In this paper, the authors show that under realistic assumptions, it is indeed possible to bypass TRR directly from JavaScript, allowing attackers to exploit the resurfaced Rowhammer bug inside the browser. In addition, their analysis reveals new requirements for practical TRR evasion. For instance, they discovered that activating many rows in rapid succession as shown in TRRespass may not always be sufficient to produce bit flips. The scheduling of DRAM accesses also plays an important role.
47dfe422ce30e7bc84f40aade82f759d07d143dca97cf56e443b984812de680a
The ZeroNights 2021 Call For Papers has been announced. It will be held in Saint-Petersburg, Russia on June 30th, 2021.
418b437944405587fb3fa6770e284fea10b92a3aabcbc643723779fa7611dd42
The video gaming industry is a popular target for various threat actors. Players as well as studios and publishers themselves are at risk for both opportunistic and targeted cyber-attacks - tactics range from leveraging fake APKs of popular mobile games, to compromising accounts for resale. Even APT (Advanced Persistent Threat) actors have been known to target the video gaming industry.This report will examine a hacking tool being promoted for use against gamers by masquerading as a cheat for Call of Duty: Warzone. This particular tool is considered a dropper, a piece of malware that is used to install or deliver an additional payload, such as credential stealing malware, on a target system or device. A dropper is a means to an end, rather than the end itself - but still is a critical link in the chain. The dropper examined in this report, "Cod Dropper v0.1", can be customized to install other, more destructive, malware onto the targets' machines.
5e38513aae0103e12649461665c14fa46a5772acb881d5395611526d1a436917
This is a whitepaper that discusses attacking GraphQL.
aa2a135e3c79bce67c8da5438837eb4be4d82d6384d4352b498bfce711c37beb
This whitepaper provides information about how you can hack JWT tokens for fun and profit.
7368748618b4cd6f33d0da05f3cabc301392721ae3b26c2284f7a0e648b15957
Whitepaper that discusses XXE exploitation via file uploads.
7c6849a41692d2abfdae193b26658ffc1ed539af111174b955d5ba020dc87949
This whitepaper explains how xml external entity and server-side request forgery vulnerabilities work and how they can be combined to perform attacks.
5b911234c50bade2c82b7c0909cc2946fb8a97e0d2a48acfa8f8fd489233bb49
This whitepaper focuses on explaining the Apache Ghostcat vulnerability and how it can be used to read file contents of all web applications deployed on Tomcat.
dc2b8740104317c36ad79dcb929d334c237272637cf804d3dfc086cec7bb44d1
Whitepaper called Credential Dumping Cheatsheet. It covers locations of data and various tooling you can use to find passwords.
029b308e2946943240e7d06eea765f709be7c1af2173b93f3e636ef0b7313a94
The call for papers for hardwear.io 2021 is open. It will take place July 9th through the 10th, 2021.
41f2f7a1cc68e7540cb4bf44eafb313d968d9ca6802b1ebeae31737fd6b4c2eb
Whitepaper called Breaking the Business Logics It is intends to provide the idea of business logic vulnerabilities and how to exploit them. There are theoretical scenarios as well where common flaws are discussed.
bdfa585849987cf27ac17432358edb5741e616a3b4025257978012426a6b0fa0
This whitepaper acts as a cheatsheet for methodologies to apply with Linux and Windows privilege escalation.
f9978ce5a9ca16e00a1d0a0a5a2c07c964a65b40e70e191a128d82f940f14ae3
This is a brief whitepaper that goes over file transfer mechanisms that can be used on Windows and Linux.
bb53fbaa2dc352533456cf7d06a33392552c749b608b8e33b3b03227d97e1520
Microsoft SMBv3 CVE-2020-0796 whitepaper that discusses the workings, exploitation, and mitigations.
9154829412e6f27bbd51d39811e1acf07f15b9daf04fbad8e3cb61e74d7e6c62
This is a brief whitepaper that goes over some tooling that can be of assistance while performing reconnaissance against a web application prior to attack.
efa89877156455ecbe4998579276a2b7f88564aac2a446ce3a8fdb5d7a98c52c
Whitepaper called Android Vulnerability in ES File Explorer. It provides an overview of manual exploitation of ES File Explorer version 4.1.9.7.4 using counterfeit requests over HTTP.
9b0d580d48451b1cfce532d6de5bf7c4caa5faf0493949998e87a7e17ccea3df
This whitepaper goes through identification and exploitation of the SMB Ghost vulnerability.
1598b7f81fc0fd106b6abbd1f0e5a9da28fc8f2cbf5e4b6c0db7946666870aa5
This whitepaper goes into detail on how to leverage a Chrome Browser use-after-free vulnerability in FileReader with Metasploit.
426daf836d595f934234e05cd94b8dc830e5e8415fdebf4f297113f87753387c
This whitepaper provides an overview of Autopsy, the graphical interface for the Sleuthkit.
45c9afa0c7451bc0554cf50748ab04b2650e7eadf00ab14203577af0ba3d74f2
This whitepaper is a guide to performing memory forensics using volatility. It goes into depth on using the Volatility framework to analyze memory dumped from a live system.
f9036bb369a6f8ab886ff9ad5a769c0561265e1425026f58996107393ca77473
Whitepaper called Active Directory Penetration Testing. Written in Turkish.
ea2487963fa1d18c78f0962ee60bb105f6a02d1297c01cf32cf2313bc0174348
Whitepaper called Mobile Security and Penetration Testing. Written in Turkish.
56bcdaf3cd7bc5cd83f8a5559d8985f7fe6e7e70d6985f586acb76d64834d173
This is a whitepaper that details identifying cross site scripting vulnerabilities in both the Neo and Matrix LMS codebase.
425783c0a58f4b3d8ceaa1ef51c78b248dc59a4e994ea242a952886897d53b3d
This whitepaper is an introductory guide to Digital Forensics. It provides a high level understanding of protocol and roles.
a676db8f5ab0381a2e9ea5b5adf74019397945ebdb2b6bc06f10b3b04670452d
This whitepaper is a guide to using FTK Imager for digital forensics.
3c78ef29175142feb10177e89ff96cbd355c362ecc8bb3edd23f41ce3f657e0f