unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
Software Verification and Analysis Using Z3
This post provides a technical introduction on how to leverage the Z3 Theorem Prover to reason a...
2021-01-29 21:00:00 | 阅读: 258 |
收藏
|
research.nccgroup.com
bitvec
z3
264
candidate
gf
Technical Advisory – Linksys WRT160NL – Authenticated Command Injection (CVE-2021-25310)
Current Vendor: Belkin (Linksys)Vendor URL: https://www.linksys.com/sg/p/...
2021-01-29 01:55:30 | 阅读: 278 |
收藏
|
research.nccgroup.com
belkin
wrt160nl
puvar7
linksys
manuel
Real World Cryptography Conference 2021: A Virtual Experience
Earlier this month, our Cryptography Services team got together and attended (virtually) the IAC...
2021-01-27 21:00:00 | 阅读: 298 |
收藏
|
research.nccgroup.com
attacker
security
aided
rwc
joppe
RIFT: Analysing a Lazarus Shellcode Execution Method
About the Research and Intelligence Fusion Team (RIFT):RIFT leverages our...
2021-01-23 17:43:14 | 阅读: 289 |
收藏
|
research.nccgroup.com
windows
shellcode
programlogs
rift
fusion
MSSQL Lateral Movement
Using discovered credentials to move laterally in an environment is a common goal for the NCC Gr...
2021-01-21 23:30:23 | 阅读: 291 |
收藏
|
research.nccgroup.com
database
security
microsoft
shellcode
trustworthy
Public Report – BLST Cryptographic Implementation Review
In October 2020, Supranational, Protocol Labs and the Ethereum Foundation...
2021-01-21 03:45:02 | 阅读: 325 |
收藏
|
research.nccgroup.com
library
stake
ietf
hashing
Sign over Your Hashes – Stealing NetNTLM Hashes via Outlook Signatures
In your emails, getting your hashes Capturing NetNTLM hashes from network communications is...
2021-01-16 02:54:59 | 阅读: 308 |
收藏
|
research.nccgroup.com
microsoft
network
software
intranet
Abusing cloud services to fly under the radar
tl;drNCC Group and Fox-IT have been tracking a threat group with a wide set of interests, fr...
2021-01-12 17:00:00 | 阅读: 343 |
收藏
|
research.nccgroup.com
network
cobalt
windows
victim
c2
Building an RDP Credential Catcher for Threat Intelligence
tl;drWe wanted to build a mechanism to capture all the passwords used...
2021-01-10 23:01:31 | 阅读: 303 |
收藏
|
research.nccgroup.com
pgina
nla
remote
microsoft
Double-odd Elliptic Curves
This post is about some new (or sort of new) elliptic curves for use in cryptographic protocols....
2021-01-06 21:00:00 | 阅读: 294 |
收藏
|
research.nccgroup.com
curves
odd
elliptic
cofactor
cycles
Using AWS and Azure for Cost Effective Log Ingestion with Data Processing Pipelines for SIEMs
tl;drLiam Stevenson, Associate Director of Technical Services within NCC Group’s Managed Det...
2021-01-04 20:28:03 | 阅读: 296 |
收藏
|
research.nccgroup.com
nifi
microsoft
eps
reduced
github
Domestic IoT Nightmares: Smart Doorbells
PrefaceHalf way through 2020, UK independent consumer champion Which? magazine reached out t...
2020-12-18 23:00:00 | 阅读: 599 |
收藏
|
research.nccgroup.com
firmware
doorbell
network
qr
eventid
Technical Advisory: OS Command Injection in Silver Peak EdgeConnect Appliances (CVE-2020-12148, CVE-2020-12149)
Vendor: Silver PeakVendor URL: https://www.silver-peak.comVersions affec...
2020-12-17 23:12:14 | 阅读: 314 |
收藏
|
research.nccgroup.com
edgeconnect
peak
silver
software
Helping Engineering Teams Tackle Security Debt in Embedded Systems: U-Boot Configuration Auditing Introduced in Depthcharge v0.2.0
Depthcharge v0.2.0 is now available on GitHub and PyPi. This release introduces new “configurati...
2020-12-16 21:00:00 | 阅读: 277 |
收藏
|
research.nccgroup.com
depthcharge
security
checker
software
dummy
An Adventure in Contingency Debugging: Ruby IO#read/IO#write Considered Harmful
Recently, I was working on weaponizing a particular bug with a colleague. For reasons unfathomab...
2020-12-15 21:00:00 | 阅读: 289 |
收藏
|
research.nccgroup.com
tpex
tracepoint
tcpsocket
errno
econnreset
ABSTRACT SHIMMER (CVE-2020-15257): Host Networking is root-Equivalent, Again
This post is a technical discussion of the underlying vulnerability of CVE-2020-15257, and how i...
2020-12-11 00:00:00 | 阅读: 343 |
收藏
|
research.nccgroup.com
containerd
shim
sockets
ttrpc
client
Tool Release – HTTPSignatures: A Burp Suite Extension Implementing HTTP Signatures
HTTPSignatures is a PortSwigger Burp Suite extension that implements the Signing HTTP Messages d...
2020-12-08 22:00:00 | 阅读: 328 |
收藏
|
research.nccgroup.com
burp
activitypub
security
draft
ICS/OT Security & the evolution of the Purdue Model: Integrating Industrial and Business Networks
In this recording of a presentation by NCC Group’s Damon Small at Hou.Sec....
2020-12-05 04:40:21 | 阅读: 365 |
收藏
|
research.nccgroup.com
security
purdue
boundaries
studies
driving
Tool Release – Carnivore: Microsoft External Assessment Tool
Carnivore is a tool for assessing on-premises Microsoft servers such as AD...
2020-12-03 23:29:29 | 阅读: 334 |
收藏
|
research.nccgroup.com
carnivore
username
spraying
meetings
ucwa
Technical Advisory: containerd – containerd-shim API Exposed to Host Network Containers (CVE-2020-15257)
Vendor: containerd ProjectVendor URL: https://containerd.io/Versions affected: 1.3.x, 1.2.x, 1.4.x...
2020-12-01 04:14:10 | 阅读: 386 |
收藏
|
research.nccgroup.com
containerd
shim
containers
security
sockets
Previous
18
19
20
21
22
23
24
25
Next