每日安全动态推送(02-25)

渗透技巧 2年前 (2022) admin
767 0 0
Tencent Security Xuanwu Lab Daily News


• occia/apicraft: Prototype of the paper “APICraft: Fuzz Driver Generation for Closed-source SDK Libraries”.:
https://github.com/occia/apicraft

   ・ 自动生成 Fuzz Driver,Fuzz macOS 闭源 SDK – Jett


• [Crypto] T2 Mac security vulnerability means passwords can now be cracked:
https://9to5mac.com/2022/02/17/t2-mac-security-vulnerability-passware/

   ・ 取证分析公司 Passware 称他们发现了一个 Apple T2 芯片的漏洞,可以破解磁盘加密的密码 – Jett


• BlackHat Asia 2022:
https://www.blackhat.com/asia-22/briefings/schedule/#macos-vulnerabilities-hiding-in-plain-sight-26073

   ・ BlackHat Asia 2022 会议的议题列表公开了 – Jett


• Running Cobalt Strike BOFs from Python:
https://www.naksyn.com/injection/2022/02/16/running-cobalt-strike-bofs-from-python.html

   ・ Running Cobalt Strike BOFs from Python – Jett


• CNVD-2022-10270-LPE:
https://github.com/Ryze-T/CNVD-2022-10270-LPE

   ・ 基于向日葵 RCE 的 LPE 漏洞 PoC – Jett


• Dissecting and exploiting ELF files:
https://0x434b.dev/dissecting-and-exploiting-elf-files/

   ・ 剖析 ELF 文件格式的研究. – lanying37


• G.O.S.S.I.P 学术论文推荐 2022-02-24 DataGuard:
https://mp.weixin.qq.com/s/HwwnlNJ16hoaazmTLwX_Gw

   ・ G.O.S.S.I.P 学术论文推荐 – “The Taming of the Stack: Isolating Stack Data from Memory Errors” – Jett


• G.O.S.S.I.P 学术论文推荐 2022-02-23 GNN Model Stealing:
https://mp.weixin.qq.com/s/VeGMQPFcXJqWUB7_W_7Pvw

   ・ G.O.S.S.I.P 学术论文推荐 – “Model Stealing Attacks Against Inductive Graph Neural Networks” – Jett


• [Reverse Engineering, Windows] Windows Drivers Reverse Engineering Methodology:
https://voidsec.com/windows-drivers-reverse-engineering-methodology/

   ・ Windows 驱动逆向方法论 – Jett


• shellcode题目整理:
https://tttang.com/archive/1447/

   ・ shellcode题目整理. – lanying37


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(02-25)

版权声明:admin 发表于 2022年2月25日 下午12:29。
转载请注明:每日安全动态推送(02-25) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...