每日安全动态推送(1-4)

渗透技巧 1个月前 admin
112 0 0
Tencent Security Xuanwu Lab Daily News

• LuaJIT Sandbox Escape: The Saga Ends:
https://0xbigshaq.github.io/2022/12/30/luajit-sandbox-escape/

   ・ LuaJIT Sandbox Escape: The Saga Ends – crazyman


• Exploring the World of ESI Injection:
https://infosecwriteups.com/exploring-the-world-of-esi-injection-b86234e66f91?source=rss----7b722bfd1b8d---4

   ・ Esi注入相关的几个真实漏洞case study – xmzyshypnc


• [iOS, macOS] slides/Hexacon_2022_More_Tales_from_the_iOS_macOS_Kernel_Trenches.pdf:
https://github.com/potmdehex/slides/blob/main/Hexacon_2022_More_Tales_from_the_iOS_macOS_Kernel_Trenches.pdf

   ・ Hexacon 2022会议中《More Tales from the iOS/macOS Kernel Trenches》议题slide,其中提及了CVE-2022-22640、CVE-2022-32821漏洞的原理等详细信息及利用技术。 – P4nda


• Inside the 8086 processor's instruction prefetch circuitry:
http://www.righto.com/2023/01/inside-8086-processors-instruction.html

   ・ 介绍 8086 处理器指令预取技术的电路实现 – WireFish


• [Linux, Tools] modreveal:
https://github.com/jafarlihi/modreveal

   ・ modreveal 找出当前Linux机器的隐藏Linux内核模块的工具 – ThomasonZhao


• [Reverse Engineering] GitHub - moyix/gpt-wpre: Whole-Program Reverse Engineering with GPT-3:
https://github.com/moyix/gpt-wpre

   ・ 基于Ghidra和GPT-3的辅助逆向工具 – ThomasonZhao


• [IoT, Reverse Engineering] Reverse Engineering and Exploiting an IoT bug : ReverseEngineering:
https://www.reddit.com/r/ReverseEngineering/comments/101iozj/reverse_engineering_and_exploiting_an_iot_bug/

   ・ Faraday CTF 2022 Write-up,以一道ctf题为例介绍mips架构下的iot漏洞利用技巧,适合初学者学习 – ArisXu


* 查看或搜索历史推送内容请访问:
https://sec.today

* 新浪微博账号:腾讯玄武实验室
https://weibo.com/xuanwulab


原文始发于微信公众号(腾讯玄武实验室):每日安全动态推送(1-4)

版权声明:admin 发表于 2023年1月4日 上午10:48。
转载请注明:每日安全动态推送(1-4) | CTF导航

相关文章

暂无评论

暂无评论...