• Stars
    star
    490
  • Rank 89,811 (Top 2 %)
  • Language
  • License
    MIT License
  • Created about 2 years ago
  • Updated about 2 years ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

BLACKHAT USA2022 PDF Public

BLACKHAT_USA2022

Just About BLACKHAT USA2022 PDF Public

Download in release or this mirror

File List, Search what your intersting.

├── BLACKHAT_USA2022
│   ├── Taking Kerberos To The Next Level.pdf
│   ├── US-22-ABDELLATIF-Unlimited-Results-Breaking-Firmware-Encryption.pdf
│   ├── US-22-Alkemade-Process-Injection-Breaking-All-macOS-Security-Layers-With-a-Single-Vulnerability.pdf
│   ├── US-22-Avrahami-Kubernetes-Privilege-Escalation-Container-Escape-Cluster-Admin.pdf
│   ├── US-22-Ayrey-Bug-Hunters-Dump-User-Data.pdf
│   ├── US-22-Baines-Do-Not-Trust-The-ASA-Trojans.pdf
│   ├── US-22-Benyo-Leveraging-the-Apple-ESF.pdf
│   ├── US-22-Bialek-CastGuard.pdf
│   ├── US-22-Bitan-Revealing-S7-PLCs.pdf
│   ├── US-22-Borrello-Architecturally-Leaking-Data.pdf
│   ├── US-22-Borrello-Custom-Processing-Unit.pdf
│   ├── US-22-Canella-Go-With-the-Flow-Enforcing-Program-Behavior-Through-Syscall-Sequences-and-Origins-wp.pdf
│   ├── US-22-Canella-Go-With-the-Flow-Enforcing-Program-Behavior-Through-Syscall-Sequences-and-Origins.pdf
│   ├── US-22-Case-New-Memory-Forensics-Techniques-to-Defeat-Device-Monitoring-Malware-wp.pdf
│   ├── US-22-Case-New-Memory-Forensics-Techniques-to-Defeat-Device-Monitoring-Malware.pdf
│   ├── US-22-Cherepanov-Industroyer2-Sandworms-Cyberwarfare-Targets-Ukraines-Power-Grid-Again.pdf
│   ├── US-22-Csikor-RollBack-A-New-Time-Agnostic-Replay-Attack.pdf
│   ├── US-22-Dewsnip-No-Mr-Cyber-Threat.pdf
│   ├── US-22-Ding-To-Flexibly-Tame-Kernel.pdf
│   ├── US-22-Doyhenard-Internal-Server-Error-wp.pdf
│   ├── US-22-Doyhenard-Internal-Server-Error.pdf
│   ├── US-22-Dwyer-Open-Threat-Hunting-Framework.pdf
│   ├── US-22-Edmondson-Chasing-Your-Tail.pdf
│   ├── US-22-Forshaw-Taking-Kerberos-To-The-Next-Level.pdf
│   ├── US-22-Fournier-Return-To-Sender.pdf
│   ├── US-22-Fratric-XMPP-Stanza-Smuggling.pdf
│   ├── US-22-Frigo-A-Dirty-Little-History.pdf
│   ├── US-22-Gazdag-RCE-as-a-Service.pdf
│   ├── US-22-Gofman-IAM-The-One-Who-Knocks.pdf
│   ├── US-22-Gordon-UWB-Real-Time-Locating-Systems-wp.pdf
│   ├── US-22-Gordon-UWB-Real-Time-Locating-Systems.pdf
│   ├── US-22-Gorenc-Calculating-Risk-In-The-Era-Of-Obscurity.pdf
│   ├── US-22-Graeber-Living-Off-the-Walled-Garden.pdf
│   ├── US-22-Guo-Trace-me-if-you-can.pdf
│   ├── US-22-Hai-Is-WebAssembly-Really-Safe-wp.pdf
│   ├── US-22-Hai-Is-WebAssembly-Really-Safe.pdf
│   ├── US-22-Hawkins-Controlling-the-Source-wp.pdf
│   ├── US-22-Hawkins-Controlling-the-Source.pdf
│   ├── US-22-Heftrig-DNSSEC-Downgrade-Attacks.pdf
│   ├── US-22-Hegel-Charged-By-An-Elephant.pdf
│   ├── US-22-Hong-DirectX-The-New-Hyper-V-Attack-Surface.pdf
│   ├── US-22-Huang-The-Battle-Against-the-Billion-Scale-Internet-Underground-Industry.pdf
│   ├── US-22-Iooss-Ghost-in-the-Wireless-iwlwifi-Edition-wp.pdf
│   ├── US-22-Iooss-Ghost-in-the-Wireless-iwlwifi-Edition.pdf
│   ├── US-22-Jeitner-Stalloris-RPKI-Downgrade-Attack.pdf
│   ├── US-22-Jin-Android-Universal-Root.pdf
│   ├── US-22-Jin-Monitoring-Surveillance-Vendors.pdf
│   ├── US-22-Johnson-eBPF-ELFs-JMPing-Through-the-Windows.pdf
│   ├── US-22-Karimi-Google-Reimagined-A-Phone.pdf
│   ├── US-22-Leitschuh-Scaling-the-Security-Researcher.pdf
│   ├── US-22-Lin-Cautious-A-New-Exploitation-Method.pdf
│   ├── US-22-Liu-Human-Or-Not.pdf
│   ├── US-22-Ma-A-New-Trend-for-the-Blue-Team-Using-a-Practical-Symbolic-Engine.pdf
│   ├── US-22-Marcovich-PISE-Automatic-Protocol-Reverse-Engineering-wp.pdf
│   ├── US-22-Marcovich-PISE-Automatic-Protocol-Reverse-Engineering.pdf
│   ├── US-22-Mollema-Backdooring-and-hijacking-Azure-AD-accounts.pdf
│   ├── US-22-Nemiroff-Fault-Injection-Detection-Circuits.pdf
│   ├── US-22-Olofsson-Smishsmash.pdf
│   ├── US-22-Pearce-In-Need-Of-Pair-Review-wp.pdf
│   ├── US-22-Pearce-In-Need-Of-Pair-Review.pdf
│   ├── US-22-Quincoses-The-Growth-of-Global-Election-Disinformtion.pdf
│   ├── US-22-Roettger-Breaking-the-Chrome-Sandbox-with-Mojo.pdf
│   ├── US-22-Rubin-AAD-Joined-Machines-New-Lateral-Movement.pdf
│   ├── US-22-Scott-Long-Dragon-Tails.pdf
│   ├── US-22-Seeley-IAM-who-I-say-IAM.pdf
│   ├── US-22-Shaik-Attacks-From-a-New-Front-Door-in-4G-5G-Mobile-Networks.pdf
│   ├── US-22-Shakevsky-Trust-Dies-in-Darkness.pdf
│   ├── US-22-Shan-Invisible-Finger-wp.pdf
│   ├── US-22-Shan-Invisible-Finger.pdf
│   ├── US-22-Shostack-A-Fully-Trained-Jedi-Semifinal.pdf
│   ├── US-22-Snezhkov-ELF-Section-Docking-Revisiting-Stageless-Payload-Delivery.pdf
│   ├── US-22-Tenaglia-Better-Privacy-Through-Offense-How-To-Build-a-Privacy-Red-Team.pdf
│   ├── US-22-Teodorescu-Blasting-Event-Driven-Cornucopia.pdf
│   ├── US-22-Thayer-Everything-To-Everyone-Burnout.pdf
│   ├── US-22-Thomas-Demystifying-Key-Stretching-and-PAKEs.pdf
│   ├── US-22-Tobener-Harm-Reduction-A-Framework.pdf
│   ├── US-22-Tsai-Lets-Dance-in-the-Cache-Destabilizing-Hash-Table-on-Microsoft-IIS.pdf
│   ├── US-22-Ventuzelo-A-Journey-Into-Fuzzing-WebAssembly-Virtual-Machines.pdf
│   ├── US-22-Wang-Dive-into-Apple-IO80211Family-Vol-II.pdf
│   ├── US-22-Wouters-Glitched-On-Earth.pdf
│   ├── US-22-Wu-Devils-Are-in-the-File.pdf
│   ├── US-22-Yan-BrokenMesh-New-Attack-Surfaces-of-Bluetooth-Mesh.pdf
│   ├── US-22-shen-all-your-gnn-and-data-belong-to-us.pdf
│   ├── us-22-Jin-The-Journey-Of-Hunting-ITW-Windows-LPE-0day-wp.pdf
│   ├── us-22-Jin-The-Journey-Of-Hunting-ITW-Windows-LPE-0day.pdf
│   ├── us-22-Kettle-Browser-Powered-Desync-Attacks-wp.pdf
│   └── us-22-Kettle-Browser-Powered-Desync-Attacks.pdf
└── BLACKHAT_USA2022.zip

1 directory, 88 files

More Repositories

1

Penetration_Testing_POC

渗透测试有关的POC、EXP、脚本、提权、小工具等---About penetration-testing python-script poc getshell csrf xss cms php-getshell domainmod-xss csrf-webshell cobub-razor cve rce sql sql-poc poc-exp bypass oa-getshell cve-cms
HTML
6,456
star
2

BurpSuite-collections

有关burpsuite的插件(非商店),文章以及使用技巧的收集(此项目不再提供burpsuite破解文件,如需要请在博客mrxn.net下载)---Collection of burpsuite plugins (non-stores), articles and tips for using Burpsuite, no crack version file
HTML
3,232
star
3

RedTeam_BlueTeam_HW

红蓝对抗以及护网相关工具和资料,内存shellcode(cs+msf)和内存马查杀工具
Java
2,196
star
4

hackbar2.1.3

the free firefox extions of hackbar v2.1.3 v2.2.9 v2.3.1,hackbar 插件未收费的免费版本。适用于chrome浏览器的HackBar-v2.2.6.zip,HackBar-v2.3.1.zip
669
star
5

BLACKHAT_Asia2023

Black Hat Asia 2023 PDF Public
569
star
6

sunlogin_rce

向日葵 RCE
Go
476
star
7

subdomain_shell

一键调用subfinder+ksubdomain+httpx 强强联合 从域名发现-->域名验证-->获取域名标题、状态码以及响应大小 最后保存结果,简化重复操作命令
Shell
330
star
8

JNDIExploit-1

一款用于 JNDI注入 利用的工具,大量参考/引用了 Rogue JNDI 项目的代码,支持直接植入内存shell,并集成了常见的bypass 高版本JDK的方式,适用于与自动化工具配合使用。(from https://github.com/feihong-cs/JNDIExploit)
Java
266
star
9

kms-server-deploy

一键搭建kms激活服务端&&Windows客户端一键激活脚本
Batchfile
233
star
10

cve-2022-23131

cve-2022-23131 zabbix-saml-bypass-exp
Python
151
star
11

spring-core-rce

CVE-2022-22965 : about spring core rce
Python
51
star
12

HCMendetool

HCM宏景加解密工具
Java
45
star
13

CVE-2022-24112

CVE-2022-24112:Apache APISIX apisix/batch-requests RCE
44
star
14

CVE-2021-42342

CVE-2021-42342 RCE
42
star
15

CVE-2022-40127

Apache Airflow < 2.4.0 DAG example_bash_operator RCE POC
40
star
16

burpsuite_pro_for_mac

A script to easily activate the macOS version of Burp Suite Professional [Free]
Shell
38
star
17

thinkphp_lang_RCE

about thinkphp lang RCE QVD-2022-46174 v6.0.1 <= Thinkphp <= v6.0.13 Thinkphp v5.0.x Thinkphp v5.1.x
38
star
18

ShellcodeLoader

该项目为Shellocde加载器,详细介绍了我们如何绕过防病毒软件,以及该工具如何使用
C
37
star
19

CVE-2022-24086

CVE-2022-24086 about Magento RCE
36
star
20

CrossC2

来自 gloxec 的 CrossC2 frameworkfork 备份 2.0版本
C
33
star
21

CVE-2023-28432

CVE-2023-28434 nuclei templates
32
star
22

CVE-2024-36401

Remote Code Execution (RCE) Vulnerability In Evaluating Property Name Expressions with multies ways to exploit
31
star
23

CVE-2022-21371

Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion
27
star
24

CVE-2021-43798

CVE-2021-43798:Grafana 任意文件读取漏洞
25
star
25

CVE-2024-32113

Apache OFBIZ Path traversal leading to RCE POC[CVE-2024-32113 & CVE-2024-36104]
24
star
26

Joker

一款基于Http.sys的利用工具 ZhuriLab/Joker 备份
C++
23
star
27

CVE-2022-25064

Python
21
star
28

k3_packages_backup

k3的固件和插件备份仓库,Mac下解决音乐解锁插件证书到期,升级ssr-plus和v2ray版本,以及xray
Standard ML
15
star
29

CVE-2023-23333

SolarView Compact through 6.00 downloader.php commands injection (RCE) nuclei-templates
13
star
30

infohunter

pentester payload ,info hunte
PHP
12
star
31

check_proxy

Multi-threaded socks proxy checker written in Go!
Go
7
star
32

Onekey-Open-BT-panel-ssl-with-domain

宝塔(bt.cn)面板开启域名登录并且使用域名证书,解决浏览器信任证书问题,强迫症福音@_@
Shell
7
star
33

Kill_zsxq_Watermark

清除知识星球水印(包括文章、首页、topic等部分)
JavaScript
7
star
34

CVE-2024-36991

Path Traversal On The "/Modules/Messaging/" Endpoint In Splunk Enterprise On Windows
7
star
35

CNVD_Modify

适用于CNVD的篡改猴(Tampermonkey、Greasemonkey)脚本
JavaScript
6
star
36

CVE-2021-26855-d

Python
6
star
37

CVE-2022-3328

CVE-2022-3328 with CVE-2022-41974 and CVE-2022-41973
4
star
38

Mr-xn

my profile
4
star
39

Kali-install-docker

Docker-ce Install script for Kali
Shell
4
star
40

zhihuishu

2018新版智慧树视频自动播放刷课chrome插件
JavaScript
4
star
41

modify_freebuf_pic

支持t00ls.com文章图片放大&去除 freebuf.com 的文章部分的图片末尾追加的 !small ,让图片直接显示最佳尺寸而不是缩小版的,不需要点击放大查看,方便查看文章。
JavaScript
4
star
42

hysteria_mac.sh

hysteria shell script for Mac
Shell
3
star
43

CVE-2023-43482

TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability
3
star
44

sqli-scripts

Scripts that make SQL injection faster, more convenient, and easier
Python
3
star
45

TG

About TG
2
star
46

server-bash-script

some useful server bash script
Python
2
star
47

scrapy_douban_top250movie

Use Python Scrapy crawl douban.com/top250
Python
1
star
48

seniverse_location

seniverse api location code
1
star
49

bt770back

bt770back
1
star