JadedWraith - Light-weight UNIX Backdoor

Lightweight UNIX backdoor for ethical hacking. Useful for red team engagements and CTFs. Something I wrote a few years ago as part of a game I was playing with a friend to try to backdoor as many VMs in each other's labs without being caught or having our tools reverse engineered/signatured...

Detection evasion in CLR and tips on how to detect such attacks

In terms of costs, the age-old battle that pits attacker versus defender has become very one sided in recent years. Almost all modern attacks and ethical offensive exercises use Mimikatz, SharpHound, SeatBelt, Rubeus, GhostPack and other toolsets available to the community. This so-called...

PS2EXE - Module To Compile Powershell Scripts To Executables

Overworking of the great script of Ingo Karstein with GUI support. The GUI output and input is activated with one switch, real windows executables are generated. With Powershell 5.x support and graphical front end. Module version. You find the script based version here...

Libxsmm 代码问题漏洞

Libxsmm is a library. for specialized dense and sparse matrix operations as well as deep learning primitives e.g., small convolutions. A security vulnerability exists in libxsmm that stems from the presence of a null pointer dereference in JIT code. It allows an attacker to cause a denial of...

OPENSUSE-SU-2021:1244-1 Security update for ntfs-3g_ntfsprogs

This update for ntfs-3gntfsprogs fixes the following issues: Update to version 2021.8.22 bsc1189720: Fixed compile error when building with libfuse vs Allowed using the full library API on systems without extended attributes support Fixed DISABLEPLUGINS as the condition for not using plugins...

SUSE-SU-2021:2971-1 Security update for ntfs-3g_ntfsprogs

This update for ntfs-3gntfsprogs fixes the following issues: Update to version 2021.8.22 bsc1189720: Fixed compile error when building with libfuse vs Allowed using the full library API on systems without extended attributes support Fixed DISABLEPLUGINS as the condition for not using plugins...

Compilation database: An alternative way to configure your C or C++ analysis

Analyzing C or C++ code requires - in addition to the source code - the configuration that is used to build the code. At SonarSource, we have provided a tool to automate the extraction of this information, the build wrapper. This tool has been used successfully with many projects, yet there are...

OPENSUSE-SU-2021:1178-1 Security update for tor

This update for tor fixes the following issues: tor 0.4.6.7: Fix a DoS via a remotely triggerable assertion failure boo1189489, TROVE-2021-007, CVE-2021-38385 tor 0.4.6.6: Fix a compilation error with gcc 7, drop tor-0.4.6.5-gcc7.patch Enable the deterministic RNG for unit tests that covers the...

OPENSUSE-SU-2021:1169-1 Security update for tor

This update for tor fixes the following issues: tor 0.4.6.7: Fix a DoS via a remotely triggerable assertion failure boo1189489, TROVE-2021-007, CVE-2021-38385 tor 0.4.6.6: Fix a compilation error with gcc 7, drop tor-0.4.6.5-gcc7.patch Enable the deterministic RNG for unit tests that covers the...

Security update for tor (important)

openSUSE Security Update: Security update for tor Announcement ID: openSUSE-SU-2021:1169-1 Rating: important References: 1189489 Cross-References: CVE-2021-38385 Affected Products: openSUSE Leap 15.2 An update that fixes one vulnerability is now available. Description: This update for tor fixes t...

Mozilla: Incorrect instruction reordering during JIT optimization

Instruction reordering resulted in a sequence of instructions that would cause an object to be incorrectly considered during garbage collection. This led to memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird 78.13, Thunderbird 91, Firefox ESR 78.13, and...

OPENSUSE-SU-2021:1125-1 Security update for aria2

This update for aria2 fixes the following issues: Update to version 1.35.0: Drop SSLv3.0 and TLSv1.0 and add TLSv1.3 TLSv1.3 support is added for GNUTLS and OpenSSL. Platform: Fix compilation without deprecated OpenSSL APIs Remove linux getrandom and use C++ stdlib instead Don't send Accept...

Security update for aria2 (moderate)

openSUSE Security Update: Security update for aria2 Announcement ID: openSUSE-SU-2021:1125-1 Rating: moderate References: 1189107 Cross-References: CVE-2019-3500 CVSS scores: CVE-2019-3500 NVD : 7.8 CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H Affected Products: openSUSE Leap 15.2 openSUSE...

Edge’s Super Duper Secure Mode benchmarked: How much speed would you trade for security?

In an attempt to make Edge more secure, the Microsoft Vulnerability Research team has started to experiment with disabling Just-In-Time JIT compilation in the browsers V8 JavaScript engine, to create what its calling Super Duper Secure Mode. The reasoning behind this experiment sounds valid. A...

DcRat - A Simple Remote Tool Written In C#

DcRat is a simple remote tool written in C Introduction Features TCP connection with certificate verification, stable and security Server IP port can be archived through link Multi-Server,multi-port support Plugin system through Dll, which has strong expansibility Super tiny client size about 405...

Forblaze - A Python Mac Steganography Payload Generator

Forblaze is a project designed to provide steganography capabilities to Mac OS payloads. Using python3, it will build an Obj-C file for you which will be compiled to pull desired encrypted URLs out of the stego file, fetch payloads over https, and execute them directly into memory. It utilizes...

cmake bug fix and enhancement update

CMake is an open source, cross-platform build system that is used to control the software compilation process using simple platform- and compiler-independent configuration files. CMake generates native makefiles and workspaces that can be used in the compiler environment of your choice. Bug Fixes...

SUSE: Security Advisory (SUSE-SU-2019:13991-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2870-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2020:2800-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...