Wawa Security Links 174
(bookmarks everywhere for free)

Dimanche 25 Juin 2017


GoogleNCR / Twitter
GoogleBE / Facebook

UXSS via PrototypeMap
operationSpreadGeneric vuln
Lexmark OOB read
Unitrends bugs 2
Bad normal template
Machine priv esc sploit
BeRoot intro
.NET Serialization RCE
guest-to-host LPE
host kernel privesc
guest-to-host OOB write
ALSA config privesc
Exception-oriented on iOS
WMI Weaponization 5
ARM mbedTLS RCE
VB COM Injection EoP
Owncloud/Nextcloud passwds
LightDM Guest privesc
Fuzzing to tcpdump vuln
DLL injection technique

Translate / Map
Wikipedia [ENG] / GIT

W3C Ambient Light Sensor
Using EternalPulsar
Session gen auth bypass
Forensics: Enumeration
SSL for SaaS
Bad : Matryoshka Edition
Malicious Excel Sheets
Lynis walkthrough
VPN sec issues
Cardinal RAT
MS & Shadow Brokers
Eternalromance analysis
Oracle & SWIFT at risk
x64dbg better use
Easter Egg hunt
Mod_Rewrite Auto setup
Invoke-ObfuscationDetection intro
RawPOS risk
Harmful Text/Plain
Linkability analysis

Metasploit / ExploitDB
Converter / Wepawet

From git to Pwned serie
Linksys PPPoE vulns
ML vs Java malware
LandHere overview
ISFB banking Trojan
Array concat mem corrupt
VirtualBox double-free
2FA design flaws
node.js vs whitelisting
C&C and exfiltration
CSRF in account recovery
Multiple Layers of Obfu
DressCode details
Win anti forensics
memcmp() timing attacks
Domain fronting basics
Open-Source Sec tools
Add-In Opportunities
DoublePulsar analysis
Elusive Moker

Hotmail / Gmail / ODA
Wikipedia [FR] / Youtube

Sideloading in 64bit Java
Bad RTF file sploit
DOUBLEPULSAR detection
Crypto mistakes
DNS Server Fingerprint
WD privesc
Docker IDA intro
Fuzzing brotli
APFS filesystem format
FlexSpy analysis
Bash Bunny PDF Dropper
python-per-line intro
FuzzBunch & DanderSpritz
Outlook phishing vuln
SquirrelMail RCE
FlexSpy analysis 2
Tales of SugarCRM horrors
Playing with the acusensor
Unitrends Enterprise RCE
Invoke-OpenInboxFinder