Fools Of Security

@foolsofsecur1ty

Vulnerability Research | Fuzzing | Exploit Development | RE | Malware Analysis | Dev - (C,C++,x86 ASM,Python, NodeJs) | LibVMI - Hypervisor Research

Vrijeme pridruživanja: rujan 2016.

Tweetovi

Blokirali ste korisnika/cu @foolsofsecur1ty

Jeste li sigurni da želite vidjeti te tweetove? Time nećete deblokirati korisnika/cu @foolsofsecur1ty

  1. proslijedio/la je Tweet
    27. sij

    Windows Kernel _IMAGE_DOS_HEADER::e_lfanew Denial Of Service/Memory Corruption

    Poništi
  2. proslijedio/la je Tweet
    21. sij

    Senior Security Consultant describes the discovery of a privilege escalation in the Intel Trusted Connect Service Client and how to complete the in order to obtain local admin access

    Poništi
  3. 10. sij
    Poništi
  4. proslijedio/la je Tweet

    🎉 First security blogpost of 2020 🎉 Some people ask me, so here is how to start fuzzing APIs of JavaScript engines like Chrome/V8. In this blogpost, I'm using: ✅ Dharma/Domato ✅ Chrome/v8 ASan pre-built ✅ Honggfuzz ;)

    Poništi
  5. proslijedio/la je Tweet
    9. sij
    Poništi
  6. proslijedio/la je Tweet
    7. sij

    For anyone interested in my presentation on Local RPC in .NET the HITB version is now up on YouTube.

    Poništi
  7. proslijedio/la je Tweet
    18. pro 2019.
    Poništi
  8. proslijedio/la je Tweet
    17. pro 2019.

    Simplest and strangest sandbox escape I've found in Chrome was just derestricted

    Prikaži ovu nit
    Poništi
  9. proslijedio/la je Tweet
    17. pro 2019.

    New blog post outlining how to use my .NET RPC Client tooling from PowerShell and C# to test and exploit local RPC security vulnerabilities. Also an early xmas present for those who enjoy long standing design flaws in UAC :-)

    Poništi
  10. proslijedio/la je Tweet
    16. pro 2019.
    Poništi
  11. proslijedio/la je Tweet
    16. pro 2019.

    WdmlibIoCreateDeviceSecure(IoCreateDeviceSecure) on Nt 6.x, doesn't support specified SID. Eg. L"D:P(A;;GA;;;S-1-5-21-2919905370-567116316-3914385833-1000)". it will be failed. I implemented a code snippet that does something similar.

    Poništi
  12. proslijedio/la je Tweet
    12. pro 2019.

    Here's the advisory of the archive parser vulnerability found in Panda Antivirus

    Poništi
  13. proslijedio/la je Tweet
    11. pro 2019.

    Great writeup by escalating CDPSvc service privilege from LOCAL SERVICE to SYSTEM!

    Poništi
  14. proslijedio/la je Tweet

    Adobe Acrobat Reader DC for Windows heap-based memory corruption due to malformed TTF font

    Poništi
  15. proslijedio/la je Tweet
    9. pro 2019.

    I decided to create a tutorial called "Reversing Windows Internals" and explain about Windows Internals. The first part describes about Handles, Callbacks and Hidden Callbacks and ObjectTypes in Windows Thanks to for answering my questions.

    Poništi
  16. proslijedio/la je Tweet
    6. pro 2019.

    A while back I did a quick fuzzing exercise on Google Chrome <portal> element

    Poništi
  17. Frida is the best tools to speed up RE Skill on Windows. Blog:

    Prikaži ovu nit
    Poništi
  18. Checkout my new video "SamDav AntiVirus - Reverse Engineering " about bypassing License Key Registration using Frida Fun reversing Microsoft Visual Basic Run time library (msvbvm60.dll) :)

    Prikaži ovu nit
    Poništi
  19. proslijedio/la je Tweet
    5. stu 2019.

    Myself and have been doing a research on Executive Callback Objects. It's still WIP but feel free to contribute or add more info 😃

    Poništi
  20. Translating Virtual Memory -> Linear Address -> Physical Address. Finally found KDBG in physical memory using VboxDBG (Guest Debugger). It's interesting :) Soon will write a blog on debugging window guest using Virtual box. Planning to build live on top of vboxdbg

    Poništi

Čini se da učitavanje traje već neko vrijeme.

Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.

    Možda bi vam se svidjelo i ovo:

    ·