Convert curl commands to Python, JavaScript, PHP, R, Go, Rust, Elixir, Java, MATLAB, Dart, CFML, Ansible URI, Strest or JSON
Web (Live Demo): https://curlconverter.com/
Project: https://github.com/curlconverter/curlconverter
#tool #converter #curl #darw1n
Web (Live Demo): https://curlconverter.com/
Project: https://github.com/curlconverter/curlconverter
#tool #converter #curl #darw1n
Curlconverter
Convert curl commands to code
Utility for converting cURL commands to code
π18
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
https://github.com/sailay1996/CdpSvcLPE
#redteam #lpe #windows #darw1n
https://github.com/sailay1996/CdpSvcLPE
#redteam #lpe #windows #darw1n
GitHub
GitHub - sailay1996/CdpSvcLPE: Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking)
Windows Local Privilege Escalation via CdpSvc service (Writeable SYSTEM path Dll Hijacking) - sailay1996/CdpSvcLPE
π9
In this post, Iβd like to lay out a collection of techniques that together can be used to bypassed industry leading enterprise endpoint protection solutions.
https://vanmieghem.io/blueprint-for-evading-edr-in-2022/
#redteam #av #avbypass #bypass #SoGood0x1
https://vanmieghem.io/blueprint-for-evading-edr-in-2022/
#redteam #av #avbypass #bypass #SoGood0x1
Vincent Van Mieghem
A blueprint for evading industry leading endpoint protection in 2022
Bypassing CrowdStrike and Microsoft Defender for Endpoint
β€12
Debugging and Reversing ALPC
https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html
#windows #internals #debug #alpc #SoGood0x1
https://csandker.io/2022/05/29/Debugging-And-Reversing-ALPC.html
#windows #internals #debug #alpc #SoGood0x1
π4
https://github.com/WebKit/WebKit/blob/main/Source/bmalloc/libpas/Documentation.md
#browsers #webkit #safari #apple #heap #allocators #heapallocators #Aligner
#browsers #webkit #safari #apple #heap #allocators #heapallocators #Aligner
GitHub
WebKit/Source/bmalloc/libpas/Documentation.md at main Β· WebKit/WebKit
Home of the WebKit project, the browser engine used by Safari, Mail, App Store and many other applications on macOS, iOS and Linux. - WebKit/WebKit
π1π1
https://www.zerodayinitiative.com/blog/2022/6/1/is-exploiting-a-null-pointer-deref-for-lpe-just-a-pipe-dream
#Antivirus #LPE #Exploitation #BitDefender
#Antivirus #LPE #Exploitation #BitDefender
Zero Day Initiative
Zero Day Initiative β Is exploiting a null pointer deref for LPE just a pipe dream?
A lot of blog posts I have read go over interesting vulnerabilities and exploits but do not typically share the process behind discovery. I want to show how sometimes just manually poking around can quickly uncover vulnerabilities you might miss with otherβ¦
π5
Our community is accused of being out of politics. Some DEF CON groups also faced something similar. It will be interesting to see how they resolve their issue.
https://forum.defcon.org/node/241880
The author of the post invites everyone who has something to say to the topic.
https://forum.defcon.org/node/241880
The author of the post invites everyone who has something to say to the topic.
π27π18π6π€3
What is your main tool which you use most often?
Anonymous Poll
67%
IDA PRO
15%
Ghidra
3%
Rizin / Cutter
5%
Radare2 / Cutter
4%
Binary Ninja
2%
Hopper
0%
Relyze
4%
JEB
π₯13π2β€1π€1
The FLARE Obfuscated String Solver (FLOSS) has been supporting analysts to extract hidden strings from malware samples for many years now. Over the last few months, weβve added new functionality and improved the toolβs performance. In this blog post we will share exciting new features and improvements including a new string deobfuscation technique, simplified tool usage, and much faster result output.
https://www.mandiant.com/resources/floss-version-2
#malware #reverse #tools #SoGood0x1
https://www.mandiant.com/resources/floss-version-2
#malware #reverse #tools #SoGood0x1
Google Cloud Blog
FLOSS Version 2.0 | Mandiant | Google Cloud Blog
β€10π8
Rizin v0.4.0 and Cutter v2.1.0 are here! π₯³
Rizin team:
We continue our focus on stability and performance while introducing new features, including:
- FLIRT signatures applied automatically during the analysis!
- New Intermediate Language β RzIL
https://github.com/rizinorg/rizin/releases/tag/v0.4.0
Cutter team:
Introducing exciting new features including auto-detection of common library functions, a YARA plugin to quickly create and test signatures, and many more...
https://github.com/rizinorg/cutter/releases/tag/v2.1.0
#reverse #rizin #cutter
Rizin team:
We continue our focus on stability and performance while introducing new features, including:
- FLIRT signatures applied automatically during the analysis!
- New Intermediate Language β RzIL
https://github.com/rizinorg/rizin/releases/tag/v0.4.0
Cutter team:
Introducing exciting new features including auto-detection of common library functions, a YARA plugin to quickly create and test signatures, and many more...
https://github.com/rizinorg/cutter/releases/tag/v2.1.0
#reverse #rizin #cutter
GitHub
Release Release v0.4.0 Β· rizinorg/rizin
Here we are again with a new release of Rizin, v0.4.0. We are still in the v0.y.z realm, but we are getting closer and closer to what we can consider our first stable release v1.0.0, with fully wor...
β€9π6π₯5
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
https://github.com/h3xduck/TripleCross
#rootkit #redteam #linux #kernel #Aligner
https://github.com/h3xduck/TripleCross
#rootkit #redteam #linux #kernel #Aligner
GitHub
GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence andβ¦
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities. - h3xduck/TripleCross
π₯11π2
One I/O Ring to Rule Them All: A Full Read/Write Exploit Primitive on Windows 11
https://windows-internals.com/one-i-o-ring-to-rule-them-all-a-full-read-write-exploit-primitive-on-windows-11/
https://github.com/yardenshafir/IoRingReadWritePrimitive
#expdev #windows #kernel #expolit #tips #Aligner
https://windows-internals.com/one-i-o-ring-to-rule-them-all-a-full-read-write-exploit-primitive-on-windows-11/
https://github.com/yardenshafir/IoRingReadWritePrimitive
#expdev #windows #kernel #expolit #tips #Aligner
GitHub
GitHub - yardenshafir/IoRingReadWritePrimitive: Post exploitation technique to turn arbitrary kernel write / increment into fullβ¦
Post exploitation technique to turn arbitrary kernel write / increment into full read/write primitive on Windows 11 22H2 - yardenshafir/IoRingReadWritePrimitive
π₯9π7
At the beginning of 2020, we discovered the Red Unlock technique that allows extracting Intel Atom Microcode. We were able to research the internal structure of the microcode and then x86 instruction implementation. Also, we recovered a format of microcode updates, algorithm and the encryption key used to protect the microcode
https://github.com/chip-red-pill/MicrocodeDecryptor
#tools #reverse #intel #interlnals #microcode #Aligner
https://github.com/chip-red-pill/MicrocodeDecryptor
#tools #reverse #intel #interlnals #microcode #Aligner
π₯22β€5π4π1
IDA Pro 8.0 released!
* Golang 1.18
* iOS 16 dyld shared cache support
* ARC decompiler
* Better firmware analysis
* FLAIR pattern generator (makepat)
https://hex-rays.com/products/ida/news/8_0/
* Golang 1.18
* iOS 16 dyld shared cache support
* ARC decompiler
* Better firmware analysis
* FLAIR pattern generator (makepat)
https://hex-rays.com/products/ida/news/8_0/
Hex-Rays
IDA 8.0 | Hex-Rays Docs
π₯65π9β€4π€©3π2π₯°2
UserComment is a plugin to display user-added comments in disassembly and pseudocode views.
https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747
#reverse #idapro #plugin
https://forum.reverse4you.org/t/usercomment-an-ida-plugin-to-show-user-added-comments/19747
#reverse #idapro #plugin
R0 CREW
UserComment: An IDA plugin to show user-added comments
UserComment is a plugin to display user-added comments in disassembly and pseudocode views. Provides a comment window, displaying user-added comments, including comments in assembly code and pseudocode. Support for different types of comments (common commentsβ¦
π6β€2
CASR β collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity. It is based on ideas from exploitable and apport.
https://github.com/ispras/casr
https://github.com/ispras/casr
GitHub
GitHub - ispras/casr: Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity.
Collect crash (or UndefinedBehaviorSanitizer error) reports, triage, and estimate severity. - ispras/casr
π6π₯2π2β€1π―1