yappare

Today I presented a rough idea of a (brand-new?) data exfiltration technique with regular expression injection and timing attack at OWASP Night (Japan). Enjoy! #owaspnight #owaspjapanhttps://speakerdeck.com/lmt_swallow/revisiting-redos-a-rough-idea-of-data-exfiltration-by-redos-and-side-channel-techniques …

TeamViewer stored user passwords encrypted, not hashed, and the key is now publichttps://whynotsecurity.com/blog/teamviewer/ …

RE just retired from @hackthebox_eu. As the creator of the box, I tried to bring phishing/macro obfuscation concepts to the initial access. The intended privescs were the WinRar ACE file exploit, and XXE in Ghidra. I'll show two unintended privescs too.https://0xdf.gitlab.io/2020/02/01/htb-re.html …

Want to see how the @Mandiant red team weaponizes @FireEye threat intel for R&D and TTP development? Check out some research I did with @evan_pena2003 and @FuzzySec. Also includes some new executables that can be used for DLL abuse.https://www.fireeye.com/blog/threat-research/2020/01/abusing-dll-misconfigurations.html …

Ever wanted to take a peek at the mimikatz sekurlsa::msv internals? New blog post is all about it plus, it also showcases PyKDumper, a tool that dumps LSASS credentials through WinDBG/PyKD.https://www.matteomalvica.com/blog/2020/01/20/mimikatz-lsass-dump-windg-pykd/ …

It’s about time to start unveiling writeups about tasks from the #CTFZone qualifying stage. The first one is dedicated to the “In the Shadows” task, and we are happy to share it with you right now:https://medium.com/@offzone.conf/writeup-in-the-shadows-ac6c87bad4a5 …

As a part of my internship last year, I got a chance to perform Memory forensics on the Cridex Banking Trojan Sample. The tool of choice was obviously @volatility You can find the report in the link below. Let me know what you think https://www.linkedin.com/posts/ninostephen_memory-forensics-of-cridex-banking-trojan-activity-6627507739331522560-6EfJ …

[Educational] One of the best blog posts that I ever read about going from 0 to unauth RCE in f**king Mikrotik OS step by step:https://medium.com/@maxi./finding-and-exploiting-cve-2018-7445-f3103f163cc1 …

I wrote a guide to securing #salesforce applications and passing the #appexchange security review for the @bishopfox blog:https://know.bishopfox.com/research/sfdc-secure-development-cheat-sheet …

This is a summary for what i discussed with @NahamSec in our latest #twitch stream about my recon process, that will be easier for you as you might mess some when you watch the video later on. https://pastebin.com/dyNMPAAJ  Thanks Ben, what you do for community is dope #bugbountytips

I always had a hard time finding @GoogleVRP writeups beacuse they were all over the place in different blog posts, so I made this. If you know of something that is not in there, you are more than welcome to contribute! #BugBonty #infosec #GoogleVRPhttps://github.com/xdavidhu/awesome-google-vrp-writeups …

So glad to finally be able to release Collaborator++! It adds the ability to view interactions from all contexts, manually poll for interactions on old contexts, and secure your private servers with a pre-shared key!https://research.nccgroup.com/2020/01/28/tool-release-collaborator/ …