Perché la conoscenza
è condivisione.
By smaury
29/03/2024
Bref Security Audit, sponsored by Amazon Web Services (AWS), facilitated by Open Source Technology Improvement Fund (OSTIF) and performed by Shielder.
Min
30/01/2024
Hunting for Unauthenticated n-days in Asus Routers
Notes on patch diffing, reverse engineering and exploiting CVE-2023-39238, CVE-2023-39239, and CVE-2023-39240.
Min
By suidpit
24/10/2023
CVE-2023-33466 - Exploiting Healthcare Servers with Polyglot Files
A recently disclosed CVE for the Orthanc DICOM server can be used to obtain Remote Code Execution. As a PoC was not available, we wrote one.
Min
By paupu
10/07/2023
AWS CodeBuild + S3 == Privilege Escalation
How to escalate your privileges in AWS by abusing CodeBuild and S3 permissions.
Min
05/09/2022
How to Decrypt Manage Engine PMP Passwords for Fun and Domain Admin - a Red Teaming Tale
Learn how to decrypt Manage Engine Password Manager Pro (PMP) passwords after exploiting CVE-2022-35405.
Min
By thezero
16/05/2022
Printing Fake Fiscal Receipts - An Italian Job p.2
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
19/04/2022
Printing Fake Fiscal Receipts - An Italian Job p.1
Reverse engineering and analysis of a fiscal printer device for fun and (real) profit.
Min
By thezero
05/04/2022
A Sneak Peek into Smart Contracts Reversing and Emulation
Introduction to web3 security, Smart Contract Reversing (bytecode and decompiled code level) and EVM emulation with Qiling.
Min
21/03/2022
Reversing embedded device bootloader (U-Boot) - p.2
In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.
Min
08/03/2022
Reversing embedded device bootloader (U-Boot) - p.1
In the course of these two articles, we will share an analysis of some aspects of reversing a low-level binary.
Min