unSafe.sh - 不安全
我的收藏
今日热榜
公众号文章
导航
Github CVE
Github Tools
编码/解码
文件传输
Twitter Bot
Telegram Bot
Rss
黑夜模式
StealC Malware Analysis Part 3
In the first article of the series, we saw how to unpack the first stage pkr_ce1a manually and using...
2024-10-3 19:39:0 | 阅读: 17 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
xored
c4
callers
stealc
decoded
StealC Malware Analysis Part 2
Stage 2 informationIn the previous article, we retrieved Stage2 (a PE) encrypted and embedded in Sta...
2024-10-3 19:38:0 | 阅读: 8 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
jitter
miasm
stage
syncupd
c2
StealC Malware Analysis Part 1
This series of blog posts is aimed at a technical audience interested in reverse engineering and, mo...
2024-10-3 19:37:0 | 阅读: 16 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
miasm
jitter
libbase
shellcode
memory
Jupiter X Core Plugin <= 4.7.5 Authentication Bypass (CVE-2024-7781)
AbstractDuring a security assessment of a Wordpress website, the jupiterx-core plugin was identified...
2024-9-26 17:0:0 | 阅读: 17 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
wp
jupiterx
facebook
phpcs
attacker
Jupiter X Core Plugin <= 4.6.5 Remote Code Execution (CVE-2024-7772)
AbstractDuring a security assessment of a Wordpress website, the jupiterx-core plugin was identified...
2024-9-26 17:0:0 | 阅读: 42 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
raven
php
wp
jupiterx
blacklist
Writing a stealer logs parser
Table of contentsIntroductionContextExpectationsImplementationScrapingGrammarParsingStoring and usin...
2024-7-9 00:0:0 | 阅读: 9 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
newline
soft
grammar
chrome
seller
CVE-2023-27997 - Forensics short notice for XORtigate
Following the release of the CVE-2023-27997 on our blog and its section "A few notes for blue teamer...
2023-6-14 01:0:0 | 阅读: 90 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
remote
27997
salt
dtls
32bit
XORtigate: Pre-authentication Remote Code Execution on Fortigate VPN (CVE-2023-27997)
During a redteam assessment for one of our client, we had the opportunity to look into Fortigate SSL...
2023-6-13 22:0:0 | 阅读: 150 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
oplus
enspace
memory
compute
keystream
Sshimpanzee
TLDR;sshimpanzee is a fork of openssh server packaged with different network tunnels. It currently p...
2023-3-25 01:0:0 | 阅读: 32 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
icmp
tun
payload
fifo
tunnel
Cobalt Strike Investigation - Part 2
The previous article detailed the findings of the Cobalt Strike remote-exec built-in command that al...
2023-3-9 20:0:0 | 阅读: 124 |
收藏
|
Lexfo's security blog - blog.lexfo.fr
windows
powershell
evtx
sysmon
usn
Cobalt Strike Investigation Part 1
IntroductionApproachFindings SummaryCobalt Strike remote-exec winrm4.1. Sysmon Events4.2. Findings4....
2022-9-20 18:0:0 | 阅读: 29 |
收藏
|
blog.lexfo.fr
evtx
windows
alice
powershell
prefetch
安全通告 - 涉及华为某路由器产品的口令验证漏洞
nginx/1.21.6 ...
2022-6-28 08:0:0 | 阅读: 11 |
收藏
|
blog.lexfo.fr
安全通告 - 涉及华为打印机产品的输入验证类漏洞
nginx/1.21.6 ...
2022-6-20 08:0:0 | 阅读: 7 |
收藏
|
blog.lexfo.fr
安全通告 - 涉及华为打印机产品的输入校验漏洞
nginx/1.21.6 ...
2022-6-6 08:0:0 | 阅读: 10 |
收藏
|
blog.lexfo.fr
安全通告 - 华为某产品存在命令注入漏洞
nginx/1.21.6 ...
2022-6-6 08:0:0 | 阅读: 18 |
收藏
|
blog.lexfo.fr
安全通告 - 涉及华为产品的输入校验漏洞
nginx/1.21.6 ...
2022-6-1 08:0:0 | 阅读: 10 |
收藏
|
blog.lexfo.fr
安全通告 - 华为的某些产品存在越界写漏洞
nginx/1.21.6 ...
2022-5-23 08:0:0 | 阅读: 13 |
收藏
|
blog.lexfo.fr
安全通告 - 华为某些产品存在拒绝服务漏洞
nginx/1.21.6 ...
2022-5-23 08:0:0 | 阅读: 15 |
收藏
|
blog.lexfo.fr
Obfuscated obfuscation
IntroductionDuring a Red Team, we stumbled upon a device running Android. Next to the battery slot,...
2022-4-11 14:0:0 | 阅读: 13 |
收藏
|
blog.lexfo.fr
rk
i3
i2
td4
carr
AvosLocker Ransomware Linux Version Analysis
IntroductionOver the last few months, several cyber gangs (BlackCat, Hive, Revil, etc.) have built L...
2022-3-3 01:0:0 | 阅读: 18 |
收藏
|
blog.lexfo.fr
ransomware
ecies
encryption
salsa
hl
Previous
-28
-27
-26
-25
-24
-23
-22
-21
Next