recentpopularlog in

asteroza : attack   320

« earlier  
byt3bl33d3r/SILENTTRINITY: An asynchronous, collaborative post-exploitation agent powered by Python and .NET's DLR
Apparently if you donate to the patreon, an automated CI/CD build will push out a new obfuscated release (which will likely get past most defenses due to new signature)
C#  DLL  stager  injection  attack  malware  security  hacking  pentesting 
6 days ago by asteroza
kr00k | ESET
If you are doing deauth attacks though, one might preference capturing the handshake and decrypt the PSK (if the password isn't hideous), rather than just capturing the poorly encrypted buffered frames that use the all zero PSK. With lots of unupgradable wifi accesspoints, this can be problematic...
wifi  security  attack  exploit  deauth  hacking  pentesting 
5 weeks ago by asteroza
saleemrashid/badecparams: Proof of Concept for CVE-2020-0601
Using the Chain-of-Fools Windows 10 ECC bug to rickroll people visiting the NSA
CVE-2020-0601  rickroll  NSA  humor  security  ECC  curve  attack  PoC  windows  10 
10 weeks ago by asteroza
MG
Lots of hardware hacking/recon kit including altered cables like DemonSeed
hardware  hacking  security  pentesting  BadUSB  HID  attack  cable 
november 2019 by asteroza
SKS Keyserver Network Under Attack
Uh, the GPG aspect means a risk of supply chain attack for all linux distros using GPG armoring on their package management/deployment architectures. Which is NOT GOOD. Also, Tor Browser Developer cert is now poisoned, so the supply chain attack has started...
PGP  OpenPGP  GnuPG  GPG  keyserver  network  spam  attack  poison  certificate  poisoning  DoS  security  exploit  hacking  pentesting 
july 2019 by asteroza
RAMBleed
rowhammer is back with a vengence...
DRAM  RAM  ECC  memory  attack  exploit  rowhammer  security  hacking  pentesting 
june 2019 by asteroza
Faxsploit – Exploiting A Fax With A Picture | Hackaday
Sure this is about an all-in-one fax/printer rigs, but don't forget a lot of companies now also use fax to email gateways as well...
fax  exploit  OOB  attack  security  hacking  pentesting 
may 2019 by asteroza
[1901.01161] Page Cache Attacks
This is kinda bad, since it leverages software caches and can be hardware agnostic, allowing write once malware that works well all over (javascript?)
shadow  page  cache  side  channel  attack  exploit  security  hacking  pentesting 
january 2019 by asteroza
ECCploit: ECC Memory Vulnerable to Rowhammer Attacks After All - VUSec
DD3, but they think the same timing sidechannel is present in DDR4...
rowhammer  attack  exploit  timing  side  channel  DDR3  ECC 
november 2018 by asteroza
dnsrebindtool.43z.one/
test tool for arbitrary javascript payloads to test DNS rebinding attacks
DNS  rebinding  attack  javascript  payload  test  service 
june 2018 by asteroza
endgameinc/RTA
Blue team test framework to check their detection capabilities
attack  threat  simulation  MITRE  framework  software  python  security  hacking  pentesting  defense 
may 2018 by asteroza
« earlier      
per page:    204080120160

Copy this bookmark:





to read