Blog | Ptrace Security GmbH

Blog

Weekly IT Security News Bulletin #42

Weekly IT Security News Bulletin #42

Latest Infosec News and Articles Patrik’s Bug Bounty 🛠️Tools  https://blog.it-securityguard.com/patriks-bug-bounty-tools-%f0%9f%9b%a0%ef%b8%8f/Introducing MIDNIGHTTRAIN - A Covert Stage-3 Persistence Framework weaponizing UEFI variables https://slaeryan.github.io/posts/midnighttrain.html In-Memory shellcode decoding to evade AVs/EDRs https://shells.systems/in-memory-shellcode-decoding-to-evade-avs/  How I Hacked Facebook

IT Security News Bulletin #38

IT Security News Bulletin #38

Latest Infosec News and Articles ARM64 Reversing and Exploitation Part 1 - ARM Instruction Set + Simple Heap Overflow  http://highaltitudehacks.com/2020/09/05/arm64-reversing-and-exploitation-part-1-arm-instruction-set-heap-overflow/ The Current State of Exploit Development, Part 2 https://www.crowdstrike.com/blog/state-of-exploit-development-part-2/ Rampant Kitten –

IT Security News Bulletin #37

IT Security News Bulletin #37

Latest Infosec News and Articles CVE-2020-5902 BIG-IP RCE  https://github.com/jas502n/CVE-2020-5902/ From SSRF to Compromise: Case Study https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/from-ssrf-to-compromise-case-study/ A Hands-On Introduction to Mandiant's Approach to OT Red Teaming https://www.fireeye.com/blog/threat-research/2020/08/hands-on-introduction-to-mandiant-approach-to-ot-red-teaming.htmlFrom Android Static Analysis to RCE

IT Security News Bulletin #36

IT Security News Bulletin #36

Latest Infosec News and Articles The FLARE team's open-source tool to identify capabilities in executable files.  https://github.com/fireeye/capa/  Shadow Admins – The Stealthy Accounts That You Should Fear The Most https://www.cyberark.com/resources/threat-research-blog/shadow-admins-the-stealthy-accounts-that-you-should-fear-the-most PowerShell Remoting

IT Security News Bulletin #35

IT Security News Bulletin #35

Latest Infosec News and Articles Linux Kernel Runtime Guard (LKRG) in a nutshell  https://www.openwall.com/presentations/OSTconf2020-LKRG-In-A-Nutshell/ Dynamic Labs: Create your own test lab environment https://www.contextis.com/us/blog/dynamiclabs-introduction-walk-throughActive Directory Database: Structure, Access and Tools http://www.selfadsi.org/adsdb.htmCVE-2020-1380: Analysis

IT Security News Bulletin #34

IT Security News Bulletin #34

Latest Infosec News and Articles PowerShell: In-Memory Injection Using CertUtil.exe  https://movaxbx.ru/2018/06/01/powershell-in-memory-injection-using-certutil-exe/  Defending Your Malware https://labs.jumpsec.com/2020/08/11/defending-your-malware/ CVE-2020-1571 Windows Setup Elevation of Privileges Bypass 0day https://github.com/klinix5/Windows-Setup-EoPApache Tomcat RCE by deserialization (CVE-2020-9484) – write-up and

>