Aggregator

Porting part 2's ChakraCore exploit to Microsoft Edge while defeating ASLR, DEP, CFG, ACG, CIG, and other mitigations.

一套基于反向代理的流程化、模板化水坑攻击，全程只使用前端，做到受害者无感知使用的技术

MAC 的Nox模拟器依赖virtualbox模拟，一直卡在99%，因为nox只是个封装调用，实际上还是virtualbox,virtualbox单独启动报错： virtualbox也是最新版 报错信息如下： Kernel driver not installed (rc=-1908) Make s

Conti is a notorious ransomware group that targets high-revenue organizations. They were first detected in 2020, and appear to be based in Russia. It is believed that the group is the successor to Ryuk ransomware group. According to Chainalysis, The ransomware group was the highest grossing of all ransomware groups in 2021, with an estimated revenue of at least 180 million dollars.

Microsoft is excited to announce the addition of Exchange on-premises, SharePoint on-premises, and Skype for Business on-premises to the Applications and On-Premises Servers Bounty Program. Through this expanded program, we encourage researchers to discover and report high-impact security vulnerabilities to help protect customers. We offer awards up to $26,000 USD for eligible submissions.

本文是以一个虚拟的大型互联网公司的视角对DevSecOps体系构建的总结和思考。

分享一首伟人的七律，上海的朋友们加油。坚信人民和党“敢教日月换新天”的革命浪漫主义情怀不会消失，上海必胜！ 《到韶山》 别梦依稀咒逝川，故园三十二年前。 红旗卷起农奴戟，黑手高悬霸主鞭。 为有牺牲多壮志，敢教日月换新天。 喜看稻菽千重浪，遍地英雄下夕烟。

Information for red teaming macOS and info on real world TTPs are still a bit sparse. That makes it difficult for defenders to know what attackers do on macOS compared to Windows. Some organizations might have a bigger blind spot when it comes to macOS. This post describes how an adversary can grab hashes from a macOS machine, how to convert it to a hashcat friendly format and use hashcat to crack it.

Despite how they sound, Spring4Shell and the related vulnerabilities in the Spring Framework aren’t exactly like Log4Shell. Learn how they work and what you can do.

响应Lake2大佬的号召，我开通了这个公众号，用于记录一点零散的文字总结，第一篇，以发一个小工具开始。

这里有我当初学习CodeQL的时候记录的所有的笔记，还有一些我自己的总结，一股脑公开了，希望对你有用🤷‍♀️ 至于文档的顺序，我并没有整理

spring 的rce的写文件的poc 是有严重缺陷

3月29日，Spring Framework 存在远程代码执行漏洞，在 JDK 9 及以上版本环境下，远程攻

混合办公（Hybrid Work）安全的三年技术落地趋势推演。"端到端零信任"大的版图。

Although Spring Cloud Functions are not as widespread as the Log4j library, and should provide a good separation from the hosting server, some draw the line between the two, due to the ease of exploitation over HTTP/s. This new vulnerability will definitely result in many threat actors launching campaigns for crypto-mining, ddos, ransomware, and as a golden ticket to break into organizations for the next years to come.

When Spring, the Java-based application, fell victim to cyberattacks, Akamai's Adaptive Security Engine detected zero-day attacks and protected customers against them.