每日安全动态推送(10-16)

渗透技巧 7个月前 admin
113 0 0
Tencent Security Xuanwu Lab Daily News

• Secure Elements: The Bedrock of Hardware Wallet Security:
https://blog.keyst.one/secure-elements-the-bedrock-of-hardware-wallet-security-1dd8cbdef461?gi=78f9d779c72f

   ・ 硬件钱包安全的基本规则 – WireFish


• Finding a POP chain on a common Symfony bundle : part 2:
https://www.synacktiv.com/en/publications/finding-a-pop-chain-on-a-common-symfony-bundle-part-2

   ・ 在 Symfony 的通用 bundle 中构建 ROP 链 – WireFish


• GitHub – pstirparo/machofile: machofile is a module to parse Mach-O binary files:
https://github.com/pstirparo/machofile

   ・ Mach-O文件格式解析工具 – WireFish


• Ruijie Reyee Mesh Router – MITM Remote Code Execution (RCE):
http://dlvr.it/SxC707

   ・ Ruijie Reyee Mesh 路由器 MITM RCE – WireFish


• The evolution of Windows authentication:
https://techcommunity.microsoft.com/t5/windows-it-pro-blog/the-evolution-of-windows-authentication/ba-p/3926848

   ・ 介绍 Windows 鉴权方式的变迁 – WireFish


• #HITB2023HKT D1T1 – Exploiting The Lexmark PostScript Stack – Aaron Adams:
https://www.youtube.com/watch?v=MPEX4TtZqEU

   ・ 攻击 Lexmark 激光打印机的 PostScript Stack – WireFish


• QBinDiff: A modular diffing toolkit:
http://blog.quarkslab.com/qbindiff-a-modular-diffing-toolkit.html

   ・ 新的二进制文件 diff 工具 – WireFish


• Let’s prototype a JavaScript JIT compiler!:
https://youtu.be/8mxubNQC5O8

   ・ 如何实现一个 JavaScript JIT 编译器 – WireFish


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(10-16)

版权声明:admin 发表于 2023年10月16日 下午6:09。
转载请注明:每日安全动态推送(10-16) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...