Linux_kernel_exploits

Linuxkernelexploits Some Linux kernel exploits for various real world kernel vulnerabilities here. More exploits are yet to come. This repo contains the exploits developed during a research project, as well as the code of FUZE to facilitate exploit generation. What is FUZE FUZE is a framework to...

BinAbsInspector - Vulnerability Scanner For Binaries

BinAbsInspector Binary Abstract Inspector is a static analyzer for automated reverse engineering and scanning vulnerabilities in binaries, which is a long-term research project incubated at Keenlab. It is based on abstract interpretation with the support from Ghidra. It works on Ghidra's Pcode...

Announcing the Microsoft Identity Research Project Grant

We are excited to announce the Microsoft Identity Research Project Grant a new opportunity in partnership with the security community to help protect Microsoft customers. This project grant awards up to $75,000 USD for approved research proposals that improve the security of the Microsoft Identit...

ACT Platform - Open Platform For Collection And Exchange Of Threat Intelligence Information

Semi-Automated Cyber Threat Intelligence ACT is a research project led by mnemonic as with contributions from the University of Oslo, NTNU, Norwegian Security Authority NSM, KraftCERT and Nordic Financial CERT. The main objective of the ACT project is to develop a platform for cyber threat...

How DNA Databases Violate Everyone's Privacy

If you're an American of European descent, there's a 60% chance you can be uniquely identified by public information in DNA databases. This is not information that you have made public; this is information your relatives have made public. Research paper: "Identity inference of genomic data using...

New Research: Crypto-mining Drives Almost 90% of All Remote Code Execution Attacks

It’s early in 2018 and we have already witnessed one of the top contenders in this year’s web application attacks. Continuing the trend from the last months of 2017, crypto-mining malware is quickly becoming attackers’ favorite modus operandi. In December 2017, 88 percent of all remote code...

Limon - Sandbox for Analyzing Linux Malwares

Limon is a sandbox developed as a research project written in python, which automatically collects, analyzes, and reports on the run time indicators of Linux malware. It allows one to inspect the Linux malware before execution, during execution, and after execution post-mortem analysis by...

Peer-to-Peer Botnet Takedowns a Challenge

The FBI, Justice Department and technology companies have had success shutting down botnets that rely on a centralized infrastructure and command and control servers to communicate with bots, steal data or send malicious commands. Peer-to-peer botnets, however, have proven more difficult to take...

[MajorSecurity Advisory #39]onelook onebyone CMS - Session fixation Issue

MajorSecurity Advisory 39onelook onebyone CMS - Session fixation Issue Details ======= Product: onebyone CMS Remote-Exploit: yes Vendor-URL: http://www.onebyone.ch/ Vendor-Status: informed Advisory-Status: published Credits ============ Discovered by: David Vieira-Kurz http://www.majorsecurity.de...

Remote File Inclusion in ViperWeb

PHP remote file inclusion vulnerabilities in ViperWeb Portal allow remote attackers to execute arbitrary PHP code via a URL in the $modpath variable. http://TargetWeb/index.php?modpath=EvilScript Found in: line32. Code: include$modpath; Vulnerability found by Abdus Samad Advanced Research Project...