Last Week in Security (LWiS) - 2022-01-18 CI/CD pipeline war stories (@0xZon1 + others), Serv-U exploit writing (Cal Livitt of @bishopfox),... 2022-1-19 08:9:0 | 阅读: 27 | 收藏 | blog.badsectorlabs.com security fsb loader criminal flutter

Last Week in Security (LWiS) - 2022-01-10 More JDNI to RCE (@jfrog), parallel loader (@peterwintrsmith and @cube0x0), MS signed phishing do... 2022-1-11 12:59:0 | 阅读: 29 | 收藏 | blog.badsectorlabs.com nighthawk staging defender jdni beacon

Last Week in Security (LWiS) - 2022-01-03 New RE training (@ZeroPeril), macOS Gatekeeper bypass (@ethicalhax + @patrickwardle), remote PS (... 2022-1-4 12:25:0 | 阅读: 31 | 收藏 | blog.badsectorlabs.com windows remote log4j memory security

Last Week in Security (LWiS) - 2021-12-20 Explaining the 0click iOS exploit (@i41nbeer and @5aelo), new loader (@zux0x3a), first look at Ni... 2021-12-21 11:25:0 | 阅读: 38 | 收藏 | blog.badsectorlabs.com cobalt memory injection clipboard analysis

Last Week in Security (LWiS) - 2021-12-14 Log4j RCE, sAMAccountName [DA from any user] (@exploitph), XLAM tricks (@_DaWouw), Cobalt Strike... 2021-12-15 15:54:55 | 阅读: 24 | 收藏 | blog.badsectorlabs.com microsoft cobalt log4j debugger network

Last Week in Security (LWiS) - 2021-12-07 Windows LPE 0day (@KLINIX5), Windows 10 URI handler "RCE" (@positive_sec), detect anomalous TLS c... 2021-12-08 13:59:00 | 阅读: 34 | 收藏 | blog.badsectorlabs.com windows bitlocker gate security lpe

Last Week in Security (LWiS) - 2021-11-22 AFL++ on Android (@Gr33nh4t), Qualcomm NPU exploits (@mmolgtm), sysWhipser research (@CaptMeelo),... 2021-11-23 10:45:00 | 阅读: 31 | 收藏 | blog.badsectorlabs.com tpm security nucleus exchange memory

Last Week in Security (LWiS) - 2021-11-16 The future of NTLM relaying (@_EthicalChaos_), Windows updates for hackers (@bitsadmin), Syscall... 2021-11-17 10:45:00 | 阅读: 27 | 收藏 | blog.badsectorlabs.com windows analysis c2

Last Week in Security (LWiS) - 2021-11-08 DLL proxying helper BOFs (@the_bit_diddler), Cobalt Strike traffic decryption (@DidierStevens), C... 2021-11-09 11:58:08 | 阅读: 43 | 收藏 | blog.badsectorlabs.com security cobalt ces cep analysis

Last Week in Security (LWiS) - 2021-11-01 DLL proxying with artifact kit (@joevest), lateral movement 101 (@_RastaMouse), Windows kernel dr... 2021-11-02 11:00:00 | 阅读: 46 | 收藏 | blog.badsectorlabs.com artifact cobalt security bypass windows

Last Week in Security (LWiS) - 2021-10-27 Windows LPE 0day (@KLINIX5), and lots more!Last Week in Security is a summary of the interest... 2021-10-28 10:35:27 | 阅读: 40 | 收藏 | blog.badsectorlabs.com security windows analysis lpe

Last Week in Security (LWiS) - 2021-10-19 macOS ESF playground (@jbradley89), Azure privesc via service principles (@_wald0), Java gadget f... 2021-10-20 04:25:00 | 阅读: 50 | 收藏 | blog.badsectorlabs.com security windows oauth2 cobalt skeleton

Last Week in Security (LWiS) - 2021-10-11 iOS 15 IOMFB exploit (@AmarSaar), new lsass dumper (@thefLinkk), SharpCalendar (@sadpanda_sec), g... 2021-10-12 11:26:00 | 阅读: 30 | 收藏 | blog.badsectorlabs.com windows gcphound weakpass mythic youtube

Last Week in Security (LWiS) - 2021-10-06 OffensiveRust (@trickster012), persistence via preview panes (@matterpreter + @mutantvillian), de... 2021-10-07 13:27:47 | 阅读: 34 | 收藏 | blog.badsectorlabs.com facebook shellcode dcom security bypass

Last Week in Security (LWiS) - 2021-09-28 PPLDump BOF (@the_bit_diddler), code-signed rootkits (@HackingThings), remote windows password re... 2021-09-29 12:59:00 | 阅读: 38 | 收藏 | blog.badsectorlabs.com windows github cooking finspy remote

Last Week in Security (LWiS) - 2021-09-20 OMI agent RCE in Azure (@shirtamari), dynamic mac malware RE (@philofishal), Teams spoofing (@mrd... 2021-09-21 12:59:00 | 阅读: 56 | 收藏 | blog.badsectorlabs.com omi spoofing security roslyn

Last Week in Security (LWiS) - 2021-09-14 Word RCE, Advanced Nim tradecraft (@snovvcrash), TCC bypass (@_r3ggi), encrypted heap allocations... 2021-09-15 09:59:00 | 阅读: 44 | 收藏 | blog.badsectorlabs.com analysis chrome windows c2 microsoft

Last Week in Security (LWiS) - 2021-09-07 Mental models for offsec dev (@Jackson_T), lockscreen bypass (@KLINIX5), DLL hijacking/cloning (@... 2021-09-08 12:59:00 | 阅读: 53 | 收藏 | blog.badsectorlabs.com windows security tunnels notebook beacon

Last Week in Security (LWiS) - 2021-08-23 iOS CSAM fallout (), JS surveillance framework (@imp0rtp3 + @felixaime), 1Password dumper (@djhoh... 2021-08-24 12:59:00 | 阅读: 42 | 收藏 | blog.badsectorlabs.com security windows microsoft csam porchetta

Last Week in Security (LWiS) - 2021-08-16 ProFTPd UAF (@lockedbyte), API hacking (@hakluke and @Farah_Hawaa), file ext tricks (@mrd0x), bui... 2021-08-17 12:59:00 | 阅读: 49 | 收藏 | blog.badsectorlabs.com sysmon security otp windows proftpd