[Tools] MIT Technology Review’s Future Compute Conference 2022 - Microsoft Research:https://msft.it/6013bcXB7
・ MIT Technology Review’s Future Compute Conference 2022 – lanying37
探寻Tomcat文件上传流量层面绕waf新姿势 | Y4tacker's Blog:https://y4tacker.github.io/2022/06/19/year/2022/6/%E6%8E%A2%E5%AF%BBTomcat%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%B5%81%E9%87%8F%E5%B1%82%E9%9D%A2%E7%BB%95waf%E6%96%B0%E5%A7%BF%E5%8A%BF/
・ 探寻 Tomcat 文件上传流量层面绕 waf 新姿势 – Jett
Unbricking SHIELD TV (2015) with a Bootrom Exploit | Yifan Lu:https://yifan.lu/2022/06/17/unbricking-shield-tv-2015-with-a-bootrom-exploit/
・ Unbricking SHIELD TV (2015) with a Bootrom Exploit – Jett
[Windows] GitHub - omair2084/CVE-2022-26937: Windows Network File System Crash PoC:https://github.com/omair2084/CVE-2022-26937
・ Windows NFS CVE-2022-26937 PoC – Jett
Oh my API, abusing TYK cloud API management to hide your malicious C2 traffic - Shells.Systems:https://shells.systems/oh-my-api-abusing-tyk-cloud-api-management-service-to-hide-your-malicious-c2-traffic/
・ 滥用 Tyk 的 API 网关提供的 API 路由转发能力隐藏恶意 C2 流量 – Jett
CVE-2022-26809 Reaching Vulnerable Point starting from 0 Knowledge on RPC | Just Another Blog:https://s1ckb017.github.io/2022/06/17/CVE-2022-26809-Server-Side-vulnerable-point-reachability.html
・ 从补丁对比开始分析 Windows RPC RCE 漏洞(CVE-2022-26809) – Jett
GitHub - sarsko/CreuSAT: CreuSAT - A formally verified SAT solver written in Rust and verified with Creusot.:https://github.com/sarsko/CreuSAT
・ CreuSAT - Rust 写的 SAT solver – Jett
[Linux] Looking for Remote Code Execution bugs in the Linux kernel:https://xairy.io/articles/syzkaller-external-network
・ 扩展 syzkaller Fuzzer,挖掘 Linux 内核的远程 RCE 漏洞 – Jett
[PDF] https://lifeasageek.github.io/papers/sunwoo-fuzzorigin.pdf:https://lifeasageek.github.io/papers/sunwoo-fuzzorigin.pdf
・ FUZZORIGIN - 利用 Origin Fuzzing 的方案挖掘浏览器里的 UXSS 漏洞 – Jett
* 查看或搜索历史推送内容请访问:
https://sec.today
* 微信公众号: 腾讯玄武实验室
+关注
快速开通微博你可以查看更多内容,还可以评论、转发微博。
