█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 01 | Month: January | Year: 2019 | Release Date: 04/01/2019 | Edition: #255 ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that's really worth your time! URL: https://hackerone.com/reports/397478 Description: Privilege Escalation via Keybase Helper on MacOS. URL: https://abiondo.me/2019/01/02/exploiting-math-expm1-v8/ Description: Exploiting the Math.expm1 typing bug in V8. ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://github.com/mitchmoser/sputnik Blog: http://bit.ly/2F3R9KB (+) Description: Open Source Intelligence Browser Extension. URL: http://bit.ly/2Vox9aJ (+) Description: I found a GCP service account token...now what? URL: https://github.com/Gbps/gbhv Description: Gbhv - Simple x64 Hypervisor Framework. URL: https://github.com/elfmaster/dsym_obfuscate Description: Obfuscates dynamic symbol table. URL: https://github.com/outflanknl/RedELK/ Description: Red Team's SIEM. URL: https://github.com/ecthros/uncaptcha2 Description: Defeating the latest version of ReCaptcha with 91% accuracy. URL: https://www.iceswordlab.com/2018/07/25/kdhack/ Description: Open Win10RS4ARM64 remote kernel debugging tour. URL: https://github.com/rvrsh3ll/SharpCOM Description: SharpCOM is a c# port of Invoke-DCOM. URL: http://www.pwn3d.org/posts/7821231-gxpn-prep-2basic-scapy-review Description: Basic Scapy Review. URL: https://github.com/BorjaMerino/DNS-Polygraph Description: Tool designed to study the answers of your DNS resolver. URL: https://github.com/radareorg/cutter Description: A Qt and C++ GUI for radare2 reverse engineering framework. URL: https://github.com/payatu/CVE-2018-14442 Description: PoC for Foxit Reader Use-After-Free -> RCE (CVE-2018-14442). ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues. URL: https://nebelwelt.net/blog/20181231-BOP.html PoC: https://github.com/HexHive/BOPC Description: Automating data-only attacks through Block Oriented Programming (BOP). URL: http://bit.ly/2Vth6bm (+) Description: Yes, More Callbacks — The Kernel Extension Mechanism. URL: https://www.davidwong.fr/tls13/ Description: A Readable Specification of TLS 1.3. URL: https://www.lolhax.org/2019/01/02/extracting-keys-f00d-crumbs-raccoon-exploit/ Description: Extracting keys from F00D Crumbs - Raccoon exploit! URL: https://www.imperialviolet.org/2019/01/01/zkattestation.html Description: Zero-knowledge attestation. URL: http://bit.ly/A-Long-Evening-With-macOSs-Sandbox (+) Description: A long evening with iOS and macOS Sandbox. URL: http://bit.ly/2AvBujp (+) Description: Microsoft Edge - Out-of-Memory Error Issue (MSRC Case 47790). URL: https://akijosberryblog.wordpress.com/2019/01/01/malicious-use-of-microsoft-laps/ Description: Malicious use of Microsoft LAPS. URL: https://www.secjuice.com/php-rce-bypass-filters-sanitization-waf/ Description: How To Exploit PHP Remotely To Bypass Filters & WAF Rules. URL: https://blog.talosintelligence.com/2018/05/telegrab.html Description: TeleGrab - Grizzly Attacks on Secure Messaging. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time? URL: http://misbehaving.site/ Description: A less well-behaved version of httpbin. URL: https://gamehistory.org/simcity/ Description: Recovering Nintendo’s Lost SimCity for the NES. URL: https://github.com/EnergizedProtection/block Description: Let's make an annoyance free, better open internet, altogether! ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d20687474703a2f2f706174686f6e70726f6a6563742e636f6d https://pathonproject.com/zb/?17c34244d4946953#PvsXEnUY5yHZg1lhX7Nv4lUVZY/rrgkCSzfpbi+/pAA=