[Exploitation]

⦿ CVE-2020-24581 D-Link DSL-2888A Remote Command Execution -  Stella Sebastian

D-Link DSL-2888A에서 발생하는 RCE 분석

https://reconshell.com/cve-2020-24581-d-link-dsl-2888a-remote-command-execution/

 

⦿ CVE-2020-27932: iOS Kernel privesc with turnstiles - Ian Beer

https://googleprojectzero.blogspot.com/p/rca-cve-2020-27932.html

 

⦿ Exploiting crash handlers: LPE on Ubuntu - Itai Greenhut

https://alephsecurity.com/2021/02/16/apport-lpe/

 

⦿ Hunting for bugs in Telegram's animated stickers remote attack surface - shielder

https://www.shielder.it/blog/2021/02/hunting-for-bugs-in-telegrams-animated-stickers-remote-attack-surface/

 

⦿ Kernel Pwnable repo - smallkirby

https://github.com/smallkirby/kernelpwn

 

⦿ Microsoft Hyper-V Virtual Network Switch VmsMpCommonPvtSetRequestCommon Out of Bounds Read - Alisa Esage Шевченко

https://zerodayengineering.com/blog/hyper-v-vmswitch-oobr.html

 

⦿ WINDOWS KERNEL ZERO-DAY EXPLOIT (CVE-2021-1732) IS USED BY BITTER APT IN TARGETED ATTACK - DBAPPSecurity

https://ti.dbappsecurity.com.cn/blog/index.php/2021/02/10/windows-kernel-zero-day-exploit-is-used-by-bitter-apt-in-targeted-attack/

 

⦿ ZDI-20-1440 Writeup - HexRabbit

https://blog.hexrabbit.io/2021/02/07/ZDI-20-1440-writeup/

 

 

[Web]

⦿ Escalating SSRF to RCE - Alserda(sanderwind)

https://sanderwind.medium.com/escalating-ssrf-to-rce-7c0147371c40

 

 

[Network]

⦿ Relaying 101 - Daniel

https://luemmelsec.github.io/Relaying-101/

 

 

 

[Cyber Operation, Malware]

⦿ Egregor Ransomware - An In-Depth Analysis - Tom Roter

https://blog.minerva-labs.com/egregor-ransomware-an-in-depth-analysis

 

⦿ Internals of Lazarus Operation Dream Job - 0xthreatintel

https://0xthreatintel.medium.com/internals-of-lazarus-operation-dream-job-7ced9fc7da3e

 

 

[리버싱, 펜테스팅, 분석]

⦿ Analyzing Clubhouse for fun and profit - Theori

https://theori.io/research/korean/analyzing-clubhouse/

 

⦿ Kubernetes Pentest Methodology - Or Ida

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-1

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-2

https://www.cyberark.com/resources/threat-research-blog/kubernetes-pentest-methodology-part-3

 

⦿ Methodology for Static Reverse Engineering of Windows Kernel Drivers - Matt Hand

https://posts.specterops.io/methodology-for-static-reverse-engineering-of-windows-kernel-drivers-3115b2efed83

 

⦿ Pentest Tips and Tricks - jivoi

https://jivoi.github.io/2015/07/01/pentest-tips-and-tricks/

https://jivoi.github.io/2015/08/21/pentest-tips-and-tricks-number-2/

 

⦿ Remote Desktop Connection (mstsc.exe) Screen in a Memory Dump Analysis - Rifqi Ardia Ramadhan

https://medium.com/mii-cybersec/remote-desktop-connection-mstsc-exe-screen-in-a-memory-dump-analysis-e7e00895dd4a

 

⦿ Using eBPF to uncover in-memory loading - Pat H

eBPF를 이용하여 멀웨어가 파이프를 사용하여 인 메모리 로드를 수행할 때 기록하는 방법

https://blog.tofile.dev/2021/02/15/ebpf-01.html

 

 

[CTF, Wargame]

⦿ Book HackTheBox Walkthrough - Raj Chandel

hackingarticles.in/book-hackthebox-walkthrough/

 

⦿ Remote HackTheBox Walkthrough - Raj Chandel

https://www.hackingarticles.in/remote-hackthebox-walkthrough/

 

 

[기타]

⦿ Line CTF

- Date: 20.03.2021 00:00 UTC ~ 21.03.2021 00:00 UTC (24 hours)

https://linectf.me

 

⦿ Quarkslab Challenge

https://quarkslab.com/challenge-quarkslab-2021/

 

[툴]

 

 

 

 

 

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22

⦿ 원격 해커가 내부 네트워크의 기기를 공격할 수 있는 새로운 공격 발견 - 2021.01.29

 

 

 

 

⦿ Microsoft Azure Function 취약점 악용하여 Docker 탈출 - 2021.02.01

 

 

⦿ 구글, Libgcrypt 암호화 라이브러리의 심각한 취약점 공개 - 2021.02.02

 

 

⦿ 테슬라 에이전트, 새로운 전송 및 회피 기법 사용 - 2021.02.02

 

 

 

 

⦿ 구글, 제로데이 공격 후 추가된 애플 iOS 보안 기능 분석 - 2021.02.02

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22

[Exploitation]

⦿ A Look at iMessage in iOS 14 - Samuel Groß

https://googleprojectzero.blogspot.com/2021/01/a-look-at-imessage-in-ios-14.html

 

⦿ Effectively Fuzzing the IPC Layer in Firefo - Christoph Kerschbaumer and decoder

https://blog.mozilla.org/attack-and-defense/2021/01/27/effectively-fuzzing-the-ipc-layer-in-firefox/

 

⦿ Heap-based buffer overflow in Sudo (CVE-2021-3156) - Qualys Security Advisory

https://blog.qualys.com/vulnerabilities-research/2021/01/26/cve-2021-3156-heap-based-buffer-overflow-in-sudo-baron-samedit

https://www.qualys.com/2021/01/26/cve-2021-3156/baron-samedit-heap-based-overflow-sudo.txt

 

⦿ Possible RCE through Windows Custom Protocol on Windows client

https://hackerone.com/reports/1001255

 

⦿ Pwn2Own: A Tale of a Bug Found and Lost Again - Hanno Heinrichs and Lukas Kupczyk

https://www.crowdstrike.com/blog/pwn2own-tale-of-a-bug-found-and-lost-again/

 

⦿ Windows Exploitation Tricks: Trapping Virtual Memory Access - James Forshaw

https://googleprojectzero.blogspot.com/2021/01/windows-exploitation-tricks-trapping.html

 

 

 

[Web]

⦿ The Secret Parameter, LFR, and Potential RCE in NodeJS Apps

https://blog.shoebpatel.com/2021/01/23/The-Secret-Parameter-LFR-and-Potential-RCE-in-NodeJS-Apps/

 

 

[Network]

⦿ VisualDoor: SonicWall SSL-VPN Exploit

https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/

 

 

[Cyber Operation, Malware]

⦿ A Deep Dive Into Patchwork APT Group - cybleinc

https://cybleinc.com/2021/01/20/a-deep-dive-into-patchwork-apt-group/

 

⦿ Deep dive into the Solorigate second-stage activation: From SUNBURST to TEARDROP and Raindrop - Microsoft

https://www.microsoft.com/security/blog/2021/01/20/deep-dive-into-the-solorigate-second-stage-activation-from-sunburst-to-teardrop-and-raindrop/

 

⦿ Detecting zero days in software supply chain with static and dynamic analysis - Ajin Abraham

https://ajinabraham.com/blog/detecting-zero-days-in-software-supply-chain-with-static-and-dynamic-analysis

 

⦿ Malware development part 6 - Some advanced obfuscation techniques for C code - Patryk Czeczko

https://0xpat.github.io/Malware_development_part_6/

 

 

[보안연구원 타깃 공격 관련]

⦿ DPRK Malware Targeting Security Researchers

https://norfolkinfosec.com/dprk-malware-targeting-security-researchers/

 

⦿ New campaign targeting security researchers - Adam Weidemann

https://blog.google/threat-analysis-group/new-campaign-targeting-security-researchers/

 

⦿ 중국 Anheng 측 분석

https://mp.weixin.qq.com/s/UBD0hyXUooYuDrpsz8-MtQ

 

⦿ 중국 360 측 분석

https://mp.weixin.qq.com/s/W-C_tKVnXco8C3ctgAjoNQ

 

 

[기타]

⦿ Jailbreak Forum

https://jailbreak.fce365.info/

 

⦿ 버그바운티 팁

https://gowsundar.gitbook.io/book-of-bugbounty-tips/

 

⦿ 버그헌터 핸드북

https://gowthams.gitbook.io/bughunter-handbook/

 

 

[툴]

⦿ Hooking iOS Kernel Functions From Userspace

https://github.com/jsherman212/xnuspy

 

⦿ iOS virtualization tool for individual subscribers 

https://corellium.com/blog/ios-for-individuals

 

 

 

 

 

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.02 - 2주)  (0) 2021.02.23
주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22

⦿ SonicWall VPN 제품에서 제로데이 공격으로 해킹 당해 - 2021.01.22

 

⦿ 원격으로 악용 가능한 윈도우 취약점 세부 정보 공개 - 2021.01.25

 

⦿ 북한 추정 해킹그룹, 보안 연구원 타깃 새로운 사이버공격 진행 - 2021.01.26

 

⦿ 애플, 실제 공격에 악용 중인 제로데이 취약점 3개 수정 - 2021.01.27

 

 

 

'기타' 카테고리의 다른 글

주요 뉴스 (2021.02 - 1주)  (0) 2021.02.05
기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22
주요 뉴스 (2021.01 - 2주)  (0) 2021.01.18

⦿ 국제 TF, 최대 규모 다크마켓 서비스 차단 - 2021.01.14

 

⦿ 세계 최대 규모의 Carding 웹 사이트 Joker's Stash 폐쇄 예정 - 2021.01.16

 

⦿ Apple, 인도 해커 2명에게 버그바운티 상금 $50,000 지급 - 2021.01.18

 

⦿ SolarWinds 해커, Malwarebytes 내부 이메일에 액세스 - 2021.01.20

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22
주요 뉴스 (2021.01 - 2주)  (0) 2021.01.18
기술 문서 자료 (2021.01 - 2주)  (0) 2021.01.14

[Exploitation]

⦿ An incorrect calculation bug in the linux kernel EBPF Verifier - Lucas Leong

https://www.zerodayinitiative.com/blog/2021/1/18/zdi-20-1440-an-incorrect-calculation-bug-in-the-linux-kernel-ebpf-verifier

 

⦿ Chrome 1-Day Hunting - Uncovering and Exploiting CVE-2020-15999

https://starlabs.sg/blog/2021/01/chrome-1-day-hunting-uncovering-and-exploiting-cve-2020-15999

 

⦿ CVE-2020-5144 – SonicWall Global VPN New Elevation of Privileges Vulnerability - Chen Erlich

https://cymptom.com/cve-2020-5144-sonicwall-global-vpn-new-elevation-of-privileges-vulnerability/2021/01/?fbclid=IwAR1UPp-OOfGQRMpsy0WFbcUKAAFriSPUKEX-v2paJJbJuOojvP1924wCH8c

 

⦿ CVE-2020-9971 Abusing XPC Service mechanism to elevate privilege in macOS/iOS

https://xlab.tencent.com/en/2021/01/11/cve-2020-9971-abusing-xpc-service-to-elevate-privilege

 

⦿ Escaping VirtualBox 6.1: Part 1 - Sauercl0ud, a2nkf, localo

https://secret.club/2021/01/14/vbox-escape.html

 

⦿ Exploiting CVE-2014-3153 (Towelroot)

https://elongl.github.io/exploitation/2021/01/08/cve-2014-3153.html

 

⦿ Hunting for Bugs in Windows Mini-Filter Drivers - James Forshaw

https://googleprojectzero.blogspot.com/2021/01/hunting-for-bugs-in-windows-mini-filter.html

 

⦿ ROCESS HERPADERPING – WINDOWS DEFENDER EVASION - Pentest Laboratories Ltd

https://pentestlaboratories.com/2021/01/18/process-herpaderping-windows-defender-evasion/

 

⦿ The State of State Machines - Natalie Silvanovich

https://googleprojectzero.blogspot.com/2021/01/the-state-of-state-machines.html

 

 

 

[Web]

⦿ CVE-2021-2109 Weblogic Remote Code Execution involving HTTP protocol and JNDI injection gadget

https://mp.weixin.qq.com/s/wX9TMXl1KVWwB_k6EZOklw

 

⦿ Exploiting Error Based SQL Injections & Bypassing Restrictions

https://medium.com/bugbountywriteup/exploiting-error-based-sql-injections-bypassing-restrictions-ed099623cd94

 

⦿ Finding 0day to hack Apple - @rootxharsh & @iamnoooob

https://github.com/httpvoid/writeups/blob/main/Apple-RCE.md

 

 

 

[Network]

⦿ DNSpooq - Kaminsky attack is back!

https://www.jsof-tech.com/disclosures/dnspooq/

 

⦿ Cache poisoning in popular open source packages - Adam Goldschmidt

https://snyk.io/blog/cache-poisoning-in-popular-open-source-packages/

 

 

 

[malware]

⦿ A Deep Dive into Lokibot Infection Chain

https://blog.talosintelligence.com/2021/01/a-deep-dive-into-lokibot-infection-chain.html

 

⦿ Building a Custom Malware Analysis Lab Environment - MARCO FIGUEROA

https://labs.sentinelone.com/building-a-custom-malware-analysis-lab-environment/

 

⦿ From A to X analyzing some real cases which used recent Emotet samples

https://blog.vincss.net/2021/01/re019-from-a-to-x-analyzing-some-real-cases-which-used-recent-Emotet-samples.html

 

⦿ Linux.Midrashim: Assembly x64 ELF virus - @guitmz

https://www.guitmz.com/linux-midrashim-elf-virus/

 

⦿ Raindrop: New Malware Discovered in SolarWinds Investigation

https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/solarwinds-raindrop-malware

 

⦿ Sunburst backdoor – code overlaps with Kazuar - Kaspersky

https://securelist.com/sunburst-backdoor-kazuar/99981

 

 

[기타]

⦿ How to use Ghidra to Reverse Engineer Mobile Application - K O M A L

https://medium.com/bugbountywriteup/how-to-use-ghidra-to-reverse-engineer-mobile-application-c2c89dc5b9aa

 

⦿ Machine Learning for Security

https://security.kiwi/docs/introduction/

 

⦿ macOS Post-Exploitation Shenanigans with VSCode Extensions

https://www.mdsec.co.uk/2021/01/macos-post-exploitation-shenanigans-with-vscode-extensions

 

⦿ Wireshark Tutorial: Examining Emotet Infection Traffic - Brad Duncan

https://unit42.paloaltonetworks.com/wireshark-tutorial-emotet-infection/

 

⦿ Zero Days, Thousands of Nights

https://www.rand.org/pubs/research_reports/RR1751.html

 

 

 

[툴]

⦿ Snort 3 officially released

https://blog.snort.org/2021/01/snort-3-officially-released.html

 

⦿ LIEF 0.11 released

https://lief.quarkslab.com/doc/stable/changelog.html#v0.11.0

 

⦿ Svetovid : Post-exploitation scripts and binaries

https://github.com/redcode-labs/Svetovid

 

⦿ virii : Collection of ancient computer virus source codes : 

https://github.com/guitmz/virii 

 

⦿ lazyweb : Vulnerable Web Application for test

https://github.com/RamadhanAmizudin/lazyweb

 

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22
주요 뉴스 (2021.01 - 2주)  (0) 2021.01.18
기술 문서 자료 (2021.01 - 2주)  (0) 2021.01.14

⦿ 미군, "Hack The Army" 버그바운티 프로그램 개최 - 2021.01.08

 

⦿ 마이크로소프트, 실제 공격에 악용된 디펜더 백신 프로그램의 제로데이 수정 - 2021.01.13

 

⦿ 구글, 정교한 윈도우 및 안드로이드 해킹 작전 공개 - 2021.01.13

 

 

 

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22
주요 뉴스 (2021.01 - 2주)  (0) 2021.01.18
기술 문서 자료 (2021.01 - 2주)  (0) 2021.01.14

⦿ Breaking The Browser – A tale of IPC, credentials and backdoors - Dylan(@_batsec_)

 

⦿ CRACKING A CHINESE PROXY TUNNEL: REAL WORLD CTF PERSONAL PROXY WRITEUP - hyperreality

 

⦿ FADE DEAD | Adventures in Reversing Malicious Run-Only AppleScripts - PHIL STOKES

 

⦿ In-the-Wild Series - Google Project Zero

 

⦿ Making Clouds Rain :: Remote Code Execution in Microsoft Office 365 - ϻг_ϻε(@steventseeley)

 

⦿ PHP의 Type Juggling에서 나타나는 취약점(Magic Hashes 취약점)

 

⦿ Real World CTF 발표자료(자막있음)

 

⦿ Stealing Your Private YouTube Videos, One Frame at a Time - David Schütz

 

⦿ Sysmon13 공개  - MS sysinternal

 

⦿ The Mac Malware of 2020 - Patrick Wardle

 

⦿ THE STORY OF CVE-2021-1648 - k0shl

 

⦿ Understanding and Exploiting Zerologon - Siddharth Balyan & Nandini Rana

'기타' 카테고리의 다른 글

기술 문서 자료 (2021.01 - 4주)  (0) 2021.01.29
주요 뉴스 (2021.01 - 4주)  (0) 2021.01.28
주요 뉴스 (2021.01 - 3주)  (0) 2021.01.25
기술 문서 자료 (2021.01 - 3주)  (0) 2021.01.22
주요 뉴스 (2021.01 - 2주)  (0) 2021.01.18
기술 문서 자료 (2021.01 - 2주)  (0) 2021.01.14

+ Recent posts