This whitepaper is a case study that analyzes the security of modern bluetooth keyboards. In the course of this research project, SySS GmbH analyzed three currently popular wireless keyboards using Bluetooth technology that can be bought on the Amazon marketplace for security vulnerabilities. The following three devices were tested for security issues from different attacker perspectives: 1byoneKeyboard, LogitechK480, and MicrosoftDesignerBluetoothDesktop (Model1678 2017).
066966c0a18d2c6ee4c885c5fb48bd21Whitepaper called Database Security Threats and Injection Technique. Written in Persian.
a7cb1ede4efa8d33b346b8a369054622Whitepaper called EggHunter Buffer Overflow for Windows. Written in Arabic.
7530d81f5ea60524126e7b277d92327bWhitepaper called Lateral Movement using WinRM. Written in Arabic.
ae51d28d40ed1f07fccc954c21dc8733Whitepaper called Reverse Engineering - Simple Patching. Written in Arabic.
68a7ae72fae2210e2a4d9ace43c125d5Whitepaper called Android Application Pentest With Drozer. Written in Persian.
bce46a39c54c0e5f1caa0c8d31110f1fThis is a SEH buffer overflow basic exploitation tutorial. Written in Arabic.
d914b71bb22db16a92bb6096551d3397This whitepaper explains deserialization vulnerabilities in Java, Python, PHP, and Ruby.
003eecb39455d3d75ab4d3f37d2cb166Whitepaper called Introduction to Wireless Network Penetration Testing. Written in Persian.
1b19373c6ccb377a6400ea115b877a24Whitepaper called Code Review Steps and Methodologies.
735525da63576a35964d6bc60e144a48Whitepaper called Web Forensics. Written in Vietnamese.
82843c871392c0d0efffb6e7058c21d6The t2'18 Call For Papers has been announced. It will take place October 25th through the 26th, 2018 in Helsinki, Finland.
df30ce4b46b221596a408d208f4749ccWhitepaper titled Linux Restricted Shell Bypass Guide.
d27133695ec11bcee5f1145b62e7f195Whitepaper called Windows Kernel Exploitation Tutorial Part 8: Use After Free.
89f76cdffee77908ed5e8f26120672b7Final call for the 2018 Hack In The Box (HITB) GSEC conference in Singapore. HITB GSEC is a 3-day deep knowledge security conference where attendees get to vote on the final agenda of talks and and to meet with the speakers they voted for.
213db60f4f90257921f74bd543bf47f1This report documents Fusee Gelee, a coldboot vulnerability that allows full, unauthenticated arbitrary code execution from an early bootROM context via Tegra Recovery Mode (RCM) on NVIDIA's Tegra line of embedded processors. As this vulnerability allows arbitrary code execution on the Boot and Power Management Processor (BPMP) before any lock-outs take effect, this vulnerability compromises the entire root-of-trust for each processor, and allows exfiltration of secrets e.g. burned into device fuses.
0ab768a01218de89b109624ec71ed96bWhitepaper that shows how easy you can build a fuzzer for the MQTT protocol by using the Polymorph framework.
9eca60d90eccec483d8294bf95607a9bThis paper documents a minor but somewhat easy way to compromise air gapped systems that share a kvm.
dc6b2a5f7beae67e10dd8d98be983b41This whitepaper explores the origin and impact of the vulnerabilities discovered in ST chipsets.
0c95d5b2547b920efafeca36b10548c1This whitepaper provides diamorphine linux kernel rootkit analysis. Written in Korean.
f542b2e90a44111c569a1dbf65f9d93aWhitepaper called Polymorph: A Real-Time Network Packet Manipulation Framework.
f4fa6a587308484e8825734647e49d76This pop-scientific conference paper introduces Mythril, a security analysis tool for Ethereum smart contracts, and its symbolic execution backend LASER-Ethereum. The first part of the paper explains symbolic execution of Ethereum bytecode in a largely formal manner. The second part showcases the vulnerability detection modules already implemented in Mythril. The modules use a pragmatic mix of static analysis, symbolic analysis and control flow checking.
689b059f5f52ffa4211e9e02e8310af5WOOT '12 Call For Papers - This will be held August 13th through the 14th, 2018, in Baltimore, MD, USA. WOOT '12 is co-located with the USENIX Security Symposium.
48289f763611d907fca2fc46ad5d9195Whitepaper called The Grey Matter of Securing Android Applications. It starts with the introduction of the Android platform and fundamentals of the Android applications. It later talks about the in-built security features of the Android platform and the additional features that are provided by Google to build a secure ecosystem. It also includes how and why these features can be leveraged to build secure Android applications.
5b291cb65b443bd1435c7d5264cbe7f7Whitepaper called DOSfuscation: Exploring the Depths of CMD.exe Obfuscation and Detection Techniques.
05765d8898bdc6d4c8c67776e3d9465b
© 2018 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed