FIRST EPSS (Exploit prediction scoring system) is now integrated into the Open-Source firmware analyzer EMBA. Beside CVEs, Exploits, PoCs you have an additional possibility to optimize your vulnerability evaluation. Check it out github.com/e-m-b-a/emba

''🤫 Unlocking secret ThinkPad functionality for emulating USB devices'' #infosec #pentest #redteam #blueteam xairy.io/articles/think…

Physical hardware attack to capture a Bitlocker key in transit across the SPI bus Credits Astral astralvx.com/stealing-the-b… #hardware #infosec

Great research work on TETRA (Terrestrial Trunked Radio) by Carlo Meijer, Wouter Bokslag and Jos Wetzels (security analysis and vulnerabilities) Paper: uploads-ssl.webflow.com/64a2900ed5e9bb… Slides: uploads-ssl.webflow.com/64a2900ed5e9bb… Repo: github.com/MidnightBlueLa… #tetra #wireless

Attacking cars wireless exposed communication (Tesla Model Y, NFC and Proxmark) Interesting white paper (2022) by Josep Pi Rodriguez (IOActive, Inc) White paper link: act-on.ioactive.com/acton/attachme… #automotive #cybersecurity

I wrote a post on coverage guided fuzzing for native Android libraries (using Frida & Radamsa), check it out on KnifeCoat 🔪🧥 knifecoat.com/Posts/Coverage…

HEAP HEAP HOORAY — Unveiling GLIBC heap overflow vulnerability (CVE-2023–6246) medium.com/@elpepinillo/h… #Pentesting #vulnerability #Hacking #CyberSecurity #Infosec

Excellent introduction to Linux namespaces Credits quarkslab Part 1: blog.quarkslab.com/digging-into-l… Part 2: blog.quarkslab.com/digging-into-l… #namespace

Does it run on a Raspberry Pi 5? (also on Apple Silicon) 👉 Yes! RF Swift makes it easy for most platforms 🔗 github.com/PentHertz/RF-S…

Total Identity Compromise: DART lessons on securing Active Directory, by Matt Zorich techcommunity.microsoft.com/t5/microsoft-s…

Evading EDRs and WAFs with Java deserialization gadgets Credits Clément Amic (Synacktiv) synacktiv.com/en/publication… #infosec #java

Nice writeup (2022) on attacking with fault injection the hardware crypto wallet Trezor credit VoidStar Security LLC voidstarsec.com/blog/replicant… #hardware #trezor

After two years of hard work with Damien Cauquil (@[email protected]) , we are proud to release for DEFCON32 the first public version of WHAD, a whole new ecosystem of opensource libs, tools & firmwares for wireless security ! The main repo is here: github.com/whad-team/whad… . And now, demo time ! [1/n]

Arsenal : Bypass EDR’s/XDR’s and make malware analysis harder : systemweakness.com/arsenal-bypass… Arsenal 2.0: Elevating Malware Stealth Tactics to bypass static detection : osintteam.blog/arsenal-2-0-el… Ref : SysWhispers2 : AV/EDR evasion via direct system calls : github.com/xenoscr/SysWhi…

Harden your SCCM infrastructure! It’s a goldmine for attackers - especially TAKEOVER-1 , a common misconfiguration that can lead to full Active Directory compromise. Red Team Tip ♦️ If ADCS isn’t fruitful, don’t sleep on TAKEOVER-1. It’s trivial to exploit with the right tools.

I am currently working on version 2 of the PicoGlitcher (mkesenheimer.github.io/blog/pico-glit…) to perform #FaultInjection and #VoltageGlitching. Here is a teaser what it can achieve. Version 2 is capable of basic pulse-shaping.

A repo for learning various heap exploitation techniques by Shellphish github.com/shellphish/how…

Linux user space page pinning and page table walking internals blogs.oracle.com/linux/post/pin… Credits Shoily Rahman #Linux #cybersecurity

Leveraging GitHub Actions to rotate IP addresses during password spraying attacks to bypass IP-Based blocking github.com/dunderhay/git-…

Bypass secure boot by exploiting TOCTOU at hardware level onekey.com/resource/makin… #infosec #embedded