Last Week in Security (LWiS) - 2021-08-09 Cobalt Strike Updates (@joevest, @adamsvoboda), ProxyShell [another exchange RCE] (@orange_8361).... 2021-08-10 12:59:00 | 阅读: 38 | 收藏 | blog.badsectorlabs.com windows cobalt exchange bypass c2

Last Week in Security (LWiS) - 2021-08-02 "Always Notify" UAC bypass (@hFireF0X + @axagarampur), NTLM relaying to AD CS (@_dirkjan), 2x AD... 2021-08-03 12:59:00 | 阅读: 61 | 收藏 | blog.badsectorlabs.com relaying bypass lpe petitpotam

Last Week in Security (LWiS) - 2021-07-26 User readable SAM hives (@jonasLyk and @cube0x0), PetitPotam takes off (@topotam77), Smart AD bru... 2021-07-27 12:59:00 | 阅读: 47 | 收藏 | blog.badsectorlabs.com windows shellcode security petitpotam inject

Last Week in Security (LWiS) - 2021-07-19 iOS exploit campaign (@amnesty + others), PrintNightmare refuses to die (@gentilkiwi), readable S... 2021-07-20 12:59:00 | 阅读: 39 | 收藏 | blog.badsectorlabs.com windows remote security memory aruba

Last Week in Security (LWiS) - 2021-07-12 Arbitrary exe's as BOFs (@phraaaaaaa), .NET exe's via BOF (@anthemtotheego), enterprise grade RCE... 2021-07-13 12:59:00 | 阅读: 48 | 收藏 | blog.badsectorlabs.com microsoft windows asprotect bofs cobalt

Last Week in Security (LWiS) - 2021-07-06 PrintNightmare saga (@cube0x0, @gentilkiwi, + others), Gatekeeper bypass (@theevilbit), DLL sidel... 2021-07-07 11:45:00 | 阅读: 61 | 收藏 | blog.badsectorlabs.com windows sideloading lpe vcenter malicious

Last Week in Security (LWiS) - 2021-06-28 Ghidra 10, Windows 11, Salesforce audit tool (@exploresecurity), XSS parser defeat (@bishopfox),... 2021-06-29 11:45:00 | 阅读: 63 | 收藏 | blog.badsectorlabs.com windows microsoft security virtualbox bypass

Last Week in Security (LWiS) - 2021-06-21 AD pwnage (@harmj0y, @tifkin_, and @elad_shamir), ImageLoad bypass (@_batsec_), bofnet_executeass... 2021-06-22 10:10:00 | 阅读: 67 | 收藏 | blog.badsectorlabs.com windows phishing payload bypass

Last Week in Security (LWiS) - 2021-06-14 Decrypting Veeam passwords (@checkymander), bypass Windows kASLR (@33y0re), Code > Commands (@The... 2021-06-15 11:45:00 | 阅读: 79 | 收藏 | blog.badsectorlabs.com windows bypass memory machine veeam

Last Week in Security (LWiS) - 2021-06-08 Bypassing NAC (@theluemmel), Outlook COM tool (@eks_perience), Transacted Hollowing (@hasherezade... 2021-06-09 12:45:00 | 阅读: 44 | 收藏 | blog.badsectorlabs.com hollowing security cobalt nac

Last Week in Security (LWiS) - 2021-05-31 ESXi heap overflow RCE (@straight_blast), abusing .NET dev features (@bohops), new book (@1njecti... 2021-06-02 11:40:00 | 阅读: 71 | 收藏 | blog.badsectorlabs.com bypass vcenter microsoft overflow shortcut

Last Week in Security (LWiS) - 2021-05-24 CloudFlare IP filtering (@vysecurity), DNSStager (@mohammadaskar2), Cobalt Strike OPSEC (@jmoosdi... 2021-05-25 12:59:00 | 阅读: 53 | 收藏 | blog.badsectorlabs.com attacker security memory microsoft cpython

Last Week in Security (LWiS) - 2021-05-17 Exim RCE (@lockedbyte), Windows kernel exploit writeup (@33y0re), plaintext RDP creds from memory... 2021-05-19 08:45:00 | 阅读: 43 | 收藏 | blog.badsectorlabs.com microsoft bloodhound memory defender exim

Last Week in Security (LWiS) - 2021-05-10 Full DarkHotel exploit ⛓️ (@_ForrestOrr), DomainBorrowing (@md5_salt), WinPmem to dump LSASS (@Th... 2021-05-12 06:30:00 | 阅读: 52 | 收藏 | blog.badsectorlabs.com phishing windows memory exim mauritius

Last Week in Security (LWiS) - 2021-05-03 Policy change (@github), Marauder's map (@Jean_Maes_1994), Null byte injection in GoAhead (@luker... 2021-05-04 12:59:00 | 阅读: 61 | 收藏 | blog.badsectorlabs.com loader github burp injection windows

Last Week in Security (LWiS) - 2021-04-26 New APIs/syscalls for EDR bypass (@yarden_shafir), UAF browser exploit dev (@33y0re), PowerView r... 2021-04-28 08:25:00 | 阅读: 62 | 收藏 | blog.badsectorlabs.com windows bypass security patent hardware

Last Week in Security (LWiS) - 2021-04-19 0 to RCE against a CMS (@ultrayoba), tcpip.sys patch diffing for N-days (@0vercl0k), detecting st... 2021-04-20 12:59:00 | 阅读: 57 | 收藏 | blog.badsectorlabs.com windows jxa exchange security remote

Last Week in Security (LWiS) - 2021-04-12 0-click Linux BT RCE (@theflow0), deanonymizing LinkedIn users (@h3xstream), PPL demystified (@it... 2021-04-13 12:59:00 | 阅读: 46 | 收藏 | blog.badsectorlabs.com windows remote security redirectors chrome

Last Week in Security (LWiS) - 2021-04-05 PATH shim (@djhohnstein), C2 profile randomizer (@joevest), website to wordlist tool (@Matt_Grand... 2021-04-06 12:59:00 | 阅读: 35 | 收藏 | blog.badsectorlabs.com security wireguard ubiquiti shim c2

Last Week in Security (LWiS) - 2021-03-29 Real APT discovery (@IgorBog61650384), a new heap exploitation technique (@Dooflin5), SAML inject... 2021-03-30 12:32:00 | 阅读: 54 | 收藏 | blog.badsectorlabs.com memory windows php microsoft fronting