Whitepaper called Active Directory Enumeration with PowerShell.
9749bf4f1c728d560b607f1e3a15b07eThis paper presents the "LDAP Swiss Army Knife", an easy to use LDAP server implementation built for penetration oder software testing. Apart from general usage as a server or proxy it also shows some specific attacks against Java/JNDI based LDAP clients.
a5b08197ac7d25c91698564ff5769d7bThis whitepaper provides a thorough analysis of CVE-2019-0708, also known as BlueKeep.
16b0e4d9cb924ea1508a83175e8d1273Whitepaper called A Debugging Primer with CVE-2019-0708.
6e54962ab2cce7123445b9f0b400b434Whitepaper called Web Application Firewall Bypass Methods. Written In Turkish.
3d35d818f88542e7fe364c214be492bbWhitepaper called Penetration Testing Steps and Tools. Written In Turkish.
4d97bb9bf96b21e872162c6c1a230690The ROOTCON 13 Call For Papers has been announced. It will be held September 25th through the 27th, 2019 at the Taal Vista Hotel, Tagaytay, Philippines.
d347194b8b8cbd09d5e5bba0ff7ee29fThis archive contains proof of concepts and a whitepaper that describes multiple email client implementations where popular clients for email are vulnerable to signature spoofing attacks.
d247e4ccd9f597d40309c5f5e797a348This is a whitepaper that discusses bypassing a firewall using tunneling techniques. Written in Turkish.
6b0c08d69652748f958c31ee7769b37eReleased 2019/04/18 by the United States Justice Department, this is the Report On The Investigation Into Russian Interference In The 2016 Presidential Election. This is the redacted version.
ce5859e9b5d8b76aedd18dc296dcc1e6The call for papers for H2HC 16th edition is now open. H2HC is a hacker conference taking place in Sao Paulo, Brazil, from October 26th through the 27th, 2019.
4c732ebf34f1ec81c10c71b8ad5716cbhardwear is seeking innovative research on hardware security. If you have done interesting research on attacks or mitigation on any Hardware and want to showcase it to the security community, just submit your research paper. A conference in the USA will take place June 11th through the 14th, 2019 and another will take place in the Netherlands September 23rd through the 27th.
c2fb7f675674da300f0f76c6ac3d0d95The c0c0n 2019 call for papers has been announced. It will take place September 25th through the 28th, 2019 at the Grand Hyatt, Kochi (Cochin), Kerala, India.
7249c0266d14ba00f16c8728632d4033REcon is a computer security conference with a focus on reverse engineering and advanced exploitation techniques. It will be held June 28th through the 30th, 2019, in Montreal, Canada.
20b57c81c732a0f0d02f1daae7178ad4This whitepaper discusses highlights of findings related to remote code execution leveraging JMX/RMI.
6ff134ecb65e85ce3c03348a2f8cc3e1This is a short write-up on binary planting along with a few old-school 0-days which may still be helpful for pentesters willing to escalate privileges on Windows.
2610f1f8b017ac3a538d7e379b554592This document provides an overview of IPv6 security that is specifically aimed at IPv4 engineers and operators. Rather than describing IPv6 in an isolated manner, it aims to re-use as much of the existing IPv4 knowledge and experience as possible. It highlights the security issues that affect both protocols in the same manner, as well as those that are new or different for the IPv6 protocol suite. Additionally, it discusses the security implications arising from the co-existence of the IPv6 and IPv4 protocols.
3c7ad3f60f63c849f9bff9b85784a99aThis is the world's shortest whitepaper showing how to use javascript to record keystrokes and log them.
7b93299171e5f7b4226507db4f42a273Whitepaper discussing Flexpaper versions 2.3.6 and below which suffer from a remote code execution vulnerability.
331487287912b9a46dcc93be2d9569a4Whitepaper called File transfer skills in the red team post penetration test.
9afe5f91a9c54df50eebf28e7275df4eWhitepaper called SPOILER: Speculative Load Hazards Boost Rowhammer and Cache Attacks. This research was produced jointly between Worcester Polytechnic Institute and University of Lubeck. It has been noted that software mitigations tied to Spectre will not mitigate this newly identified issue.
b6ba3b01a09c79386f413c930ccf0a61Whitepaper called Android Security Research: Crypto Wallet Local Storage Attack.
302db448f5da580da34910a16f859d5bResearchers from Ruhr-University Bochum in Germany have broken digital signatures on PDFs and managed to create fake signatures on 21 of 22 viewer apps and five out of the seven online PDF digital signing services. This archive contains both whitepapers produced by the university.
fe2c0d914302043ea609a1f2e70944c5Whitepaper called The Ultimate Guide for Basic Subdomain Takeover with Practical.
0dfb73cde67c722ec8d25eae0791865fThis paper discusses a vulnerability class called "Expression Language Injection (EL Injection)". Although several security researchers have published details in the past, the bug class is still fairly unknown. EL Injection is a serious security threat over the Internet for the various dynamic applications. In today's world, there is a universal need present for dynamic applications. As the use of dynamic applications for various online services is rising, so is the security threats increasing. This paper defines a methodology for detecting and exploiting EL injection.
d27631ed77a06533d0b790da76f33b03
© 2016 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed