unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
The art of cutting corners
I love ROI-driven solutions and this post is about one of them. My personal cybersecurity consul...
2024-4-6 07:46:43 | 阅读: 12 |
收藏
|
Hexacorn - www.hexacorn.com
software
client
roi
analysis
luckily
Subfrida v0.1
As many of you know, I am a big fan of Frida framework and I love its intuitiveness and flexibil...
2024-3-31 08:57:22 | 阅读: 8 |
收藏
|
Hexacorn - www.hexacorn.com
idf
ofs
onenter
From Underground to Overground
There are many debates and infosec dramas related to vulnerability research, publishing Off...
2024-3-30 08:5:31 | 阅读: 15 |
收藏
|
Hexacorn - www.hexacorn.com
security
ost
era
pocs
Stuffing up the WINDIR env. var. with THE SPACE
I love revisiting the ‘there is nothing else to be found there anymore’ cases and I described th...
2024-3-17 07:40:35 | 阅读: 20 |
收藏
|
Hexacorn - www.hexacorn.com
msra
wow
32k
truncation
windows
Lolbin Wow Ltd x 2
I have already covered cases where I abused WINDIR environment variable to LOLBINize some W...
2024-3-17 06:18:38 | 阅读: 19 |
收藏
|
Hexacorn - www.hexacorn.com
w32tm
windows
syswow64
payload
sysnative
1 little known secret of explorer.exe
Windows Explorer is a beast. It does so many things when it starts that it hurts…Someti...
2024-3-3 08:33:23 | 阅读: 30 |
收藏
|
Hexacorn - www.hexacorn.com
cpl
desk
windows
dodgy
1 little known secret of nslookup.exe
I was recently surprised by the fact that Windows’ nslookup.exe accepts the local config fi...
2024-3-2 07:59:8 | 阅读: 21 |
收藏
|
Hexacorn - www.hexacorn.com
nslookuprc
resolves
surprised
windows
nslookup
How to become/continue to be a security researcher?
In my post from 2018 I listed a number of strategies one can use to ‘find interesting stuff...
2024-1-21 08:59:29 | 阅读: 19 |
收藏
|
Hexacorn - www.hexacorn.com
windows
regsvr32
ordinal
software
discoveries
2 little secrets of ScriptRunner.exe
ScriptRunner.exe is a known lolbin, but the Lolbas project doesn’t cover all of this progra...
2024-1-14 07:9:46 | 阅读: 11 |
收藏
|
Hexacorn - www.hexacorn.com
appvscript
mspaint
lolbas
Adding character(s) to Command Line processing
In my old post about certutil I mentioned that it accepts a number of less-known Unicode ch...
2024-1-13 07:39:35 | 阅读: 16 |
收藏
|
Hexacorn - www.hexacorn.com
quotation
interpreted
minus
assumptions
dash
Bitmap hunting in SPL, Part 2
In my previous post I introduced the concept of bitmap hunting. Today I will show another exampl...
2024-1-7 07:46:54 | 阅读: 10 |
收藏
|
Hexacorn - www.hexacorn.com
evt
makeresults
allb
clusters
cscript
1 little known secret of fondue.exe
Same as in the previous case, we can copy the main executable fondue.exe to a different fol...
2024-1-6 09:29:25 | 阅读: 20 |
收藏
|
Hexacorn - www.hexacorn.com
cpl
fondue
appwiz
(Not) Mapping Firefox extension IDs to their names
I have mapped an extensive list of Chrome Plug-in IDs to their names before. Of course, I k...
2024-1-6 07:36:45 | 阅读: 13 |
收藏
|
Hexacorn - www.hexacorn.com
ons
python
yup
localized
typos
Bitmap Hunting in SPL
One of the most annoying hunting exercises is detecting a sequence of failures followed by a suc...
2024-1-2 01:23:21 | 阅读: 11 |
收藏
|
Hexacorn - www.hexacorn.com
username
sys01
makeresults
allstatuses
doe
1 little known secret of hdwwiz.exe
There is a number of .cpl files that can be loaded using their OS-native executable equival...
2024-1-1 21:21:53 | 阅读: 21 |
收藏
|
Hexacorn - www.hexacorn.com
hdwwiz
cpl
malicious
loaded
equivalents
1 little known secret of forfiles.exe
The forfiles.exe program is a well-known lolbin. Its power comes from the /c command line a...
2023-12-31 18:21:41 | 阅读: 22 |
收藏
|
Hexacorn - www.hexacorn.com
forfiles
malicious
lolbin
enumerates
enumerated
1 little known secret of ieUnatt.exe on win11
The program has been changed since win10 and it now loads wdscore.dll almost immediately af...
2023-12-31 00:1:46 | 阅读: 13 |
收藏
|
Hexacorn - www.hexacorn.com
wdscore
identical
loadlibrary
zeroes
1 little known secret of fsquirt.exe
The program in the title of this post is not very well-known. It’s being used for some rand...
2023-12-30 05:57:39 | 阅读: 17 |
收藏
|
Hexacorn - www.hexacorn.com
fsquirt
windows
microsoft
sendto
roaming
1 little known secret of regsvr32.exe, take three
In the past I wrote a few times about the side-effect of having 2 binaries named the same way an...
2023-12-29 07:14:48 | 阅读: 16 |
收藏
|
Hexacorn - www.hexacorn.com
regsvr32
windows
ocx
hhctrl
syswow64
1 little known secret of regsvr32.exe, take two
There is an archaic feature that regsvr32.exe leverages to autoregister libraries associate...
2023-12-27 08:9:35 | 阅读: 14 |
收藏
|
Hexacorn - www.hexacorn.com
txtfile
library
regsvr32
dllmain
Previous
3
4
5
6
7
8
9
10
Next