Seclog - #94

·

2 min read

📚 SecMisc

  • Tools Index | Hackers of India - A comprehensive index of hacking tools. Read More

  • Unleash the Power of Censys Search - A guide for using Censys search effectively. Read More

  • Lambda Watchdog - A monitoring tool for AWS Lambda functions. Read More

  • Ruby-SAML / GitLab Authentication Bypass (CVE-2024-45409) - Details on a critical authentication bypass vulnerability. Read More

  • An Introduction to Chrome Exploitation - Maglev Edition - Dive into Chrome's V8 engine exploitation. Read More

  • How Cloudflare auto-mitigated world record 3.8 Tbps DDoS attack - Insights into Cloudflare's DDoS mitigation techniques. Read More

  • A step-by-step guide to writing an iOS kernel exploit - Detailed walkthrough of iOS kernel exploitation. Read More

  • How-to: Detecting secrets in video content - Techniques for identifying sensitive information in videos. Read More

  • Reversing 'France Identité': the new French digital ID - Analysis of France's digital identity system. Read More

  • Lava Post-Mortem: March 28, 2024 - Detailed analysis of a security incident. Read More

🐦 SecX

  • Malicious VSCode Extension Alert - Lorenz Lehmann shares his experience of nearly installing a malicious VSCode extension, highlighting the evolving tactics of hackers. Read More

  • "Hackers" TV Episode (1996) - Reminder of the first episode of "Net Cafe" featuring prominent hackers of the time. Read More

🎥 SecVideo

  • My theory on how the webp 0day was discovered (BLASTPASS) - Analysis of a critical WebP vulnerability. Watch Here

  • 257 - Attack of the CUPS and Exploiting Web Views via HSTS - Exploration of CUPS attacks and HSTS exploitation. Watch Here

  • Platform security in NixOS - Discussion on security features in NixOS. Watch Here

💻 SecGit

  • nianticlabs/venator - A flexible detection platform for K8s environments. Explore on GitHub

  • PeterGabaldon/CVE-2024-7479_CVE-2024-7481 - PoC for TeamViewer User to Kernel Elevation of Privilege. Explore on GitHub

  • i-am-shodan/USBArmyKnife - Ultimate close access tool for penetration testers and red teamers. Explore on GitHub

  • Chocapikk/CVE-2024-45519 - Zimbra Remote Command Execution vulnerability. Explore on GitHub

For suggestions and any feedback, please contact: securify@rosecurify.com