unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
A Census of Deployed Pulse Connect Secure (PCS) Versions
Today we are releasing some statistics around deployment of Pulse Connect Secure versions in the...
2021-04-23 23:55:28 | 阅读: 194 |
收藏
|
research.nccgroup.com
pcs
bom
genericv2
NCC Group’s Upcoming Trainings at Black Hat USA 2021
NCC Group will be presenting 4 different training courses at Black Hat USA...
2021-04-14 07:04:25 | 阅读: 207 |
收藏
|
research.nccgroup.com
security
cloud
exercises
attendees
presenter
Public Report – VPN by Google One: Technical Security & Privacy Assessment
During the fourth calendar quarter of 2020 and the first calendar qu...
2021-04-09 00:23:01 | 阅读: 182 |
收藏
|
research.nccgroup.com
quarter
conducted
network
claims
navigation
Technical Advisory – ParcelTrack sends all pasteboard data to ParcelTrack’s servers on startup
Vendor: ParcelTrackVendor URL: https://www.parceltrack.de/Versions affec...
2021-03-31 01:57:51 | 阅读: 174 |
收藏
|
research.nccgroup.com
parceltrack
pasteboard
clipboard
dan
hastings
Tool Release – Principal Mapper v1.1.0 Update
Principal Mapper, or PMapper, is a tool and library for in-depth analysis...
2021-03-30 04:57:33 | 阅读: 119 |
收藏
|
research.nccgroup.com
pmapper
github
nccgroup
scps
simulation
SAML XML Injection
The Single Sign-On (SSO) approach to authentication controls and identity management was quickly...
2021-03-29 23:00:00 | 阅读: 217 |
收藏
|
research.nccgroup.com
oasis
urn
assertion
samlp
adam
The Future of C Code Review
I gave a short talk on the Future of C Code Review at our internal (Not) N...
2021-03-24 00:12:31 | 阅读: 222 |
收藏
|
research.nccgroup.com
provenance
analysis
assumed
arises
explains
RIFT: Detection capabilities for recent F5 BIG-IP/BIG-IQ iControl REST API vulnerabilities CVE-2021-22986
tl;drThis post by Rich Warren and Sander Laarhoven discusses NCC Group observed in the wild...
2021-03-19 02:41:04 | 阅读: 231 |
收藏
|
research.nccgroup.com
mar
8100
authn
mgmt
stage
Tool Release – Solitude: A privacy analysis tool
Created by Dan Hastings and Emanuel Flores Solitude is an open source...
2021-03-17 21:00:00 | 阅读: 219 |
收藏
|
research.nccgroup.com
solitude
proxy
containers
favorite
routed
Deception Engineering: exploring the use of Windows Installer Packages against first stage payloads
tl;drPreviously we explored the use of Windows Process Canaries to det...
2021-03-17 02:17:06 | 阅读: 232 |
收藏
|
research.nccgroup.com
uninstall
uninstalled
security
stage
Lending a hand to the community – Covenant v0.7 Updates
IntroductionCovenant [1] is an open source .NET command and control framework to support...
2021-03-16 19:52:31 | 阅读: 265 |
收藏
|
research.nccgroup.com
covenant
sharpsploit
github
cobbr
windows
Technical Advisory: Dell SupportAssist Local Privilege Escalation (CVE-202-21518)
Vendor: Dell / PC-DoctorVendor URL: https://www.dell.com/support/contents/en-uk/article/product...
2021-03-11 00:21:34 | 阅读: 260 |
收藏
|
research.nccgroup.com
costura
dell
pcdr
Technical Advisory – Multiple Vulnerabilities in Netgear ProSAFE Plus JGS516PE / GS116Ev2 Switches
Multiple vulnerabilities were found in Netgear ProSafe Plus JGS516PE switches that may pose a se...
2021-03-09 07:50:00 | 阅读: 345 |
收藏
|
research.nccgroup.com
netgear
manuel
firmware
nsdp
jgs516pe
Deception Engineering: exploring the use of Windows Service Canaries against ransomware
tl;drWe prototyped a Windows Service Canary in order to target parts o...
2021-03-05 01:06:46 | 阅读: 286 |
收藏
|
research.nccgroup.com
windows
encryption
ransomware
whitehouse
ryuk
Wubes: Leveraging the Windows 10 Sandbox for Arbitrary Processes
tl;drWubes is like Qubes but for Microsoft Windows. The idea is to lev...
2021-03-04 00:59:15 | 阅读: 210 |
收藏
|
research.nccgroup.com
windows
wubes
vgpu
rational
Technical Advisory: Administrative Passcode Recovery and Authenticated Remote Buffer Overflow Vulnerabilities in Gigaset DX600A Handset (CVE-2021-25309, CVE-2021-25306)
Current Vendor: GigasetVendor URL: https://www.gigaset.com/es_es/gigaset-...
2021-03-01 07:37:00 | 阅读: 208 |
收藏
|
research.nccgroup.com
gigaset
dx600a
175
overflow
v41
Cryptopals: Exploiting CBC Padding Oracles
This is a write-up of the classic padding oracle attack on CBC-mode block ciphers. If you’ve don...
2021-02-18 01:16:07 | 阅读: 253 |
收藏
|
research.nccgroup.com
ciphertext
ct
zeroing
pad
encryption
Investigating Potential Security Vulnerability Manifestation through Various Analyses & Inferences Regarding Internet RFCs (and how RFC Security might be Improved)
OverviewRFCs have played a pivotal role in helping to formalise ideas...
2021-02-02 17:41:13 | 阅读: 246 |
收藏
|
research.nccgroup.com
security
rfcs
analysis
github
Conference Talks – February/March 2021
Throughout February and March, members of NCC Group will be presenting the...
2021-01-31 23:00:00 | 阅读: 271 |
收藏
|
research.nccgroup.com
software
security
development
frontiers
fernick
NCC Group’s 2020 Annual Research Report
In this post, we summarize our security research findings from across the nearly 200 conference...
2021-01-31 10:00:00 | 阅读: 444 |
收藏
|
research.nccgroup.com
security
cloud
network
remote
Previous
17
18
19
20
21
22
23
24
Next