C your data structures with rellic-headergen:https://blog.trailofbits.com/2022/01/19/c-your-data-structures-with-rellic-headergen/
・ rellic-headergen - Trail of Bits 开源了一个用于分析字节码,还原 C 数据结构关联的工具 – Jett
GitHub - modzero/MZ-21-02-Trendmicro: Critical Vulnerabilities in Trend Micro Deep Security Agent for Linux:https://github.com/modzero/MZ-21-02-Trendmicro
・ 趋势科技 Deep Security Agent Linux 版本 root 提权漏洞 PoC – Jett
Zloader Installs Remote Access Backdoors and Delivers Cobalt Strike:https://news.sophos.com/en-us/2022/01/19/zloader-installs-remote-access-backdoors-and-delivers-cobalt-strike/
・ Zloader 木马近期功能更新,运行时会安装 VNC 以及 Cobalt Strike – Jett
[Windows] CVE-2021-31956:https://bbs.pediy.com/thread-271140.htm
・ CVE-2021-31956漏洞分析与利用. – lanying37
Fuzzware:https://github.com/fuzzware-fuzzer/fuzzware
・ Fuzzware: Using Precise MMIO Modeling for Effective Firmware Fuzzing – Jett
[Tools] CryptoLyzer: A comprehensive cryptographic settings analyzer:https://pfeifferszilard.hu/2021/12/27/cryptolyzer-a-comprehensive-cryptographic-settings-analyzer.html
・ CryptoLyzer - 自动化分析 SSL/TLS, SSH 协议相关加密配置属性的工具 – Jett
[Browser, Web] [PDF] https://arxiv.org/pdf/2112.15561.pdf:https://arxiv.org/pdf/2112.15561.pdf
・ SOK: On the Analysis of Web Browser Security – Jett
CVE-2021-22204 GitLab RCE之exiftool代码执行漏洞深入分析(二):http://blog.topsec.com.cn/cve-2021-22204-gitlab-rce%e4%b9%8bexiftool%e4%bb%a3%e7%a0%81%e6%89%a7%e8%a1%8c%e6%bc%8f%e6%b4%9e%e6%b7%b1%e5%85%a5%e5%88%86%e6%9e%90%ef%bc%88%e4%ba%8c%ef%bc%89/
・ CVE-2021-22204 GitLab RCE之exiftool代码执行漏洞深入分析(二) – lanying37
?? The ace(r) up your sleeve!:https://aptw.tf/2022/01/20/acer-care-center-privesc.html
・ 宏基电脑在 Windows 系统安装的 Acer Care Center 被发现本地提权漏洞 – Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 微信公众号: 腾讯玄武实验室
+关注
快速开通微博你可以查看更多内容,还可以评论、转发微博。
