Breaking the Browser: a tale of IPC, credentials and backdoors... new research and tools by @_batsec_ on how to tap chrome mdsec.co.uk/2021/01/breaking…
Just pushed a few more examples to the OffensiveNim repo: shellcode exec via inline assembly, direct syscalls and encryption/decryption using AES256.
github.com/byt3bl33d3r/Offen…
There's a lot going around about analyzing Azure AD environments for compromise and risky/rogue permissions lately. Most focus on logs, but if there are no (more) logs or you just want to review AAD as a blue teamer, here is how ROADrecon (github.com/dirkjanm/ROADtool…) can help:
Wow, this was easier than I expected (esp. considering how much I procrastinated)!
A small #Ghidra script to mark functions based on how much cyclomatic complexity they lead to:
github.com/v-p-b/rabbithole
MemProcFS v3.7 - a new python plugin system and some registry parsing; otherwise mostly fixes to existing functionality (services, mft, time-info) this time. github.com/ufrisk/MemProcFS