Read, write, and execute kernel-mode code from the command prompt(对 ring0 读写执行的工具)
2f0K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6A6L8$3&6W2M7$3y4#2x3o6l9%4i4K6u0r3M7U0m8S2K9H3`.`.
Kernel memory taint tracking to detect disclosure of uninitialized memory(内核信息泄露检测)
5f3K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Y4L8$3!0Y4L8r3g2Q4x3V1k6T1L8$3y4Z5M7%4m8%4L8W2)9J5k6s2u0W2L8r3!0S2k6r3g2V1
TrueType and OpenType font fuzzing toolset(字体 fuzzing)
8efK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Y4L8$3!0Y4L8r3g2Q4x3V1k6n7M7X3!0C8k6h3&6f1P5i4m8W2
Monitoring and instrumenting API calls on Windows(hook 库更新,支持 ARM64)
bcaK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6y4K9h3y4J5L8%4y4G2k6Y4c8Q4x3V1k6p5k6i4c8G2N6i4u0K6
HyperPlatform is an Intel VT-x based hypervisor(基于 Intel VT-x 的 hypervisor)
bdfK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6@1j5h3&6V1j5i4y4S2N6q4)9J5c8V1S2&6M7r3g2J5f1r3I4S2N6r3k6G2M7X3@1`.
Hardware backdoors in some x86 CPUs(硬件后门)
986K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6^5L8%4u0W2j5i4S2W2j5i4S2W2j5i4S2Q4x3V1k6J5L8%4y4W2L8X3u0J5K9h3c8Y4k6b7`.`.
Resources related to Industrial Control System (ICS) security(工控安全)
23dK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6Z5M7$3I4S2N6r3#2S2L8W2)9J5c8X3q4%4k6i4y4G2L8h3g2Q4x3X3c8A6L8X3c8#2M7%4c8J5K9h3q4D9i4K6u0V1j5$3!0F1N6s2u0G2L8q4)9J5k6s2y4&6M7%4c8W2L8g2)9J5k6s2y4W2j5%4g2J5K9i4c8&6
Original and decompiled files of TRISIS/TRITON/HATMAN malware(工控恶意样本)
fd4K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4K9i4c8Z5N6h3u0Q4x3X3g2U0L8$3#2Q4x3V1k6u0b7#2y4J5k6i4m8G2i4K6u0r3g2q4u0u0f1@1W2e0i4K6u0V1g2q4u0u0g2p5!0z5i4K6u0V1d9p5q4f1e0f1q4z5
HITB GSEC 2018 Slides
990K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4M7$3g2U0i4K6u0W2K9r3W2@1j5W2)9J5k6h3!0J5k6#2)9J5c8X3#2S2N6r3g2J5K9h3q4D9M7#2)9J5c8Y4y4Y4x3U0l9I4z5q4)9J5c8R3`.`.
Linux Security Summit North America 2018 Slides
f20K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6W2N6X3g2F1N6s2y4Q4x3X3g2D9K9h3&6#2P5r3k6G2N6h3&6V1j5i4c8A6L8$3&6Q4x3X3g2G2M7X3N6Q4x3V1k6W2N6X3g2F1N6s2y4Q4x3V1k6D9K9h3&6#2P5q4)9J5k6s2y4W2j5%4g2J5K9i4c8&6i4K6u0V1M7%4g2E0L8h3W2@1i4K6u0V1L8X3!0J5N6r3S2Q4x3X3c8S2L8h3g2J5K9h3y4S2i4K6u0V1x3U0l9I4z5q4)9J5c8Y4m8J5L8$3N6J5j5h3#2Q4x3V1k6K6L8r3W2V1k6i4y4Q4x3V1j5`.
From Compiler Optimization to Code Execution - VirtualBox VM Escape(VBox CVE-2018-2844 漏洞)
a74K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2$3L8$3W2V1M7$3g2U0N6i4u0A6N6s2W2Q4x3X3g2A6L8W2)9J5c8U0t1H3x3e0S2Q4x3V1j5H3z5q4)9J5c8X3k6J5L8$3#2Q4x3X3c8U0L8$3#2H3K9h3I4W2M7W2)9J5k6r3!0H3N6r3W2E0K9i4A6S2N6r3W2G2L8W2)9J5k6s2c8G2i4K6u0V1j5$3!0V1k6g2)9J5k6h3S2@1L8h3H3`.
Hyper-V HyperClear Mitigation for L1 Terminal Fault(L1TF 漏洞防护措施)
283K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4M7#2)9J5k6i4c8W2j5$3S2F1k6i4c8Q4x3X3g2E0K9h3y4J5L8%4y4G2k6Y4c8Q4x3X3g2U0L8$3#2Q4x3V1k6$3K9i4u0@1N6h3q4D9K9i4A6S2N6r3W2G2L8W2)9J5c8U0t1H3x3e0S2Q4x3V1j5H3z5q4)9J5c8U0p5@1i4K6u0r3K9s2W2H3k6i4u0Q4x3X3c8$3i4K6u0V1K9s2W2H3k6i4u0U0L8r3g2S2M7W2)9J5c8R3`.`.
Hypervisor From Scratch – Part 1: Basic Concepts & Configure Testing Environment(基于硬件的虚拟化)
13cK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6J5j5i4W2S2L8X3k6S2L8g2)9J5k6h3y4G2L8g2)9J5c8Y4c8G2M7r3W2U0M7#2)9J5c8X3S2&6M7r3g2J5N6X3W2K6L8%4u0Q4x3X3c8X3M7X3!0E0i4K6u0V1M7$3y4J5j5i4c8U0K9q4)9J5k6s2m8S2M7Y4c8Q4x3X3b7I4i4K6u0r3
Floating-Poison Math in Chakra(Chakra CVE-2018-0953 漏洞)
d8fK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2*7k6i4u0G2k6r3q4&6K9h3&6A6N6r3W2S2N6r3W2$3k6g2)9J5k6h3y4G2L8g2)9J5c8X3u0D9L8$3N6Q4x3V1j5J5x3o6p5^5i4K6u0r3z5q4)9J5c8U0t1J5i4K6u0r3k6X3I4G2j5i4c8A6L8X3N6Q4x3X3c8H3L8$3W2K6L8$3&6Q4x3X3c8E0j5i4c8Z5i4K6u0V1K9h3&6Q4x3X3c8U0K9r3q4C8M7X3p5`.
The Problems and Promise of WebAssembly(WebAssembly 的特性及攻击面)
47bK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4L8$3!0Y4L8r3g2H3M7X3!0B7k6h3y4@1P5X3g2J5L8#2)9J5k6h3u0D9L8$3N6K6M7r3!0@1i4K6u0W2j5$3!0E0i4K6u0r3x3U0l9I4z5q4)9J5c8U0l9^5i4K6u0r3N6r3S2W2i4K6u0V1M7s2u0G2j5X3I4W2L8i4y4Q4x3X3c8S2L8X3c8Q4x3X3c8H3M7X3!0E0K9i4y4W2i4K6u0V1L8$3k6Q4x3X3c8%4k6h3u0S2M7%4y4W2L8h3u0D9P5g2)9J5k6h3S2@1L8h3H3`.
A Modern History of Offensive Security Research, Slides(漏洞利用技术的发展)
782K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6V1L8$3y4K6i4K6u0W2k6$3!0G2k6$3I4W2i4K6u0W2j5$3!0E0i4K6u0r3M7s2u0W2M7$3g2F1N6r3q4@1K9h3!0F1i4K6u0r3k6q4)9J5c8U0p5&6d9r3k6C8d9h3!0B7P5f1I4q4z5p5H3^5h3o6S2S2h3W2c8Q4x3X3c8D9d9X3!0F1N6o6V1$3d9Y4q4u0k6K6c8b7M7f1g2Z5j5U0u0B7N6f1W2w2x3X3y4Q4x3V1j5`.
Block Oriented Programming: Automating Data-Only Attacks(CFI 保护绕过)
97dK9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8X3&6W2j5X3g2D9N6$3g2D9N6q4)9J5k6h3&6W2N6q4)9J5c8Y4m8#2j5X3I4A6j5$3q4@1K9h3!0F1M7#2)9J5c8X3k6A6L8r3g2K6i4K6u0r3x3e0S2o6b7#2y4Q4x3X3g2H3k6r3j5`.
Find which process is using the microphone, from a kernel-mode driver(查找使用麦克风的进程)
fc1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6Y4M7X3q4U0k6h3k6#2L8r3u0A6N6s2y4Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6p5^5i4K6u0r3x3o6S2Q4x3V1j5I4x3#2)9J5c8X3k6A6L8X3c8Q4x3X3c8%4K9r3W2U0K9q4)9J5k6s2m8J5L8$3y4W2M7%4y4Q4x3X3c8A6M7#2)9J5k6s2g2K6K9h3&6Y4i4K6u0V1N6r3S2W2i4K6u0V1L8h3W2U0M7X3!0H3K9r3!0F1k6g2)9J5k6r3k6J5L8$3#2Q4x3X3c8S2i4K6u0V1K9$3g2J5L8X3g2D9i4K6u0V1L8h3!0V1k6g2)9J5k6r3c8J5K9i4k6W2M7W2)9J5c8R3`.`.
The 35th International Conference on Machine Learning, papers(ICML 2018 的论文)
773K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6A6j5$3#2D9i4K6u0W2j5$3y4Q4x3V1k6o6L8$3&6X3k6i4u0W2L8X3y4W2M7#2)9J5c8U0t1H3x3e0S2Q4x3V1k6e0j5$3S2W2k6s2g2D9k6g2)9K6c8Y4c8&6M7r3g2Q4x3@1c8b7L8%4y4@1k6i4t1`.
Active Directory Security Presentations(有关 Active Directory 的资料)
5d1K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6S2k6s2y4W2j5%4g2J5K9i4c8&6i4K6u0W2L8%4u0Y4i4K6u0r3i4K6y4r3M7r3q4Y4k6g2)9#2k6X3W2V1i4K6y4p5x3e0x3#2x3R3`.`.
Bokbot: The (re)birth of a banker(Bokbot 溯源)
ef8K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2k6X3!0^5i4K6u0V1K9i4c8Q4x3X3g2U0L8$3#2Q4x3V1j5J5x3o6p5^5i4K6u0r3x3o6S2Q4x3V1j5H3z5g2)9J5c8X3u0G2K9$3u0G2N6q4)9J5k6s2c8Z5k6g2)9J5k6s2u0W2j5X3W2J5N6r3S2Q4x3X3c8G2k6W2)9J5k6r3q4Q4x3X3c8T1j5h3&6C8k6i4u0Q4x3V1j5`.
Analysis of an unusual Turla backdoor(Turla Outlook 后门分析)
b3aK9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2%4k6h3I4A6N6X3g2K6k6h3y4#2M7X3W2@1P5g2)9J5k6h3y4G2L8g2)9J5c8Y4N6H3i4K6u0V1j5$3!0F1N6r3g2F1N6q4)9J5c8Y4g2H3L8r3!0S2k6s2y4Q4x3V1j5J5x3o6p5^5i4K6u0r3x3o6S2Q4x3V1k6q4M7$3g2@1i4K6u0V1g2s2g2J5L8r3q4Q4x3X3c8a6N6i4c8D9L8$3!0C8i4K6u0V1b7X3q4U0K9$3c8G2L8%4u0Q4x3X3g2H3k6r3j5`.
BIOS Boots What? Finding Evil in Boot Code at Scale(Bootkit 检测)
051K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6%4N6%4N6Q4x3X3g2X3K9i4u0W2k6i4W2W2i4K6u0W2j5$3!0E0i4K6u0r3j5X3I4G2k6#2)9J5c8Y4c8Z5M7X3g2S2N6q4)9J5k6s2u0W2M7$3g2S2M7X3y4Z5i4K6u0r3x3U0l9I4z5q4)9J5c8U0l9^5i4K6u0r3j5X3W2G2M7#2)9J5k6r3u0G2L8%4c8K6i4K6u0V1N6$3S2S2N6q4)9J5k6r3k6A6L8X3c8A6L8X3N6Q4x3X3c8W2N6X3W2D9i4K6u0V1K9h3&6Q4x3X3c8T1L8$3!0@1i4K6u0V1j5$3!0V1k6g2)9J5k6r3q4@1i4K6u0V1M7$3y4S2L8r3g2Q4x3X3g2Z5N6r3#2D9
Remote UEFI Firmware Attacks(UEFI 固件安全)
b25K9s2c8@1M7s2y4Q4x3@1q4Q4x3V1k6Q4x3V1k6T1L8r3!0Y4i4K6u0W2k6h3y4D9P5i4m8K6K9i4g2E0i4K6u0W2j5$3!0E0i4K6u0r3x3U0l9I4z5q4)9J5c8U0l9^5i4K6u0r3x3U0N6Q4x3V1k6#2k6h3k6A6i4K6u0V1M7X3g2E0L8%4c8W2i4K6u0V1j5i4c8@1j5h3y4C8M7H3`.`.
算上这期恰好两年,当然,整理的内容并不全面,希望能有帮助。
Everything that is great starts small.
[培训]科锐逆向工程师培训第53期2025年7月8日开班!
cvcvxk 是0x1A吧,不是0xFF吓得的我以为自己错过了230篇
BDomne 这里是表意最后一期,初衷是想记录些有用的内容,两年小目标也算实现了
cvcvxk 不应该是\0\0结尾吗?
感谢分享!
