Exploit Development

470 readers
1 users here now

A curated community dedicated to strictly technical materials about vulnerability research, exploit development and reverse engineering.

founded 2 years ago
MODERATORS
udunadan
listing: all - local
51
1
Two Stories for "What is CHERI?" (tratt.net)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
 
 

CHERI extends conventional hardware Instruction-Set Architectures (ISAs) with new architectural features to enable fine-grained memory protection and highly scalable software compartmentalization. The CHERI memory-protection features allow historically memory-unsafe programming languages such as C and C++ to be adapted to provide strong, compatible, and efficient protection against many currently widely exploited vulnerabilities.

52
3
Windows Installer arbitrary content manipulation Elevation of Privilege (CVE-2020-0911) (offsec.almond.consulting)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
53
9
StackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability (www.openwall.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
 
 

https://github.com/lrh2000/StackRot

54
7
Manjaro 0day LPE via pamac (github.com)
submitted 2 years ago* (last edited 2 years ago) by himazawa to c/exploitdev
0 comments fedilink
55
3
GitHub - kungfulon/nf-tables-lpe (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
 
 

Exploits of Team Orca from Sea Security and Qrious Secure for multiple vulnerabilities in Netfilter's nf_table module.

56
1
Intel VT-rp - Part 1. remapping attack and HLAT (tandasat.github.io)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
57
5
Android SELinux Internals Part I | 8kSec Blogs (8ksec.io)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
58
7
GitHub - airbus-cyber/ghidralligator (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
 
 

Ghidralligator is a C++ multi-architecture pcode emulator based on the Ghidra libsla, designed for fuzzing with AFL++.

It allows performing emulation-based fuzzing while keeping interesting performances when dealing with binaries running on exotic architectures.

Its extensible nature makes it easy to emulate literally every architecture (as long as you can write the corresponding Sleigh specification file) to fuzz arbitrary piece of code.

59
6
Finding bugs in C code with Multi-Level IR and VAST (blog.trailofbits.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
60
1
Finding Gadgets for CPU Side-Channels with Static Analysis Tools (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
61
1
Uncontained: Uncovering Container Confusion in the Linux Kernel (www.vusec.net)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
62
1
TurtleARM/CVE-2023-3338: Linux kernel LPE practice with an NPD vulnerability (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
63
3
The patch for the new WebKit 0-day used in Operation Triangulation (CVE-2023-32439) (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
64
1
EATGuard: Implementation of an export address table protection mitigation, like Export Address Filtering (EAF) (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
65
3
osx-re-101: A collection of resources for OSX/iOS reverse engineering. (github.com)
submitted 2 years ago by udunadan to c/exploitdev
1 comments fedilink
66
7
Safely detect whether a FortiGate SSL VPN instance is vulnerable to CVE-2023-27997 based on response timing (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
67
2
TurboRand: V8 Type Confusion Private Property Leak - SSD Secure Disclosure (ssd-disclosure.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
68
3
CVE-2023-21931 & CVE-2023-21839 RCE via post-deserialization (www.vicarius.io)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
69
1
Hexagon decompiler for Ghidra (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
70
2
CVE-2023-2008 - Analyzing and exploiting a bug in the udmabuf driver (labs.bluefrostsecurity.de)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
71
2
chonked pt.2: exploiting cve-2023-33476 for remote code execution (blog.coffinsec.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
72
1
"Breaking the Code - Exploiting and Examining CVE-2023-1829 in cls_tcindex Classifier Vulnerability (starlabs.sg)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
73
2
The boom, the bust and the adjust: The offensive cybersecurity industry — trends and updates (medium.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
74
4
Advanced binary fuzzing using AFL++-QEMU and libprotobuf: a practical case of grammar-aware in-memory persistent fuzzing (airbus-seclab.github.io)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
75
4
CVE-2023-20178 / Arbitrary File Delete vulnerability in Cisco Secure Client and Cisco AnyConnect (github.com)
submitted 2 years ago by udunadan to c/exploitdev
0 comments fedilink
view more: ‹ prev next ›