.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
CVE-2023-4427 – Unveiling Chrome Vulnerability Exploitation And Mitigation Strategies
.webp "CVE-2023-4427 – Unveiling Chrome Vulnerability Exploitation And Mitigation Strategies")
In this article, we delve into the intricacies of a recently discovered vulnerability in Google Chrome, identified as CVE-2023-4427. Discovered by glazunov and originating from the v8ctf platform, this vulnerability poses significant risks to users of Chrome version 117.0.5938.62 on Linux systems. We explore the methods utilized to exploit this vulnerability, including bypassing Address Space Layout Randomization (ASLR) and...
CVE-2024-20931 – Bypassing Patched Vulnerabilities In Oracle WebLogic
.webp "CVE-2024-20931 – Bypassing Patched Vulnerabilities In Oracle WebLogic")
A vulnerability that serves as a bypass for the patched CVE-2023-21839 in Oracle WebLogic. This article delves into the exploit's mechanics, showcasing its usage and providing insights into its development and implications within the cybersecurity landscape. CVE-2024-20931, this is the bypass of the patch of CVE-2023-21839 Oracle Weblogic Usage: Setup JNDI, the specific one Exploit: java -jar CVE-2024-20931.jar Please input target IP:127.0.0.1 Please input...
Automated Multi UAC Bypass – Streamlining Elevation Across Windows Versions
.webp "Automated Multi UAC Bypass – Streamlining Elevation Across Windows Versions")
In today's digital landscape, navigating User Account Control (UAC) prompts efficiently across various Windows operating system versions is a critical aspect of system administration and security testing. This article explores an innovative approach to automate UAC bypasses, offering a seamless experience tailored for a spectrum of Windows versions, including Windows 10, Windows 11, Windows Server 2019, and Windows Server...
Clight GUI – Empowering Users With A User-Friendly Interface For Brightness Control On Linux
.webp "Clight GUI – Empowering Users With A User-Friendly Interface For Brightness Control On Linux")
A graphical user interface built on Qt, designed to streamline the configuration and control of Clight and Clightd daemons. With features like tray applets for easy access to settings and seamless integration with the latest versions of Clight and Clightd, this tool offers Linux users a convenient solution for managing brightness settings. Explore how Clight GUI enhances your Linux...
io_uring_LPE-CVE-2023-2598 : Analysis Of The Conquering Memory Exploit
.webp "io_uring_LPE-CVE-2023-2598 : Analysis Of The Conquering Memory Exploit")
We dissect the exploit's mechanisms, shedding light on how it manipulates memory through io_uring. By delving into the technical nuances, we aim to provide a comprehensive understanding of this critical security issue for educational and research purposes. LPE exploit for CVE-2023-2598. My write-up of the vulnerability: Conquering the memory through io_uring - Analysis of CVE-2023-2598 You can compile the exploit with gcc exploit.c -luring...
TPM Sniffing – Unveiling Methods To Retrieve Bitlocker Keys Through Hardware Communication Channels
.webp "TPM Sniffing – Unveiling Methods To Retrieve Bitlocker Keys Through Hardware Communication Channels")
Retrieving Bitlocker keys from the TPM using SPI, I2C or LPC communications requires an understanding of the specific protocol supported by the TPM chip, as well as the device's make and model. Proper documentation and research are essential for successful key retrieval. This repo is to collaborate all the awesome resources and information hopefully into one place! NOTE: I'm 100%...
H4X-Tools : Empowering OSINT Enthusiasts With A Comprehensive Toolkit
.webp "H4X-Tools : Empowering OSINT Enthusiasts With A Comprehensive Toolkit")
Discover the power of H4X-Tools, a versatile toolkit designed for scraping, OSINT (Open-Source Intelligence), and beyond. From extracting information from social media accounts to conducting phone and IP lookups, H4X-Tools offers a wide array of functionalities to aid researchers, developers, and security enthusiasts alike. Explore its features, installation process, and community-driven development in this article. Toolkit for scraping, OSINT...
Hashcat – Unleashing The Power Of The World’s Fastest And Most Advanced Password Recovery Utility
.webp "Hashcat – Unleashing The Power Of The World’s Fastest And Most Advanced Password Recovery Utility")
Hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 300 highly-optimized hashing algorithms. Hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and macOS, and has facilities to help enable distributed password cracking. License Hashcat is licensed under the MIT license. Refer to docs/license.txt for more information. Installation Download the latest release and unpack it in...
Introduction To Cryptography – The Vigenère Cipher : Racking The Code And Exploring Its Challenges
.webp "Introduction To Cryptography – The Vigenère Cipher : Racking The Code And Exploring Its Challenges")
In my first cryptography blogpost I introduced some definitions and concepts, one of them was the concept of substitution ciphers. In short, those ciphers substitute plaintext tokens by some methodology that depends on the cipher's key. I did forget to mention - encryption and decryption methodologies might be slightly different but the key would be used for both encryption and decryption - those...
LLVM-YX-Callobfuscator : Enhancing Windows x64 Native Call Security At Compile Time
%20(1).png "LLVM-YX-Callobfuscator : Enhancing Windows x64 Native Call Security At Compile Time")
A powerful LLVM plugin designed to bolster the security of Windows x64 native calls during the compilation process. This innovative tool transparently applies stack spoofing and indirect syscalls, providing enhanced protection against potential threats. LLVM plugin to transparently apply stack spoofing and indirect syscalls to Windows x64 native calls at compile time. "I've 5 Mins, What Is This?" This project is a...
