-
Jan 22, 2018
Microcode is an abstraction layer on top of the physical components of a CPU and is present in most CPUs. It facilitate complex instruction sets, but it also provides an update mechanism that allows CPUs to be patched in-place without… read more »
-
Jan 19, 2018
Package your python application (for Windows and Linux) with just a right-click! Recently I've written a brief post about the packaging of a python script for Linux and Windows on a Linux machine, using PyInstaller and Wine. Today i want… read more »
-
Jan 17, 2018
LaZagne is a tool developed by Alessandro Zanni useful to retrieve passwords stored on a local computer by most commonly-used software. The tool displays passwords for (currently) 22 Windows and 12 Linux programs. Each software stores its passwords using different… read more »
-
Jan 15, 2018
PE-sieve is a small tool for investigating inline hooks and other in-memory code patches, developed by hasherezade. The tool, based on libpeconv (also developed by hasherezade), scans a given process and searching for the modules containing in-memory code modifications. When… read more »
-
Jan 12, 2018
Arsalan Mosenia, Xiaoliang Dai, Prateek Mittal and Niraj Jha, in paper recently published, describe a new user-location mechanism that exploits non-sensory/sensory data stored on the smartphone to estimate the user's location when all location services are turned off. The technique,… read more »
-
Jan 10, 2018
Recently at Black Hat Europe conference, Tal Liberman and Eugene Kogan (enSilo lab) presented a a new code injection technique called "Process Doppelgänging", that works on all Windows versions and seems to be able to bypass most of today's major… read more »
-
Jan 8, 2018
Pavel Boldin published a new PoC exploit of Meltdown vulnerability working on Linux, written in C. "Speculative optimizations execute code in a non-secure manner leaving data traces in microarchitecture such as cache." Can only dump linux_proc_banner at the moment, since… read more »
-
Jan 6, 2018
In-Spectre-Meltdown is a PoC developed by Viral Maniar using Python and Powershell to check speculative execution side-channel attacks that affect many modern processors and operating systems designs that allows unprivileged processes to steal secrets from privileged processes. This tool is based on… read more »