Last Week in Security (LWiS) - 2021-05-17
Exim RCE (@lockedbyte), Windows kernel exploit writeup (@33y0re), plaintext RDP creds from memory (@jonasLyk, @n00py1), MS Defender ATP bypasses (@Tyl0us), hashcat 6.2.0 (@hashcat), and more!
Showing only posts tagged Tools. Show all posts.
Last Week in Security (LWiS) - 2021-05-10
Full DarkHotel exploit ⛓️ (@_ForrestOrr), DomainBorrowing (@md5_salt), WinPmem to dump LSASS (@TheXC3LL), Twitter Tip Jar fail (@RachelTobac), the reasoning behind DripLoader (@_lpvoid), .NET + NTFS tricks (@G0ldenGunSec), and more!
Last Week in Security (LWiS) - 2021-05-03
Policy change (@github), Marauder's map (@Jean_Maes_1994), Null byte injection in GoAhead (@luker983), in-mem DLL loader (@scythe_io), Firebase fronting (@shantanukhande), Source Engine client RCE (@4lpine), and more!
Last Week in Security (LWiS) - 2021-04-26
New APIs/syscalls for EDR bypass (@yarden_shafir), UAF browser exploit dev (@33y0re), PowerView replacement [EDD] (@FortyNorthSec), phishing banner defeat (@whynotsecurity), packer teardown (@fumik0_), NANDcromancy (@Atredis), and more!
Last Week in Security (LWiS) - 2021-04-19
0 to RCE against a CMS (@ultrayoba), tcpip.sys patch diffing for N-days (@0vercl0k), detecting stagers (@DidierStevens), named pipe PTH (@ShitSecure), URI-based 1-click RCEs (@positive_sec), FDE bypass [Airstrike attack] (@breakfix), and more!
Last Week in Security (LWiS) - 2021-04-12
0-click Linux BT RCE (@theflow0), deanonymizing LinkedIn users (@h3xstream), PPL demystified (@itm4n), HTML based remote macros (@micahvandeusen), Chrome 0day-ish (@r4j0x00), wordlist generator (@giteshnxtlvl), and more!
Last Week in Security (LWiS) - 2021-04-05
PATH shim (@djhohnstein), C2 profile randomizer (@joevest), website to wordlist tool (@Matt_Grandy_), DLL side-loading fixes (@1ndahous3), a new 🥔 tool (@micahvandeusen), txt files that leak (@PaulosYibelo), and more!
Last Week in Security (LWiS) - 2021-03-29
Real APT discovery (@IgorBog61650384), a new heap exploitation technique (@Dooflin5), SAML injection (@NCCGroupInfosec), MemoryLoader IDA plugin (@RRBlackRussian), redacted PEM key recovery (@CryptoHack__), MirrorDump tool (@_EthicalChaos_), and more!
Last Week in Security (LWiS) - 2021-03-22
The latest/greatest mem dumper BOF (@anthemtotheego), CLR usage logging evasion (@bohops), Windows deception engineering (@ollieatnccgroup), MobileIron enumeration (@OptivSourceZero), common vulns and mis-configs (@ShitSecure), macOS persistence (@theevilbit), and more!
Last Week in Security (LWiS) - 2021-03-15
Bloodhound Enterprise (@_wald0), reproducing ProxyLogon (@amlweems), Wireshark 1-click RCE (@positive_sec), free IOC API (@abuse_ch), VM detection trick (@gsuberland), IoT 🐚s via PCI (@_p0ly_), opensource AirTags (@Sn0wfreeze), and more!
« newer articles | page 16 | older articles »