Wawa Security Links 175
(bookmarks everywhere for free)

Vendredi 20 Octobre 2017


GoogleNCR / Twitter
GoogleBE / Facebook

Zipper CTF
Bose Connect Privacy
Sha4 web CTF
PlaidCTF-2017
PDF as infection vector
Unpacking using ESIL
NtGdiGetDIBitsInternal local DoS
Shellcode basics
PatchGuard & DSE disable
Edge SOP bypass again
Intel ME analysis
Pykemon Writeup
Old Nux infoleak
Windows Kernel Exploits
Manticore intro
Audio X2 Service EoP
Flawed Karmen RAAS
skb_to_sgvec HO
Plaid gameboy CTF
Homomorphic encryption CTF

Translate / Map
Wikipedia [ENG] / GIT

Audit for crypto flaws
In-memory PEDDLECHEAP
Metadata from malware
Using Drozer
Disarming CFG with COOP
Validate ECDH keys?
FIN7 Evolution
Nux Shishiga
Millions of vuln devices
MySQL Connector serialisation
Server Side Injection
Plaid Party Planning
XSS filter usage
Evilginx & 2FA
Subdomain Enumeration
Cookies stealing
UXSS in McAfee sec
Qubes Compromise recovery
IrfanView to CE
Chakra CRC validation

Metasploit / ExploitDB
Converter / Wepawet

Secure? nomx
FIRST TC Wrap-Up
ELF Binary CI
Hack the Orcus VM
StringBleed intro
Droid mlw & VirtualApp
ShadowWali analysis
CStyleSheetArray mem corrupt
iOS crackme vs Frida
Zabbix vulns
OSX/Dok analysis
Droid app vs Frida
QEMU VM escape
NetScaler heap overflow
Serious bug in GCC
Fileless attack again
OilRig evolution
KFUZZ intro
pwn-noob? CTF
Droid Reversing 101

Hotmail / Gmail / ODA
Wikipedia [FR] / Youtube

XXE to Reverse Shell
OSX HMAHelper privesc
macOS HideMyAss vuln
.NET Managed DCOM
YubiKey for GPG U2F
Arbitrary Pygments options
Bad string comparisons
OVH vRack Sec
New OSX.Dok
Ghostscript type confusion
Doublepulsar vs Leviathan
FakeImageExploiter intro
Msfvenom & Netcat
ShadowBrokers leak & ML
Download with cmdln32
Win attachment manager
Flickr Accounts takeover
Outlook Forms Shells
JIT compilation 3
Strong AES FF1 Crypto