1) How we exploited a code execution vulnerability in math.js : https://capacitorset.github.io/mathjs/
3) ASUS B1M projector remote root exploit (0day) : https://www.myhackerhouse.com/asus-b1m-projector-remote-root-0day/
4) Windows DRM Social Engineering Attacks & TorBrowser : https://www.myhackerhouse.com/windows_drm_vs_torbrowser/
5) Tor : The Second-Generation Onion Router (Architecture) : http://sec.cs.ucl.ac.uk/users/smurdoch/papers/tor14design.pdf (pdf/wp)
6) usb-canary : Sends An SMS When Someone Tinkers With Your USB Ports : https://github.com/probablynotablog/usb-canary
7) Bypassing Cylance :
Part 1 – Using VSAgent.exe : http://www.blackhillsinfosec.com/?p=5792
Part 2 – Using DNSCat2 : http://www.blackhillsinfosec.com/?p=5798
Part 3 – Netcat & Nishang ICMP C2 Channel : http://www.blackhillsinfosec.com/?p=5804
Part 4 – Metasploit Meterpreter & PowerShell Empire Agent : http://www.blackhillsinfosec.com/?p=5806
Part 5 – Looking Forward : http://www.blackhillsinfosec.com/?p=5808
8) box-js : A tool for studying JavaScript malware : https://github.com/CapacitorSet/box-js
9) An introduction to programming for non-technical people by explaining jokes for programmers : http://eattheworldbook.com/content.html
1) 24 Techniques to Gather Threat Intel and Track Actors :
https://www.blackhat.com/docs/asia-17/materials/asia-17-Huang-24-Techniques-to-Gather-Threat-Intel-And-Track-Actors.pdf (Slides)
2) 3G/4G Intranet Scanning and its Application on the WormHole Vulnerability : https://www.blackhat.com/docs/asia-17/materials/asia-17-Bai-3G-4G-Intranet-Scanning-And-Its-Application-On-The-WormHole-Vulnerability.pdf (Slides)
3) Beyond the blacklists : Detecting malicious URL through machine learning : https://www.blackhat.com/docs/asia-17/materials/asia-17-Dong-Beyond-The-Blacklists-Detecting-Malicious-URL-Through-Machine-Learning.pdf (Slides)
4) Cache Side Channel Attack : Exploitability & Countermeasures : https://www.blackhat.com/docs/asia-17/materials/asia-17-Irazoqui-Cache-Side-Channel-Attack-Exploitablity-And-Countermeasures.pdf (Slides)
5)In-Depth Analysis of Go Language Runtime & the New Class of Vulnerabilities it introduces : https://www.blackhat.com/docs/asia-17/materials/asia-17-Clapis-Go-Get-My-Vulnerabilities-An-In-Depth-Analysis-Of-Go-Language-Runtime-And-The-New-Class-Of-Vulnerabilities-It-Introduces.pdf (Slides)
6) Hack Microsoft Using Microsoft Signed Binaries : https://www.blackhat.com/docs/asia-17/materials/asia-17-Braeken-Hack-Microsoft-Using-Microsoft-Signed-Binaries-wp.pdf (Whitepaper)
7) MASHaBLE : Mobile Applications of Secret Handshakes over Bluetooth Low-Energy : https://www.blackhat.com/docs/asia-17/materials/asia-17-Michalevsky-MASHABLE-Mobile-Applications-Of-Secret-Handshakes-Over-Bluetooth-LE.pdf (Slides) , https://www.blackhat.com/docs/asia-17/materials/asia-17-Michalevsky-MASHABLE-Mobile-Applications-Of-Secret-Handshakes-Over-Bluetooth-LE-wp.pdf (Whitepaper)
8) Never Let Your Guard Down : Finding Unguarded Gates to Bypass Control Flow Guard with Big Data :
https://www.blackhat.com/docs/asia-17/materials/asia-17-Sun-Never-Let-Your-Guard-Down-Finding-Unguarded-Gates-To-Bypass-Control-Flow-Guard-With-Big-Data.pdf (Slides)
9)The Power of Data-Oriented Attacks : Bypassing Memory Mitigation Using Data-Only
Exploitation Technique (Part I) : https://www.blackhat.com/docs/asia-17/materials/asia-17-Sun-The-Power-Of-Data-Oriented-Attacks-Bypassing-Memory-Mitigation-Using-Data-Only-Exploitation-Technique.pdf (Slides)
10) UEFI Firmware Rootkits : Myths and Reality : https://www.blackhat.com/docs/asia-17/materials/asia-17-Matrosov-The-UEFI-Firmware-Rootkits-Myths-And-Reality.pdf (Slides)
No comments:
Post a Comment