The Art of bypassing endpoint protections for red teaming engagements
BSides Munich 2020 Authors: Eslam Reda Jameel Nabbo Watch the talk on youtube Powershell script used for creating reverse TCP and bypasses AV FUD .NETRead More
Browser exploitation research
Browser exploitation research presented by Jameel Nabbo in SEC-T Stockholm 2019
Type Confusion Vulnerabilities
Today, we are going to explore a new vulnerability called “Type Confusion” and as the name indicates this is a logical bug which results fromRead More
Use-After-Free Vulnerability (UAF) and Demo with Protostar Heap 2
Introduction: Basically, UAF happens when the program tries to access a portion of memory after it has been freed that may force the program toRead More
Format String Vulnerability: What, When and How?
What is Format String ? if you wrote a C code before I guarantee that you’ve seen printf() function which writes a formatted string toRead More
VUPlayer 2.49 BufferOverflow Exploitation + ROP Chain + Mona.py
Writeup for BoF of VUPlayer 2.49.
Practical Exploitation Part [1] (CloudMe Sync 1.11.2 BufferOverFlow + SEH)
Greetings, I wanted to make a series of tutorials about Binary Exploitation but i wanted it to be different from most of the existing contentRead More
ROP exploitation on x32 Linux
Introduction ROP or “Return-oriented programming” is an exploitation technique that allows an attacker to execute code in the presence of security defenses such as executableRead More