Latest Infosec News and Articles
- Powershell script for enumerating vulnerable DCOM Applications https://github.com/sud0woodo/DCOMrade
- Infection Monkey – An automated pentest tool https://github.com/guardicore/monkey
- Fuzzing for eBPF JIT bugs in the Linux kernel https://scannell.me/fuzzing-for-ebpf-jit-bugs-in-the-linux-kernel/
- Attackers Exploiting WebLogic Servers via CVE-2020-14882 to install Cobalt Strike https://isc.sans.edu/diary/rss/26752
- Docker for Pentesters https://blog.ropnop.com/docker-for-pentesters/
- A Deep Dive Into Windows Scheduled Tasks and The Processes Running Them https://nasbench.medium.com/a-deep-dive-into-windows-scheduled-tasks-and-the-processes-running-them-218d1eed4cce
- WOW64!Hooks: WOW64 Subsystem Internals and Hooking Techniques https://www.fireeye.com/blog/threat-research/2020/11/wow64-subsystem-internals-and-hooking-techniques.html
- Injecting Code into Windows Protected Processes using COM – Part 1 https://googleprojectzero.blogspot.com/2018/10/injecting-code-into-windows-protected.html
- In Wild Critical Buffer Overflow Vulnerability in Solaris Can Allow Remote Takeover — CVE-2020-14871 https://www.fireeye.com/blog/threat-research/2020/11/critical-buffer-overflow-vulnerability-in-solaris-can-allow-remote-takeover.html
- Hacking in an epistolary way: implementing kerberoast in pure VBA https://adepts.of0x.cc/kerberoast-vba-macro/
Latest Vulnerabilities, POCs, and Exploit
- Car Rental Management System 1.0 – SQL injection + Arbitrary File Upload https://www.exploit-db.com/exploits/49025
- SuiteCRM 7.11.15 – ‘last_name’ Remote Code Execution (Authenticated) https://www.exploit-db.com/exploits/49001
- Sentrifugo Version 3.2 – ‘announcements’ Remote Code Execution (Authenticated) https://www.exploit-db.com/exploits/48998
- Sentrifugo 3.2 – ‘assets’ Remote Code Execution (Authenticated) https://www.exploit-db.com/exploits/48997
- HP WMI Service 1.4.8.0 – ‘HPWMISVC.exe’ Unquoted Service Path https://www.exploit-db.com/exploits/49010