Last Week in Security (LWiS) - 2021-10-19 macOS ESF playground (@jbradley89), Azure privesc via service principles (@_wald0), Java gadget f... 2021-10-20 04:25:00 | 阅读: 49 | 收藏 | blog.badsectorlabs.com security windows oauth2 cobalt skeleton

Last Week in Security (LWiS) - 2021-10-11 iOS 15 IOMFB exploit (@AmarSaar), new lsass dumper (@thefLinkk), SharpCalendar (@sadpanda_sec), g... 2021-10-12 11:26:00 | 阅读: 30 | 收藏 | blog.badsectorlabs.com windows gcphound weakpass mythic youtube

Last Week in Security (LWiS) - 2021-10-06 OffensiveRust (@trickster012), persistence via preview panes (@matterpreter + @mutantvillian), de... 2021-10-07 13:27:47 | 阅读: 33 | 收藏 | blog.badsectorlabs.com facebook shellcode dcom security bypass

Last Week in Security (LWiS) - 2021-09-28 PPLDump BOF (@the_bit_diddler), code-signed rootkits (@HackingThings), remote windows password re... 2021-09-29 12:59:00 | 阅读: 37 | 收藏 | blog.badsectorlabs.com windows github cooking finspy remote

Last Week in Security (LWiS) - 2021-09-20 OMI agent RCE in Azure (@shirtamari), dynamic mac malware RE (@philofishal), Teams spoofing (@mrd... 2021-09-21 12:59:00 | 阅读: 55 | 收藏 | blog.badsectorlabs.com omi spoofing security roslyn

Last Week in Security (LWiS) - 2021-09-14 Word RCE, Advanced Nim tradecraft (@snovvcrash), TCC bypass (@_r3ggi), encrypted heap allocations... 2021-09-15 09:59:00 | 阅读: 43 | 收藏 | blog.badsectorlabs.com analysis chrome windows c2 microsoft

Last Week in Security (LWiS) - 2021-09-07 Mental models for offsec dev (@Jackson_T), lockscreen bypass (@KLINIX5), DLL hijacking/cloning (@... 2021-09-08 12:59:00 | 阅读: 52 | 收藏 | blog.badsectorlabs.com windows security tunnels notebook beacon

Last Week in Security (LWiS) - 2021-08-23 iOS CSAM fallout (), JS surveillance framework (@imp0rtp3 + @felixaime), 1Password dumper (@djhoh... 2021-08-24 12:59:00 | 阅读: 42 | 收藏 | blog.badsectorlabs.com security windows microsoft csam porchetta

Last Week in Security (LWiS) - 2021-08-16 ProFTPd UAF (@lockedbyte), API hacking (@hakluke and @Farah_Hawaa), file ext tricks (@mrd0x), bui... 2021-08-17 12:59:00 | 阅读: 48 | 收藏 | blog.badsectorlabs.com sysmon security otp windows proftpd

Last Week in Security (LWiS) - 2021-08-09 Cobalt Strike Updates (@joevest, @adamsvoboda), ProxyShell [another exchange RCE] (@orange_8361).... 2021-08-10 12:59:00 | 阅读: 37 | 收藏 | blog.badsectorlabs.com windows cobalt exchange bypass c2

Last Week in Security (LWiS) - 2021-08-02 "Always Notify" UAC bypass (@hFireF0X + @axagarampur), NTLM relaying to AD CS (@_dirkjan), 2x AD... 2021-08-03 12:59:00 | 阅读: 60 | 收藏 | blog.badsectorlabs.com relaying bypass lpe petitpotam

Last Week in Security (LWiS) - 2021-07-26 User readable SAM hives (@jonasLyk and @cube0x0), PetitPotam takes off (@topotam77), Smart AD bru... 2021-07-27 12:59:00 | 阅读: 46 | 收藏 | blog.badsectorlabs.com windows shellcode security petitpotam inject

Last Week in Security (LWiS) - 2021-07-19 iOS exploit campaign (@amnesty + others), PrintNightmare refuses to die (@gentilkiwi), readable S... 2021-07-20 12:59:00 | 阅读: 38 | 收藏 | blog.badsectorlabs.com windows remote security memory aruba

Last Week in Security (LWiS) - 2021-07-12 Arbitrary exe's as BOFs (@phraaaaaaa), .NET exe's via BOF (@anthemtotheego), enterprise grade RCE... 2021-07-13 12:59:00 | 阅读: 47 | 收藏 | blog.badsectorlabs.com microsoft windows asprotect bofs cobalt

Last Week in Security (LWiS) - 2021-07-06 PrintNightmare saga (@cube0x0, @gentilkiwi, + others), Gatekeeper bypass (@theevilbit), DLL sidel... 2021-07-07 11:45:00 | 阅读: 60 | 收藏 | blog.badsectorlabs.com windows sideloading lpe vcenter malicious

Last Week in Security (LWiS) - 2021-06-28 Ghidra 10, Windows 11, Salesforce audit tool (@exploresecurity), XSS parser defeat (@bishopfox),... 2021-06-29 11:45:00 | 阅读: 62 | 收藏 | blog.badsectorlabs.com windows microsoft security virtualbox bypass

Last Week in Security (LWiS) - 2021-06-21 AD pwnage (@harmj0y, @tifkin_, and @elad_shamir), ImageLoad bypass (@_batsec_), bofnet_executeass... 2021-06-22 10:10:00 | 阅读: 66 | 收藏 | blog.badsectorlabs.com windows phishing payload bypass

Last Week in Security (LWiS) - 2021-06-14 Decrypting Veeam passwords (@checkymander), bypass Windows kASLR (@33y0re), Code > Commands (@The... 2021-06-15 11:45:00 | 阅读: 78 | 收藏 | blog.badsectorlabs.com windows bypass memory machine veeam

Last Week in Security (LWiS) - 2021-06-08 Bypassing NAC (@theluemmel), Outlook COM tool (@eks_perience), Transacted Hollowing (@hasherezade... 2021-06-09 12:45:00 | 阅读: 43 | 收藏 | blog.badsectorlabs.com hollowing security cobalt nac

Last Week in Security (LWiS) - 2021-05-31 ESXi heap overflow RCE (@straight_blast), abusing .NET dev features (@bohops), new book (@1njecti... 2021-06-02 11:40:00 | 阅读: 67 | 收藏 | blog.badsectorlabs.com bypass vcenter microsoft overflow shortcut