flareon FlareOn11: Challenge 5 - sshd Introduction If you're new to FlareOn or haven't heard about it, FlareOn is an annual reverse-engineering CTF competition organized by Mandiant team. It's designed to challenge security enthusiasts, malware analysts, and reverse engineers with a series of increasingly difficult puzzles that test a wide
flareon FlareOn11: Challenge 7 - fullspeed Introduction If you're new to FlareOn or haven't heard about it, FlareOn is an annual reverse-engineering CTF competition organized by Mandiant team. It's designed to challenge security enthusiasts, malware analysts, and reverse engineers with a series of increasingly difficult puzzles that test a wide
flareon Flare-On 10 Solutions Flare-On [https://flare-on.com/] is an annual single-player Windows-centric CTF competition focusing on Reverse Engineering and Malware Analysis. This competition is organized by the FLARE team in Mandiant [https://www.mandiant.com/]. If you complete all the challenges, you receive a prize and a permanent recognition on Flare-On website. Flare-On
OSMR Review of EXP-312 and OSMR Introduction In 2021, OffSec (previously known as Offensive Security) introduced their first macOS-related security course with the name "Advanced macOS Control Bypasses" (EXP-312). This course discusses logical attacks that can be performed on macOS to escalate privileges and to bypass the system's security controls. As usually
ntapi Process Code Injection Through Undocumented NTAPI * Process code injection through chaining VirtualAllocEx, WriteProcessMemory, and CreateRemoteThread Win32 API functions is considered to be a standard technique. There's also another way of injecting code into another process's virtual address space, which can be done through the following lower-level native NT API functions: NtCreateSection, NtMapViewOfSection,
Chaining HTTP Smuggling Attack with Open-Redirection to possibly leak client's request data TL;DR: An open-redirection vulnerability can be leveraged along with HTTP Request Smuggling vulnerability to redirect clients of the target web server to a malicious web server and potentially leak information out of the client's requests. Discovery There was a scenario that I went across while I was
