每日安全动态推送(03-14)

渗透技巧 2年前 (2022) admin
371 0 0
Tencent Security Xuanwu Lab Daily News


• [PDF] https://grsecurity.net/Compilers_The_Old_New_Security_Frontier_BlueHat_IL_2022.pdf:
https://grsecurity.net/Compilers_The_Old_New_Security_Frontier_BlueHat_IL_2022.pdf

   ・ Compilers: The Old New Security Frontier,来自 Bluehat 2022 会议的演讲 – Jett


• [CTF] Writing Anti-Anti-Virus Exploit (AuViel – Hayyim CTF 2022):
https://ptr-yudai.hatenablog.com/entry/2022/02/13/122744

   ・ Hayyim CTF 2022 比赛 ClamAV 漏洞 writeup – Jett


• [Browser] Exploit Development: Browser Exploitation on Windows – CVE-2019-0567, A Microsoft Edge Type Confusion Vulnerability (Part 1):
https://connormcgarr.github.io/type-confusion-part-1/

   ・ Microsoft Edge CVE-2019-0567 类型混淆漏洞的利用过程 – Jett


• Understanding the booting process of a computer and trying to write own operating system. – de engineering:
https://de-engineer.github.io/Understanding-booting-process-and-writing-own-os/

   ・ 操作系统的启动过程 – Jett


• efiSeek for Ghidra:
https://github.com/retrage/efiSeek/tree/efi-xplorer

   ・ Ghidra analyzer for UEFI firmware – Jett


• Reverse Engineering a Netgear Nday | StarkeBlog:
https://nstarke.github.io/netgear/nday/2022/03/13/reverse-engineering-a-netgear-nday.html

   ・ Netgear 路由器 CVE-2021-34979 漏洞的分析 – Jett


• GitHub – jkctech/Telegram-Trilateration: Proof of concept for abusing Telegram’s “People Near Me” feature and tracking people’s location:
https://github.com/jkctech/Telegram-Trilateration

   ・ 滥用 Telegram 的 “People Near Me” 特性实现位置跟踪 – Jett


• [Tools] FirmWire:
https://github.com/FirmWire/FirmWire

   ・ FirmWire – 基带固件分析平台,支持 Samsung 和 MediaTek – Jett


• GitHub – fingerprintjs/blog-nojs-fingerprint-demo: A demo for the no-JavaScript fingerprinting article:
https://github.com/fingerprintjs/blog-nojs-fingerprint-demo

   ・ 不依赖 JavaScript 和 Cookie 构建用户指纹 – Jett


• [BugTales] Exploiting CSN.1 Bugs in MediaTek Basebands:
https://labs.taszk.io/articles/post/mtk_baseband_csn1_exploitation/

   ・ Exploiting CSN.1 Bugs in MediaTek Basebands – Jett


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(03-14)

版权声明:admin 发表于 2022年3月14日 下午1:33。
转载请注明:每日安全动态推送(03-14) | CTF导航

相关文章

暂无评论

您必须登录才能参与评论!
立即登录
暂无评论...