Aggregator

背景

• MT6737T
• Android

Background

最近阅读了一篇论文<<The Convergence of Source Code and Binary Vulnerability Discovery – A Case Study>>，很巧合的是论文的研究中，关于将SAST工具应用于二进制文件(通过decompiler)，即获取伪代码之后，在伪代码上跑SAST工具来找漏洞这个模式我和@C0ss4ck一起做过，在我们收到一些成效之后发现也有人做了类似的工作，不过他好像没有特别深入 :D

背景

严格意义上来说本文应该叫做: <<我本来只是想救个砖，但是却逆向了刷机工具尝试搞清楚android unlock的原理>> :D

关于

Fishhook是Facebook提供的利用MachO文件惰性加载原理，通过修改懒加载和非懒加载两个表的指针达到C函数HOOK的目的一个轻量级的hook库。理解这个工具和熟悉流程也是可以帮助更好的理解MachO文件格式 :)

环境配置

本篇主要是环境配置、调试、流程梳理

关于Weggli

AST Pattern Search

核心是使用和 tree-sitter 库，然后搞了 query-tree 来在 AST上进行搜索，这只能说是匹配特定的代码片段，还达不到程序分析的那个级别，所以理论上只能过程内分析，而且没有上下文啥的 :D 直白点说的话，像是AST的正则表达式，不过某种意义上来说对于使用白盒方案快速召回一些漏洞也是一种借鉴吧。

背景&&需求

迫于要分析一些SDK里的协议，需要抓到所有的流量来分析交互过程，所以有了这篇记录，主要是基于实时监控Android设备网络封包做的尝试，然后使用相同的思路扩展到了iOS上。

正则

前言之前简单的来学了一下RMI的使用，但是对于它的反序列化，我们还是需要通过底层代码逻辑来实现的所以现在再来学一下RMI前情回顾RMI的基本结构就是这样的我们现了解一下Registry：http...

近日，国家卫生健康委及下属国家中医药局、国家疾控局联合制定了《医疗卫生机构网络安全管理办法》（以下简称《管理办法》）。

Akamai security research has observed a new malware: a cryptominer with dreams of DDoS functionality. Read about kmdsbot in this blog.

The modern application has evolved and shifted to the edge. This inevitable adoption is improving the digital experience for end users.

CVE-2022-28219 Zoho ManageEngine ADAudit Plus XXE到RCE漏

Summary GTSC and other reputable sources have published blogs and analysis on a threat actor campaign exploiting Microsoft Exchange vulnerabilities. Patches are now available for these vulnerabilities. Threat Type Vulnerability Overview -Update 11/09/2022 - Microsoft has released their monthly update and included in this release are patches for the vulnerabilities covered in this collection. We recommend testing and applying these updates as soon as possible. Microsoft also recommends that you apply th

Though cloud-based secure web gateways (SWGs) eliminate many problems, it?s important to select the right approach to on-ramping traffic based on use case and protection level.

Learn about MITRE's latest evaluation and how MDRs can help organizations to better understand and combat adversary behavior.

The post MITRE マネージドサービス評価｜MDRとDRIRを検討中のお客様が知っておくべきの4つのポイント appeared first on SentinelOne JP.

Summary VMWare has released Workspace ONE Assist 22.10 in order to patch three critical vulnerabilities in their remote access tool. Threat Type Vulnerability Overview Three critical authentication bypass bugs have been disclosed in VMWare’s remote access tool, Workspace ONE Assist. All three of these vulnerabilities have been rated at a 9.8 out of 10 on CVSSv3. According to the VMWare advisory, "A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access with

The web needs a CDN; the cloud needs a GDN. What does that mean and why is it important for developers?

我想写一篇文章，关于burpsuite插件开发入门。去年我写了一些burp插件，用于辅助渗透和漏洞挖掘，这给我带来了很多方便，可以捡到一些安全漏洞。 本人以第一视角说下本人是如何学习burpsuite插件开发的。本文只是入门，如果想要深入学习插件开发，还需要更多的学习和参考。 1.环境配置和搭建 i