Last Week in Security (LWiS) - 2020-09-14 The biggest bug since 2017 - Unauth DC RCE by @djrevmoon and team, OpenSSL hooks in Rust by @ales... 2020-09-15 09:45:00 | 阅读: 45 | 收藏 | blog.badsectorlabs.com windows microsoft github ghidra evilginx

Last Week in Security (LWiS) - 2020-09-07 Remote SAM dumping in .NET by @G0ldenGunSec, Using Yara offensively by @_batsec_, Custom DLL inje... 2020-09-09 11:15:00 | 阅读: 39 | 收藏 | blog.badsectorlabs.com chrome windows dumping injection injector

Last Week in Security (LWiS) - 2020-08-31 Prevent .NET exit in loaded code by @domchell, file delete to SYSTEM PoC by @404death, @Tesla is... 2020-09-01 11:45:00 | 阅读: 38 | 收藏 | blog.badsectorlabs.com tesla windows injection security analysis

Last Week in Security (LWiS) - 2020-08-24 Kerberoasting without SPNs by @_mohemiv, spoof any gmail/gsuite customer with a technique from @e... 2020-08-25 11:45:00 | 阅读: 27 | 收藏 | blog.badsectorlabs.com windows cloud memory spns dmarc

Last Week in Security (LWiS) - 2020-08-17 Azure AD to on-prem lateral movement by @_wald0, a new Windows un-hooking project from @peterwint... 2020-08-18 12:20:00 | 阅读: 40 | 收藏 | blog.badsectorlabs.com windows vmprotect payload osce security

Last Week in Security (LWiS) - 2020-08-10 A new telemetry inspection tool by @Jackson_T, macOS goodies from @_D00mfist and @patrickwardle,... 2020-08-11 12:30:00 | 阅读: 32 | 收藏 | blog.badsectorlabs.com windows memory security wonder telemetry

Last Week in Security (LWiS) - 2020-08-03 A ton of macOS exploits and techniques from @xorrior, @A2nkF_, @mattshockl, and @vladimir_metnew,... 2020-08-04 07:45:00 | 阅读: 32 | 收藏 | blog.badsectorlabs.com security windows grub attacker bypass

Last Week in Security (LWiS) - 2020-07-27 NTLM relaying via Citrix Workspace by @_EthicalChaos_, access the entire AD database via Exchange... 2020-07-27 19:20:00 | 阅读: 57 | 收藏 | blog.badsectorlabs.com exchange software windows blackbaud phishing

Last Week in Security (LWiS) - 2020-07-20 Sophos XG 0day discovery by @ramoliks and @niph_, a D/Invoke primer by @_RastaMouse, EDR bypass v... 2020-07-21 05:20:00 | 阅读: 60 | 收藏 | blog.badsectorlabs.com windows identify memory attackers facial

Last Week in Security (LWiS) - 2020-07-13 VBA macro static analysis defeats by @gabriele_pippi, anti-RE VBS tricks from @Laughing_Mantis, E... 2020-07-14 05:30:00 | 阅读: 26 | 收藏 | blog.badsectorlabs.com windows injection impair defenses security

Last Week in Security (LWiS) - 2020-07-06 A new DLL hijacking finder from @CTXIS, the dangers of window.opener.postMessage by @zoczus, Wind... 2020-07-07 06:10:00 | 阅读: 47 | 收藏 | blog.badsectorlabs.com windows sticky payload security malicious

Last Week in Security (LWiS) - 2020-06-29 1,566 hijackable DLLs in Windows 10 from @Wietze, a Bitdefender RCE from visiting a website by @W... 2020-06-30 02:20:00 | 阅读: 54 | 收藏 | blog.badsectorlabs.com windows bitdefender injection security network

Last Week in Security (LWiS) - 2020-06-22 Bypassing CSP with Google Analytics by @amirshaked, @itm4n drops yet another Windows LPE, @OptivS... 2020-06-22 23:10:00 | 阅读: 39 | 收藏 | blog.badsectorlabs.com windows security opsec library beacon

Last Week in Security (LWiS) - 2020-06-15 A new tunneling tool from @shantanukhande, new rootkit tradecraft and kernel mode payload from @z... 2020-06-17 05:50:00 | 阅读: 50 | 收藏 | blog.badsectorlabs.com windows airdrop network cloud colab

Last Week in Security (LWiS) - 2020-06-08 A new Windows C implant from @_batsec_, a tool to detect .NET in memory by @domchell, big updates... 2020-06-09 09:35:00 | 阅读: 34 | 收藏 | blog.badsectorlabs.com windows memory lpe injection talos

Last Week in Security (LWiS) - 2020-06-01 A new HTTP tool from @pdiscoveryio, @TheXC3LL writes about a novel process injection technique fo... 2020-06-02 02:45:00 | 阅读: 37 | 收藏 | blog.badsectorlabs.com windows network phishing attachment

Last Week in Security (LWiS) - 2020-05-25 iOS 0day, privacy news, a patch diffing exploit from @matteomalvica, @404death drops a powerful W... 2020-05-26 09:20:00 | 阅读: 55 | 收藏 | blog.badsectorlabs.com windows network microsoft security t1068

Hack The Time - NSEC CTF 2020 NSEC 2020 CTF Writeup - Hack The TimeOverviewNote: This writeup and the challenge binary are... 2020-05-20 07:20:00 | 阅读: 46 | 收藏 | blog.badsectorlabs.com peda sched styles testarg

Last Week in Security (LWiS) - 2020-05-18 A COM-based lateral movement from @bohops, a new potato windows LPE variant from @splinter_code,... 2020-05-19 00:20:00 | 阅读: 32 | 收藏 | blog.badsectorlabs.com windows facebook printdemon yubikey 1048

Last Week in Security (LWiS) - 2020-05-11 Evil-Maid attacks make a comeback thanks to @0Xiphorus, 2FA interception by @0x09AL, new .NET C2... 2020-05-11 19:20:00 | 阅读: 22 | 收藏 | blog.badsectorlabs.com windows remote security shellcode