exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 76 - 100 of 3,745 RSS Feed

Whitepaper Files

EDR Protection Is A Myth
Posted Oct 12, 2021
Authored by Deepanshu Khanna

Whitepaper that discusses the functionality of EDR (Endpoing Protection and Response), how it compares to antivirus, and how it can be manipulated.

tags | paper
SHA-256 | ece8d73b3f5b494064886d578b32c0f9fcd8723057d66ff7d4e4b551ab1d242d
Deserialization Of Untrusted Data In jsoniter
Posted Sep 30, 2021
Authored by Adi Malyanker

Whitepaper that discusses deserialization of untrusted data in jsoniter.

tags | paper
SHA-256 | 0ca417e1ce7adae9c50ca05cb6775b57ac7716c04884972cfd2a9cbbb6b0a4a4
OWASP TimeGap Theory Handbook
Posted Sep 25, 2021
Authored by Abhi M Balakrishnan

This is the OWASP TimeGap Theory handbook that discusses TOC/TOU vulnerabilities.

tags | paper, vulnerability
SHA-256 | 3fa653fadddee02d336d318a62bba714ded87e3ad0707724dc715175cf443fc2
Securing Authentication And Authorization
Posted Sep 21, 2021
Authored by Jitendra Kumar Singh

This is a brief whitepaper discussing the securing of authentication and authorization.

tags | paper
SHA-256 | ec474e596a9d9ba2ab9781f4af02b1dee9f12e35a15b86af9d6a4566b3045d04
BSides SF 2022 Call For Papers
Posted Sep 20, 2021
Site bsidessf.org

BSides SF is soliciting papers and presentations for the 2022 annual BSidesSF conference. It will be located at City View at the Metreon in downtown San Francisco February 5th through the 6th, 2022.

tags | paper, conference
SHA-256 | 116913a94e74b59af467e5522f2a4c08f2434469de79a58f7d2653633b1bb6cb
Backdooring WordPress To Get Cleartext Passwords
Posted Sep 11, 2021
Authored by Rafael Sousa

This paper demonstrates how to insert a backdoor in WordPress to get cleartext passwords anytime that a user logs in.

tags | paper
SHA-256 | 86a58a7a0e7f76d5a10b4c0f076df6f7acd2ba7b44bb9ce85aa4c428f169ff91
BRAKTOOTH: Causing Havoc On Bluetooth Link Manager
Posted Sep 3, 2021
Authored by Vaibhav Bedi, Matheus E. Garbelini, Ernest Kurniawan, Sudipta Chattopadhyay, Sumei Sun | Site asset-group.github.io

This whitepaper discusses BRAKTOOTH, a family of new security vulnerabilities in commercial BT stacks that range from denial of service (DoS) via firmware crashes and deadlocks in commodity hardware to arbitrary code execution (ACE) in certain IoTs.

tags | advisory, paper, denial of service, arbitrary, vulnerability, code execution
advisories | CVE-2021-28135, CVE-2021-28136, CVE-2021-28139, CVE-2021-28155, CVE-2021-31609, CVE-2021-31610, CVE-2021-31611, CVE-2021-31612, CVE-2021-31613, CVE-2021-31717, CVE-2021-31785, CVE-2021-31786, CVE-2021-34143, CVE-2021-34144, CVE-2021-34145, CVE-2021-34146, CVE-2021-34147, CVE-2021-34148, CVE-2021-34149, CVE-2021-34150
SHA-256 | ec29de4f145eee5ced7ab6a0c5389c72ee16a987352a4373d9ef5da684cef2ac
Cracking WiFi WPA2 Handshake
Posted Sep 2, 2021
Authored by Ruveyda Durul

Whitepaper called Cracking WiFi WPA2 Handshake. Written in Turkish.

tags | paper
SHA-256 | c6cc513244a2fff1794b3639ad360894a6c93b9dabc29cbf0e9739ed4e9ff7a9
HiveNightmare AKA SeriousSAM
Posted Sep 1, 2021
Authored by Sheikhar Gautam, Rima Yadav, Pankaj Jorwal

Whitepaper called HiveNightmare AKA SeriousSAM. It details an overview of CVE-2021-36934 and provides exploitation details.

tags | exploit, paper
advisories | CVE-2021-36934
SHA-256 | 6b2f808ea234ce7630f8d7f1e9174e0e3c62ad056188b18315bbf76d42c8c731
Local Administrator Is Not Just With Razer.. It Is Possible For All
Posted Aug 25, 2021
Authored by Lawrence Amer

This is a whitepaper that discusses additional vectors of attack that can be used against Razer products.

tags | paper
SHA-256 | d896ee68726d14957e7b9ef3ead4ea6080977a3951b1f9246dab51ea5e04be7c
JavaScript Static Analysis
Posted Aug 21, 2021
Authored by Abdulrahman Abdullah

Whitepaper discussing JavaScript static analysis. Written in Arabic.

tags | paper, javascript
SHA-256 | 0c4b9e81a57d57072c3bbf3c49892a9de6b7ea347238264d3d6ce9e7068c1996
Dancho Danchev's Personal Memoir
Posted Aug 17, 2021
Authored by Dancho Danchev

Dancho Danchev wrote a personal 100 page memoir.

tags | paper
SHA-256 | 8768965b892b82131fe72867147c1aa8f5bde8ae1c52f43f5116c6cb6e7afd3f
PIP Vulnerability In Android 11
Posted Aug 16, 2021
Authored by Akshay Sharma, Tanmay Tyagi, Abhinav

This is a whitepaper that gives an overview of the PIP vulnerability in Android 11.

tags | paper
SHA-256 | de30f374a906fe8d9c0d8bb8b7dfebcf0db353f3671a5b1d8f515460f9e6c36d
Attacking Optical Character Recognition System
Posted Aug 16, 2021
Authored by Vishwaraj Bhattrai

Whitepaper called Attacking Optical Character Recognition System.

tags | paper
SHA-256 | 27d4178ceb7a28e6651e0994b57cf6748e06a11feff3bb4601978c419df69e91
Pass-The-Hash Attack Over Named Pipes Against ESET Server Security
Posted Aug 5, 2021
Authored by UNSAFE-INLINE

This article focuses on using the NT hash to execute commands successfully on the target server which includes ESET Server Security and File Security even if the packet inspection settings restrict communication with a few services.

tags | paper
SHA-256 | 73f932909f758032767a6c41c634328ff69c7b2451dec44e6313edfddc0e6afa
Demystifying Nmap Scans At The Packet Level
Posted Jul 30, 2021
Authored by Aditya Srivastava | Site adityasrivastava2762.blogspot.com

This paper contains a step by step detailed walk-through of different nmap scanning techniques and how the nmap traffic looks like in wireshark for each scan. The objective of documenting the paper is to get a better understanding of packets while initiating any nmap scan so that it can help in bypassing firewalls or debugging what went wrong between the source and destination. It can also help in writing basic firewall rules.

tags | paper
SHA-256 | e98eb4f64e115f6a22e5fb658a650a8f88305b65ab9f8584011c81fe80099560
Exploiting PHP_SESSION_UPLOAD_PROGRESS
Posted Jul 27, 2021
Authored by Faisal Alhadlaq

This whitepaper discusses chain session upload progress to remote code execution when taking advantage of local file inclusion.

tags | paper, remote, local, code execution, file inclusion
SHA-256 | 3c9df4f24a784d6c632f742ca3902c18462336b6f1ee4031041e932d800f8a5d
hardwear.io 2021 Netherlands Call For Papers
Posted Jul 23, 2021
Authored by hardwear.io CFP

The call for papers for hardwear.io 2021 in the Netherlands is now open. It will take place October 28th through the 29th, 2021 at NH Hotel Den Haag, The Netherlands.

tags | paper, conference
SHA-256 | 68c8cf7a45d193d9d0d1360a6d987ce1ee4b0018bcef8b1a265a29c1fb7d7a14
Smart Contract Automated Testing Guidelines
Posted Jun 28, 2021
Authored by Loc Phan Van

Whitepaper called Smart Contract Automated Testing Guidelines that provides guidance on automation.

tags | paper
SHA-256 | 2637d58d1c7c59b0e8b57db8f391f84b9a001dcc6d498f48455236de4f4f2d0a
JNLP Injection To Multi-OS Code Execution
Posted Jun 25, 2021
Authored by Ken Pyle

Whitepaper discussing BIZARRELOVETRIANGLE and FULLCLIP - JNLP parameter injection attacks to remote, persistent, multi-os code execution.

tags | paper, remote, code execution
SHA-256 | 0544f59a1e884ac5e4753711797fde21b5db764b310bbdc41f2106aa58ffdef4
Network Pivoting HackerEnv
Posted Jun 18, 2021
Authored by Hejap Zairy Al-Sharif

Brief whitepaper that goes through proxy, ssh, and vpn pivoting during an attack. Written in Arabic.

tags | paper
SHA-256 | a1e855c508e17641d2eb114eced9cbb69be22f676f04484aaf30c490b078784e
node-serialize Remote Code Execution Web Shell
Posted Jun 18, 2021
Authored by Beren Kuday Gorun

Whitepaper called 'node-serialize' Remote Code Execution - Web Shell. Written in Turkish.

tags | paper, remote, web, shell, code execution
SHA-256 | 5258591e002e919f55d52d14edd0cf8d6b32488ebf99fbf4b7583e1a674d53bb
Penetration Testing Web Storage (User Experience)
Posted Jun 17, 2021
Authored by Abdulrahman Abdullah

Whitepaper called Penetration Testing Web Storage (User Experience). Written in Arabic.

tags | paper, web
SHA-256 | ac64e028c271cb652e3c0e80ad58084627611674cb22fcd6bb4a831a7c2fced8
Spoofing Downloaded Filename's Extension In Chromium
Posted Jun 16, 2021
Authored by Vallari Sharma, Archie Midha

This whitepaper illustrates exploitation of an insufficient data validation vulnerability in the Chromium framework.

tags | paper
advisories | CVE-2021-21123
SHA-256 | b518b651332d5b50eee9efb4b357a5e396fada0eba42899f6a54932aabdff483
Smuggling Via Windows Services Display Name - Lateral Movement
Posted Jun 14, 2021
Authored by Lawrence Amer

This research paper explains how to take advantage of windows services, how to mimic display names to deploy malicious beacons or even Meterpreter sessions.

tags | paper
systems | windows
SHA-256 | e1a4a62a90edd81fc9429eb3e16e8be7198bf5bc28a6abec8b729d347a942b26
Page 4 of 150
Back23456Next

File Archive:

June 2023

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    18 Files
  • 2
    Jun 2nd
    13 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    32 Files
  • 6
    Jun 6th
    39 Files
  • 7
    Jun 7th
    22 Files
  • 8
    Jun 8th
    17 Files
  • 9
    Jun 9th
    20 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close