Explore >> Select a destination
|
You are here 
|
www.wietzebeukema.nl | ||
| | | | |
gebir.ge
|
|
| | | | | [AI summary] The provided text describes a detailed process of exploiting a Windows system through a REST API endpoint, leveraging DLL hijacking and dynamic code execution. The user outlines the steps taken to gain access, including crafting malicious DLLs, using reflection to load assemblies, and executing commands via PowerShell. The text concludes with a reflection on the learning experience and resources used. | |
| | | | |
itm4n.github.io
|
|
| | | | | Whenever a "new" DLL hijacking / planting trick is posted on Twitter, it generates a lot of comments. "It's not a vulnerability!" or "There is a lot of hijackable DLLs on Windows..." are the most common reactions. Though, people often don't really speak about the same thing, hence the overall confusion which leads us nowhere. I don't pretend to know the ultimate truth but I felt the need to write this post in order to hopefully clarify some points. | |
| | | | |
www.syspanda.com
|
|
| | | | | I wanted to write about the importance of checking for new services as this is an avenue in which attackers leverage their persistence methods. While looking at newly created services... [Continue Reading] | |
| | | | |
www.cybereason.com
|
|
| | | A critical, unauthenticated remote code execution vulnerability, tracked as CVE-2025-32433, have been discovered in Erlang/OTP's SSH implementation. | ||
