unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Secrets and Shadows: Leveraging Big Data for Vulnerability Discovery at Scale
Disclaimer: This research was conducted strictly independent of my employer (excluded from scope)....
2024-9-27 13:19:0 | 阅读: 6 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
cloud
dangling
github
identify
security
Abusing Exceptions for Code Execution, Part 2
Full disclosure- Microsoft hired me following part 1 of this series. This research was conducted in...
2023-1-30 23:1:24 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
unwind
security
unwinding
attacker
Sharing is Caring: Abusing Shared Sections for Code Injection
Moving laterally across processes is a common technique seen in malware in order to spread across a...
2022-4-5 00:0:0 | 阅读: 4 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
rwx
memory
attacker
remote
malicious
Abusing Exceptions for Code Execution, Part 1
A common offensive technique used by operators and malware developers alike has been to execute mal...
2022-2-15 04:11:41 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
memory
shellcode
oriented
seh
int3
Unpacking CVE-2021-40444: A Deep Technical Analysis of an Office RCE Exploit
In the middle of August 2021, a special Word document was uploaded to VirusTotal by a user from Arg...
2022-1-7 17:18:0 | 阅读: 17 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
payload
microsoft
attacker
malicious
cpl
Abusing Windows’ Implementation of Fork() for Stealthy Memory Operations
Note: Another researcher recently tweeted about the technique discussed in this blog post, this is...
2021-11-26 12:32:4 | 阅读: 2 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
attacker
memory
forking
processes
malicious
Insecure by Design, Epic Games Peer-to-Peer Multiplayer Service
The opinions expressed in this publication are those of the authors. They do not reflect the opinio...
2020-12-18 00:7:0 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
eos
client
matchmaking
gameserver
Defeating Macro Document Static Analysis with Pictures of My Cat
Over the past few weeks I've spent some time learning Visual Basic for Applications (VBA), specific...
2020-9-16 19:33:0 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
microsoft
malicious
corruption
corrupting
vbaproject
How to use Trend Micro's Rootkit Remover to Install a Rootkit
The opinions expressed in this publication are those of the authors. They do not reflect the opinio...
2020-5-18 23:32:0 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
memory
windows
microscan
trueapi
Several Critical Vulnerabilities on most HP machines running Windows
I always have considered bloatware a unique attack surface. Instead of the vulnerability being intr...
2020-4-3 20:31:0 | 阅读: 5 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
download
windows
client
remote
Insecure by Design, Weaponizing Windows against User-Mode Anti-Cheats
The market for cheating in video games has grown year after year, incentivizing game developers to...
2019-12-2 23:5:0 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
cheats
cheat
security
windows
Local Privilege Escalation on Dell machines running Windows
In May, I published a blog post detailing a Remote Code Execution vulnerability in Dell SupportAssi...
2019-7-19 22:30:0 | 阅读: 6 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
dell
apc
loadlibrary
sqlite3
Remote Code Execution on most Dell computers
What computer do you use? Who made it? Have you ever thought about what came with your computer? Wh...
2019-4-30 20:52:0 | 阅读: 10 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
dell
payload
Hacking College Admissions
Getting into college is one of the more stressful time of a high school student's life. Since the a...
2019-4-13 22:13:0 | 阅读: 4 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
college
wpi
targetx
schools
salesforce
Reversing the CyberPatriot National Competition Scoring Engine
Edit 4/12/2019Originally, I published this post a month ago. After my post, I received a kind email...
2019-4-13 06:10:0 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
scoring
secondary
windows
Reading Physical Memory using Carbon Black's Endpoint driver
Enterprises rely on endpoint security software in order to secure machines that have access to the...
2019-2-14 23:22:0 | 阅读: 3 |
收藏
|
Bill Demirkapi's Blog - billdemirkapi.me
memory
carbon
software
acquisition
attacker
Previous
-10
-9
-8
-7
-6
-5
-4
-3
Next