1) Five Prison Inmates Built Two PCs and Hacked a Prison From Within : https://www.bleepingcomputer.com/news/security/five-inmates-built-two-pcs-and-hacked-a-prison-from-within/ , Report by ODRC : http://watchdog.ohio.gov/Portals/0/pdf/investigations/2015-CA00043.pdf (pdf) #Hacking
2)RCE in Linux Kernel ( < 4.5 + inc. Android) via specially crafted UDP packets (Pl. update kernel) : https://nvd.nist.gov/vuln/detail/CVE-2016-10229 #Linux #Kernel #UDP
3)Write-up for alloc8 untethered bootrom exploit for iPhone 3GS : https://github.com/axi0mX/alloc8 #Exploit
4)ipwndfu : open-source jailbreaking tool for older iOS devices : https://github.com/axi0mX/ipwndfu cc @axi0mX #jailbreak #iOS
5)Identifying HTTPS-Protected Netflix Videos in Real-Time : https://www.mjkranch.com/docs/CODASPY17_Kranch_Reed_IdentifyingHTTPSNetflix.pdf (pdf) #Netflix
6) Remote Code Execution (CVE-2017-7280) - Part 1 : https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/ #RCE #Security
7) ApiScout : Painless Windows API information recovery : http://byte-atlas.blogspot.in/2017/04/apiscout.html #API #Hacking
8) Breaking the Security Model of Subgraph OS : https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
9) Exploiting Broadcom’s Wi-Fi Stack (Part 2): https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html , Part 1 : https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html #Broadcom
10) Reverse Engineering a DGA (Domain Generation Algorithm) : https://vimeo.com/212352397 #ReverseEngineering #DGA
11) Go-SCP : Go programming language secure coding practices guide : https://github.com/Checkmarx/Go-SCP #Go #SecureCoding
12) Chrome 59 has cross-platform headless support : https://www.chromestatus.com/features/5678767817097216 #Chrome
13) Xenotix-Python-Keylogger : Xenotix Python Keylogger for Windows : https://github.com/ajinabraham/Xenotix-Python-Keylogger/blob/master/xenotix_python_logger.py #keylogger #Python #Windows
14) Disarming EMET 5.52 : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Niels%20Warnars%20-%20Disarming%20EMET.pdf (Slides)
15) Network-based Ransomware Detection : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Paulus%20Meesen%20and%20Don%20Mulders%20-%20A%20Passive%20Listing%20Ransomware%20Detector.pdf (Slides)
16) iCloud syncing and 2FA: friend or foe? : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Vladamir%20Katalov%20-%20Breaking%20Apple%E2%80%99s%20iCloud%20Keychain.pdf (Slides)
17) Exploiting CVE-2017-0199 : HTA Handler Vulnerability : https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/
2)RCE in Linux Kernel ( < 4.5 + inc. Android) via specially crafted UDP packets (Pl. update kernel) : https://nvd.nist.gov/vuln/detail/CVE-2016-10229 #Linux #Kernel #UDP
3)Write-up for alloc8 untethered bootrom exploit for iPhone 3GS : https://github.com/axi0mX/alloc8 #Exploit
4)ipwndfu : open-source jailbreaking tool for older iOS devices : https://github.com/axi0mX/ipwndfu cc @axi0mX #jailbreak #iOS
5)Identifying HTTPS-Protected Netflix Videos in Real-Time : https://www.mjkranch.com/docs/CODASPY17_Kranch_Reed_IdentifyingHTTPSNetflix.pdf (pdf) #Netflix
6) Remote Code Execution (CVE-2017-7280) - Part 1 : https://rhinosecuritylabs.com/research/remote-code-execution-bug-hunting-chapter-1/ #RCE #Security
7) ApiScout : Painless Windows API information recovery : http://byte-atlas.blogspot.in/2017/04/apiscout.html #API #Hacking
8) Breaking the Security Model of Subgraph OS : https://micahflee.com/2017/04/breaking-the-security-model-of-subgraph-os/
9) Exploiting Broadcom’s Wi-Fi Stack (Part 2): https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_11.html , Part 1 : https://googleprojectzero.blogspot.in/2017/04/over-air-exploiting-broadcoms-wi-fi_4.html #Broadcom
10) Reverse Engineering a DGA (Domain Generation Algorithm) : https://vimeo.com/212352397 #ReverseEngineering #DGA
11) Go-SCP : Go programming language secure coding practices guide : https://github.com/Checkmarx/Go-SCP #Go #SecureCoding
12) Chrome 59 has cross-platform headless support : https://www.chromestatus.com/features/5678767817097216 #Chrome
13) Xenotix-Python-Keylogger : Xenotix Python Keylogger for Windows : https://github.com/ajinabraham/Xenotix-Python-Keylogger/blob/master/xenotix_python_logger.py #keylogger #Python #Windows
14) Disarming EMET 5.52 : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Niels%20Warnars%20-%20Disarming%20EMET.pdf (Slides)
15) Network-based Ransomware Detection : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Paulus%20Meesen%20and%20Don%20Mulders%20-%20A%20Passive%20Listing%20Ransomware%20Detector.pdf (Slides)
16) iCloud syncing and 2FA: friend or foe? : http://conference.hitb.org/hitbsecconf2017ams/materials/D1T4%20-%20Vladamir%20Katalov%20-%20Breaking%20Apple%E2%80%99s%20iCloud%20Keychain.pdf (Slides)
17) Exploiting CVE-2017-0199 : HTA Handler Vulnerability : https://www.mdsec.co.uk/2017/04/exploiting-cve-2017-0199-hta-handler-vulnerability/
