-
There are already some Intel ME parsers out there.
- https://github.com/linuxboot/fiano/blob/main/pkg/intel/me/me.go flash partitions
- https://github.com/platomav/MEAnalyzer lots of metadata
- htt…
-
Currently, the [security comparison]( https://github.com/struct/isoalloc/blob/master/SECURITY_COMPARISON.MD ) document only lists security features, but it would be nice to list killed/mitigated/… bug…
-
According to https://wiki.mozilla.org/Security/Server_Side_TLS#TLS_tickets_.28RFC_5077.29 and https://media.blackhat.com/us-13/US-13-Daigniere-TLS-Secrets-Slides.pdf , when TLS session tickets are act…
-
At line 114: bindings = ctx.listBindings("_smimecert." + domainName);
If not using LDAP to store Java objects, do not perform object-returning searches just for the benefit of getting a DirContext …
-
despite having a wigle account that works, the browser throws an error even though I have put my
login in the file as stated.
btowser shows this error:
WigleAuthenticationError at /locateSSID/bla…
-
Link will be https://www.blackhat.com/us-24/
Not sure about CFP dates
-
BlackHat 2015 Talk: WSUSpect – Compromising the Windows Enterprise via Windows Update
Video: https://www.youtube.com/watch?v=assJWqBe-vk
Paper: http://www.contextis.com/news/new-paper-released-comprom…
mubix updated
2 years ago
-
hi,
stumbled over those slides from BlackHat 2018 wher another framework after xposed and frida was introduced to intercept android apps: ARTist. It allows a complete log of network traffic before…
-
## Uptimerobot.com
## There is no additional verification for add custom domain. just add cname record and pointing to stats.uptimerobot.com
## https://exploit.linuxsec.org/uptimerobot-com-custo…
-
A plugin that implements the HTExploit attack.
The attack is simple enough (using a fake HTTP verb) that we may not need to use HTExploit code at all - it may even be better to include the code direc…