Written in Korean.
Fri, 13 Apr 2018 22:22:22 GMT
Polymorph: A Real-Time Network Packet Manipulation Framework
Whitepaper called Polymorph: A Real-Time Network Packet Manipulation Framework.
Wed, 11 Apr 2018 16:12:07 GMT
Smashing Smart Contracts
This pop-scientific conference paper introduces Mythril, a security analysis tool for Ethereum smart contracts, and its symbolic execution backend LASER-Ethereum. The first part of the paper explains symbolic execution of Ethereum bytecode in a largely formal manner. The second part showcases the vulnerability detection modules already implemented in Mythril. The modules use a pragmatic mix of static analysis, symbolic analysis and control flow checking.
Sun, 08 Apr 2018 13:02:22 GMT
WOOT 12 Call For Papers
WOOT '12 Call For Papers - This will be held August 13th through the 14th, 2018, in Baltimore, MD, USA. WOOT '12 is co-located with the USENIX Security Symposium.
Wed, 28 Mar 2018 16:55:55 GMT
The Grey Matter Of Securing Android Applications
Whitepaper called The Grey Matter of Securing Android Applications. It starts with the introduction of the Android platform and fundamentals of the Android applications. It later talks about the in-built security features of the Android platform and the additional features that are provided by Google to build a secure ecosystem. It also includes how and why these features can be leveraged to build secure Android applications.
Mon, 26 Mar 2018 10:11:11 GMT
Exploring The Depths Of CMD.exe Obfuscation And Detection Techniques
Whitepaper called DOSfuscation: Exploring the Depths of CMD.exe Obfuscation and Detection Techniques.
Cross Site Scripting In A Nutshell
Whitepaper called Cross Site Scripting 'XSS' In A Nutshell.
view page: 181