█████╗ ██████╗ ██████╗ ███████╗███████╗ ██████╗ ███████╗███████╗██╗███╗ ██╗███████╗ ██╔══██╗██╔══██╗██╔══██╗██╔════╝██╔════╝██╔════╝ ██╔════╝╚══███╔╝██║████╗ ██║██╔════╝ ███████║██████╔╝██████╔╝███████╗█████╗ ██║ █████╗ ███╔╝ ██║██╔██╗ ██║█████╗ ██╔══██║██╔═══╝ ██╔═══╝ ╚════██║██╔══╝ ██║ ██╔══╝ ███╔╝ ██║██║╚██╗██║██╔══╝ ██║ ██║██║ ██║ ███████║███████╗╚██████╗ ███████╗███████╗██║██║ ╚████║███████╗ ╚═╝ ╚═╝╚═╝ ╚═╝ ╚══════╝╚══════╝ ╚═════╝ ╚══════╝╚══════╝╚═╝╚═╝ ╚═══╝╚══════╝ ### Week: 17 | Month: April | Year: 2021 | Release Date: 30/04/2021 | Edition: #376 ### ' ╔╦╗┬ ┬┌─┐┌┬┐ ╔═╗┌─┐┌─┐ ' ║║║│ │└─┐ │ ╚═╗├┤ ├┤ ' ╩ ╩└─┘└─┘ ┴ ╚═╝└─┘└─┘ ' Something that's really worth your time! URL: https://privatedrop.github.io/ Description: PrivateDrop - Breaking and Fixing Apple AirDrop. URL: https://philippeharewood.com/download-facebook-internal-mobile-builds/ Description: Download Facebook internal mobile builds. 😐 ' ╦ ╦┌─┐┌─┐┬┌─ ' ╠═╣├─┤│ ├┴┐ ' ╩ ╩┴ ┴└─┘┴ ┴ ' Some Kung Fu Techniques. URL: https://github.com/mentebinaria/retoolkit Description: Reverse Engineer's Toolkit. URL: https://github.com/trustedsec/COFFLoader Blog: https://bit.ly/3vubIpU (+) Description: COFF loader (AKA Beacon Object Files). URL: https://github.com/GoSecure/zap-autodecode-view Description: Auto-Decode View for WebSocket. URL: https://github.com/hfiref0x/KDU Description: Tool to explore Windows kernel/components. URL: https://github.com/JoelGMSec/Invoke-Stealth Description: Simple & Powerful PowerShell Script Obfuscator. URL: https://github.com/b1ack0wl/linux_mint_poc Description: Linux Mint 18.3-19.1 'yelp' command injection bug. URL: https://github.com/anyaschukin/OverRide Description: Binary Exploitation and Reverse-Engineering (from assembly into C). URL: https://github.com/trustedsec/tscopy Description: Tool to parse the NTFS $MFT file to locate and copy specific files. URL: https://github.com/clu3bot/OWT Description: Offensive Wifi Toolkit (owt) is a bash script for useful Wifi hacking. URL: https://github.com/xinbailu/DripLoader Description: Evasive shellcode loader for bypassing event-based injection detection. URL: https://github.com/KCarretto/paragon Description: Red Team engagement platform with the goal of unifying offensive tools. URL: https://github.com/spectertraww/PwnLnX Description: An advanced multi-threaded, multi-client python reverse shell for linux. ' ╔═╗┌─┐┌─┐┬ ┬┬─┐┬┌┬┐┬ ┬ ' ╚═╗├┤ │ │ │├┬┘│ │ └┬┘ ' ╚═╝└─┘└─┘└─┘┴└─┴ ┴ ┴ ' All about security issues. URL: https://blog.dixitaditya.com/android-task-hijacking/ Description: A deep dive into Task Hijacking in Android. URL: https://starlabs.sg/blog/2021/04/you-talking-to-me/ Description: You Talking To Me? - Exploiting Vulnerabilities in WebDriver. URL: http://windows-internals.com/cet-on-windows/ Description: R.I.P ROP - The complete overview of CET internals on Windows. Blog: https://labs.sentinelone.com/relaying-potatoes-dce-rpc-ntlm-relay-eop/ PoC: https://github.com/antonioCoco/RemotePotato0 Description: Another Unexpected PE Vulnerability in Windows RPC Protocol. URL: https://01001000.xyz/2021-04-21-Hiding-a-Trojan-in-an-AVR-Arduino-Bootloader/ Description: Hiding a Trojan in an AVR Arduino Bootloader. URL: https://quentinkaiser.be/security/2021/04/25/orange/ Description: A Clockwork Orange - Remotely Compromising Orange Belgium Cable Modems. URL: https://www.yuque.com/posec/public/qvzr6g PoC: https://github.com/Pai-Po/CVE-2021-1732 Description: Understanding of CVE-2021-1732 - Windows Win32k Elevation of Privilege. URL: https://bit.ly/3tauyAU (+) Description: Breaking ABUS Secvest internet-connected alarm systems (CVE-2020-28973). URL: https://bit.ly/3nz1wtx (+) Description: RCE in Apache OFBiz XMLRPC via Insecure Deserialization (CVE-2020-9496). URL: https://link.medium.com/a2T3FpCjLfb Description: Microsoft Exchange From Deserialization to Post-Auth RCE (CVE-2021-28482). URL: https://bit.ly/2PFmCtG (+) Description: Adobe Acrobat Reader Allow Malicious Program to Gain Root on macOS Silently. URL: https://link.medium.com/7vwuYUMxMfb Description: Symantec Endpoint Protection Meets COM - Using 'Symantec.SSHelper' As A LOLBIN. ' ╔═╗┬ ┬┌┐┌ ' ╠╣ │ ││││ ' ╚ └─┘┘└┘ ' Spare time? URL: https://www.lightpollutionmap.info/ Description: Light pollution map. URL: https://www.gitops.tech/ Description: GitOps - A way of implementing CD for cloud native applications. URL: https://github.com/kripthor/io433 Description: IO433 is an open-source ESP32 (TTGO T-Display) & CC1101 based 433Mhz sniffer. ' ╔═╗┬─┐┌─┐┌┬┐┬┌┬┐┌─┐ ' ║ ├┬┘├┤ │││ │ └─┐ ' ╚═╝┴└─└─┘─┴┘┴ ┴ └─┘ ' Content Helpers (0x) 52656e61746f20526f64726967756573202d204073696d7073306e202d2068747470733a2f2f706174686f6e70726f6a6563742e636f6d https://pathonproject.com/zb/?c71ab1fb9fffac37#fZi812uW/lbK+VX4ezU9/gyjXq+hHPrzpRkbwuvg1bQ=