Wawa Security Links 176
(bookmarks everywhere for free)

Mardi 23 Mai 2017


GoogleNCR / Twitter
GoogleBE / Facebook

Running via proxy
OSX.Dok & Bella
Terminal esc sequences
Serialized to Shell
PDF Metadata
Evoko products vulns
Remote AMT vulnerablity
EAPHammer intro
b0x VM challenge
Eternalblue basic sploit
Anti-Analysis tech
Exploiting MS16-145
IoT sec anti-patterns
X64 SEH Overflow (Egghunter)
Twitter XSS & CSP bypass
Vol detecting redLeaves
Dropbox DBX decryption
PS Network Capture
Using Z3Py
DNS Server balancing

Translate / Map
Wikipedia [ENG] / GIT

BreizhCTF 2017 (fr)
Cerber evades
New Emotet
Liberty writeup
ZippyPics CTF
Two Bugs One Func()
Crackme 2000
Monitoring OpenProcess()
Optimized Win shellcode
DLL injection LoadLibrary
enkins Unauthenticated CE
Critical Xen bugs
peROPdo CTF
badint CTF
Insanity insane CTF
Coverage Guided Fuzzing
Nux krnl privesc
TOR-Browser & anon
Stack smashing journey
NoUAC & task scheduler

Metasploit / ExploitDB
Converter / Wepawet

Decimal IP Campaign
TLS1.3 0-RTT
Xbox sec Method 3
Cerber Version 6
Dangerous PHP mail()
OS X Snake
SWF debug instrum.
Gzip Decompression Via Pipes
Emotet deep analysis
Gmail Worm & phishing
KONNI malware
Leveraging Shim DBs
Defense Space VM
Kazuar details
SAR Firmware Injection
WP unauth passwd reset
WP unauth RCE
Pwning PHP mail()
WebSockets & fake CDN
Detecting Frida

Hotmail / Gmail / ODA
Wikipedia [FR] / Youtube

Chkrootkit root sploit
ScriptBlock warning logging
Kerberos & NTLM sec
OSXCollector walkthrough
PS diskless persistence
rpcbomb intro
SensorHub firmware
Detecting PageHeap
JSC::CachedCall UaF
WilySupply attack
Bondnet details
SAML Code
MS & Win proxy case
Joomla Core XSS vulns
Easy macOS phishing
AntennaHouse CE flaws
Reader XSLT engine
PDF Dridex & Locky
BurpSuite MobileAssistant
HTTP Headers... still