NMalDoc in PDF,在PDF中隐藏恶意Word文档并执行宏代码
点击蓝字 关注我们 介绍日本计算机应急响应团队(JPCERT)分享了在2023年7月检测到的一种新的“PDF中的MalDoc”攻击,该攻击通过将恶意Word文件嵌入PDF中...
NCSAW CTF 2023 Writeup
From leaking canary to Heap tcache poisoning 从泄漏的金丝雀到堆缓存中毒 Intro 介绍 I competed on CSAW CTF 2023, and I solved multiple challenges e....
NCobalt Strike 4.9: Take Me To Your Loader
Cobalt Strike 4.9 is now available. This release sees an overhaul to Cobalt Strike’s post exploitation capabilities to support user defined reflect...
NOKTA FOR RED TEAMERS
For a long time, Red Teamers have been preaching the mantra “Don’t make Domain Admin the goal of the assessment” and it appears that customers are ...
NDumping Lsass with trusted processes
In today's blog we will go through some points like: 在今天的博客中,我们将介绍一些要点,例如: What is LSASS 什么是LSA...
N起底美国情报机关网攻窃密的主要卑劣手段
近日,中国国家计算机病毒应急处理中心通报,在处置西北工业大学遭受网络攻击时,成功提取了名为“二次约会”的间谍软件样本。该软件为美国国家安全局开发的网...
NSECCON CTF 2023 Quals Writeup/Upsolves
はじめに 起先 2023/09/16-17にかけて開催されたSECCON CTF 2023 QualsにチームBunkyoWesternsのメンバーとして参加しました。Internationalでは24/653位、Do...
NFuzzing iOS URL schemes with furlzz
Introduction 介绍 Today we will cover the tool I have created, furlzz which is an iOS URL scheme fuzzer. We will go over how to set up and actually...
NHITCON 2023 x DEVCORE Wargame: My todolist Write-up
為了 HITCON 2023 活動,我今年也在企業攤位上準備了三題趣味性質的 Wargame 題目讓參賽者在聽完議程的空閒之餘可以享受一下親自動手解題的快樂,而除了我所...
N每日安全动态推送(9-19)
Tencent Security Xuanwu Lab Daily News• Azure Active Directory Domain Services Escalation of Privilege:https://www.secureworks.com/research/az...