Demo of IE Zero Day used to Attack Google
by zitstif on Jan.20, 2010, under Posts, Videos
http://blog.metasploit.com/2010/01/reproducing-aurora-ie-exploit.html
The “Aurora” IE Exploit in Action from The Crew of Praetorian Prefect on Vimeo.
This video reminds me of another interesting piece of news, that I just read not too long ago:
“Windows plagued by 17-year-old privilege escalation bug: All 32-bit versions vulnerable”
http://www.theregister.co.uk/2010/01/19/microsoft_escalation_bug/
Is it time to move to a 64-bit version of Windows yet? 🙂 Oh! The amount of memory you can use with a 64 bit address space!
-
Welcome to #!/zitstif.no-ip.org/
-
Recent Posts
- Breaking Bitlocker – Bypassing the Windows Disk Encryption
- End of the year thoughts on IT/InfoSec (updated)
- AV evasion fun with ChatGPT
- Hacking the Arlo Q Security Camera: Firmware Extraction
- My TLDR version of Zero Trust Computing/Networking
- Elliptic Curve Cryptography Overview ( F5 DevCentral )
- SSH Client as a Quick and Dirty Port Scanner
- Domain Controller/Active directory over Meraki VPN fix
- Cisco Meraki security is kind of a joke…
- IPMI EVERYWHERE! w/The Pi-KVM – Level1Techs
Calender
May 2024 S M T W T F S 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 Blogroll
- .:: Phrack Magazine ::.
- @GelosSnake
- 100-hacking-tools-and-resources [hackerone.com]
- 2600: The Hacker Quarterly
- 2600.network [idle]
- Academic Torrents
- AI Exploits
- America's Digital Shield
- Amneiza VPN. Your own self-hosted VPN
- Amnesty Tech | Amnesty International
- anderspitman / awesome-tunneling
- Ansible is Simple IT Automation
- Anti Fraud News Blog | AntiFraudNews.com
- AppleExaminer Home
- Arch Cloud Labs – Projects
- Armis
- ARPSyndicate / awesome-intelligence
- Atek – An open source peer-to-peer Home Cloud | Atek.Cloud
- Atlas of Surveillance
- Attack-Defense Online Lab
- Autonomous Red Teaming for Everyone | Prelude Operator
- Awesome SDN
- awesome-incident-response
- BackBox Linux | Flexible Penetration Testing Distribution
- BackTrack Linux
- Binary Revolution Forums
- BIOS Master Password Generator for Laptops
- BleepingComputer.com
- Blog – Black Hills Information Security
- Blog – NotSoSecure
- Blog | GoSecure
- BREAKDEV
- Brute Ratel C4 | Badger doesn't care. It takes what it wants!
- ByteXD – Practical Tutorials for Web Developers & Entrepreneurs
- carnal0wnage.attackresearch.com
- CCC | Startseite
- cDc communications | CULT OF THE DEAD COW | Hackitvismo
- Censored Planet
- CIS Center for Internet Security
- Cisco Talos Intelligence Group
- Cloud Vulnerabilities and Security Issues Database
- Cloud-Free-Tier-Comparison
- Cloudflare
- CloudSecDocs
- Cockpit Project – Cockpit Project
- Command Line Kung Fu
- command-not-found.com
- CommandLineFu
- Computer Forensics World
- Core Security Technologies (Blog)
- Cribl: Take Control of Your Observability, Security, and Telemetry Data
- CrowdSec: the next-gen open source, crowd-powered, & dynamic firewall
- Cryptome
- CS6038/CS5138 Malware Analysis, UC
- CSI Linux
- CVE security vulnerability database
- Cyber Arch Blog
- Dark Operator
- Dark Reading
- Darknet – The Darkside | Ethical Hacking
- DeCloudUS – Privacy DNS Blocks Google, Ads, and More
- Default Password List for Routers
- Default passwords list
- Digital Experience Monitoring | ThousandEyes
- Digital Forensiscs, Computer Forensics, eDiscovery | ForensicFocus.com
- DigitalMunition – Ethical Hacking & Computer Security
- DiscMaster
- Distributed Denial of Secrets
- Distributed Denial of Secrets
- Diversion – the Router Ad-Blocker
- DNS-based Content Filtering and Security (cleanbrowsing.org)
- Docker.com
- DSLReports Home Broadband ISP reviews, news, tools and forums
- DZone Security
- Electronic Frontier Foundation
- Escape Big Tech
- Exotic Liability
- Exploit Education
- Exploit Education
- Exploit Observer | ARPSyndicate
- Exploits Database by Offensive Security
- Felix Krause
- FingerprintJS Blog | FingerprintJS
- Firezone: Open-Source WireGuard VPN Server – firezone.dev
- Fleet | Open-source device management (MDM)
- Flipper Zero – Portable Multi-tool Device for Geeks
- FOFA Search Engine
- FOG Project
- Forbidden Stories
- Forensics Wiki
- Free RMM Tools for MSP and Small Businesses (action1.com)
- FreeIPA – Open Source Identity Management Solution
- FTPrivacy.cloud
- Ghetto Forensics
- Ghidra
- GNS3 | The software that empowers network professionals gns3.com
- GNUCITIZEN
- Golem Network
- GPSJam GPS/GNSS Interference Map
- Gramine – a Library OS for Unmodified Applications
- GRAVITL
- GTFOBins
- Guadicore: Cloud and Data Center Security Simplified
- Guardicore
- Guillaume Quéré Blog
- Hack A Day
- HackDojo
- HackerOne – Bug Bounty program
- HackerspaceWiki
- Hacking-Printers
- Hackster.io – The community dedicated to learning hardware. hackster.io
- HackTricks
- Hak5
- Handshake
- Hash Generator
- hdm.io
- Hextree
- HITB
- HolisticInfoSec
- Home – NetBlocks
- Home – OpenDaylight
- Home – Virtue Security
- Home | endoflife.date
- Home | OpenSCAP portal
- Homepage | CISA
- HoneyDB
- How-To Geek
- I2P Anonymous Network
- Infisical | Open Source SecretOps
- InfoSec Institute
- Infosec Island
- InfosecMatter
- Inj3ct0r – exploit database
- Innernet
- Insecure Magazine
- Inside Laura's Lab
- Instructables – Technology
- Invisible Things Lab
- IPDetective
- IPDS – Domain Name System for IPFS
- IronGeek
- iSecur1ty
- IT Security – stackexchange.com
- ITFlow
- James Brine – Australian Cyber Threat Intelligence
- Kali Linux
- Kali Linux / Kali-purple
- Katacoda – Interactive Learning Platform for Software Engineers
- Keycloak
- Keycloak
- KitPloit – PenTest Tools for your Security Arsenal
- Kon-boot
- Krebs On Security
- LaNMaSteR53.blog
- Learn Pentesting Online
- LibreNMS
- Lifehack – Tips for Life
- Lifehacker
- Linux Kodachi 6.2 The Secure OS
- Linux Security
- LinuxGizmos.com: embedded Linux news & devices
- Live Hacking
- LiveOverflow – YouTube
- LMG Security
- LOLBAS – Living Off The Land Binaries, Scripts and Libraries
- Mageni – Free and open-source vulnerability scanner
- Malicious Group
- MalwareTech
- Malwr – Malware Analysis by Cuckoo Sandbox
- Mandiant Blog
- Martin Vigo PERSONAL HACKING PROJECTS, WRITEUPS AND TOOLS
- MASS | Metal as a Service
- Meshtastic
- Metasploit Blog
- Metasploit Unleashed – Mastering the Framework
- MG
- Mininet: An Instance Virtual Network on your Laptop (or other PC)
- MITRE ATT&CK
- Mobile Verification Toolkit
- MorningStar Security News
- Moxie Marlinspike >> Thoughtcrime Labs
- MSPGeek a free MSP Community for all Service Providers
- Nagios – The Industry Standard in IT infrastructure monitoring
- NetBird – Connect and Secure Your IT Infrastructure in Minutes
- NetBox.dev
- Netmaker: Wireguard® VPN & Software Defined Networking
- NETSEC – Ramblings of a NetSec addict
- Network Engineering Stack Exchange
- Network World
- news.ycombinator.com
- nixCraft – (www.cyberciti.biz)
- nrd-list.com
- NTLM Decrypter
- Objective-See
- Offensive-Security
- offsec.tools
- OmniEdge | Unlimited Computers In Your Private Network
- OnionScan: Investigating the Dark Web
- Online – Reverse Shell Generator
- Online LM hash cracking engine
- Online Password Hash Crack
- Open Network Operating System (ONOS)
- Open Observatory of Network Interference
- Open-AudIT
- OpenBSD Router Guide
- openITCOCKPIT | Open Source Monitoring
- OpenNIC Project
- OpenProject – Open Source Project Management Software
- OpenSecrets
- OpenSecurity
- OpenSecurityTraining
- OpenWISP: Open Source Network Management System
- OpenZiti
- Opt out of global data surveillance programs like PRISM, XKeyscore and Tempora.
- OSINT Framework
- OSINT Tools for the Dark Web
- osquery | Easily ask questions about your Linux, Windows, and macOS Infrastructure
- osTicket | Support Ticketing system
- Ostorlab: Blog
- Outflank | Red Team Tools & Expert Services
- OWASP
- Packet Life
- PacketStorm Securtiy
- Parrot Security
- Passbolt | Open source password manager for teams
- PaulDotCom
- Penetration Testing and Vulnerability Analysis Polytechnic Insitute
- Penetration Testing Lab
- Pentester Academy TV – Youtube
- Pentester Academy: Learn Pentesting Online
- Pentester's Promiscuous Notebook
- PenTestIT
- PentHertz Blog
- Peteris Krumins' Blog
- phpIPAM IPAM IP address management software
- Pi-hole
- Pi-KVM – Open and cheap DIY IP-KVM on Raspberry Pi
- PiKVM – Open and inexpensive DIY IP-KVM on Raspberry Pi
- polyswarm.io Blog
- Pomerium
- Portcullis Labs
- Pritunl, Enterprise Distributed OpenVPN, IPsec and WireGuard Server
- Privacy is sexy – Enforce privacy
- PrivacyTools – Encryption Against Global Mass Surveillance
- Project Honey Pot
- Project Zero (Google)
- Pwnagotchi – Deep Reinforcement Learning
- qual – Internet Independent Wireless Mesh Communication App
- Qubes OS: A reasonably secure operating system
- RANCID – Really Awesome New Cisco confIg Differ
- rConfig – Network Configuration Management!
- reptile[.]haus[/]blog/
- RiskIQ Community Edition
- Risky Business
- Ronin
- ROOter by Modems and Men
- Routerpwn
- SaltStack: Home
- samy kamkar – home
- Sanesecurity signatures: improve ClamAV detection rate
- SANS Digital Forensics Blog
- SANS Penetration Testing Blog
- Schneier on Security
- SDF Public Access UNIX System – Free Shell Account and Shell Access Est. 1987
- SecLists
- SecLists
- secret club | Blog about reverse-engineering, hacking, and breaking your software in ever way
- Secure Data Recovery Services
- SecureDrop.org – Share and accept documents securely
- Securelist | Kaspersky's threat research and reports
- Security Awareness Training | KnowBe4
- Security Database Tools Watch
- Security Insights | AdaptiveMobile
- Security Onion Solutions
- Security Research | mr.d0x
- Security Watch
- SecurityFocus
- SecurityTube.net
- SecurityTube.net Hack of the Day
- SentinelLabs – Intelligence Redefined
- Server Fault
- ServeTheHome: Server, Storage, and Software Reviews
- Sevro Security | SS
- Shell is coming …
- Shell.Systems – WE POP SHELLS
- Shelter Project
- shieldwall – secure your most private servers – shieldwall.me
- SHODAN – Computer Search Engine
- Signal >> Home
- Silent Break Security Blog
- SkullSecurity
- Slashdot
- Snipe-It Free open source IT asset management
- Snort Blog
- SNOsoft Research Team
- Social Engineering – Security Through Education
- Social Networking / WireHub
- SpiderFoot
- SpiderFoot HX – SpiderFoot
- Spork: Peer-to-peer socket magic in the air | Spork.sh
- Spy Culture | Intelligence Agencies and Popular Culture
- Stack Exchange
- Stop Ransomware | CISA
- Sucuri Blog
- Sunny Valley Networks – Agile Service Edge Security
- Super User
- Synacktiv Publications
- T E X T F I L E S
- Tails OS
- Tailscale – private networks made easy
- Tales from a Security Professional
- Technitium | Push The Limits
- The Art of Mac Malware
- The Black Vault
- The C2 Matrix
- The Citizen Lab – University of Toronto
- THE DFIR REPORT – Real Intrusions by Real Attackers, The Truth Behind the Intrusion
- The Ethical Hacker Network
- The Exploit Database
- The Free Thought Project – Your online news and discussion platform
- The No More Ransom Project
- The Pragmatic Bookshelf
- The Shadowserver Foundation
- the world.according to koto
- the-infosec
- TheHive Project
- ThirdCloud
- THN: The Hacker News
- threatpost | The First Stop for Security News
- TinyPilot
- Tools to explore BGP
- Top 100 Network Security Tools
- Tor Project | Anonymity Online
- TorBox – TorBox is an easy to use, anonymizing router based on Raspberry Pi.
- Troy Hunt: Troy Hunt
- TrustedSec News and Events (Blog)
- tssci security
- Unimus by NetCore j.s.a
- Unmask Parasites. Blog.
- UrBackup – Client/Server Open Source Network Backup
- Veil – AV Evasion
- Ventoy – A New Bootable USB Solution
- VIPER VAST
- virtuallyGhetto
- VoidSec
- Volatile Systems Blog
- Vulners – Vulnerability Data Base
- Vuls – Agentless Vulnerability Scanner for Linux/FreeBSD
- w3af – Open Source Web Application Security Scanner w3af.org
- War Room
- Wazuh – The Open Source Security Platform
- Welcome | authentik
- Welcome to Enable Sysadmin | Enable Sysadmin
- What is this? Red Teaming Experiments
- What's My Pass?
- Whistleblower Aid
- WhoTracks.me – Bringing Transparency to Online Tracking
- WikiLeaks
- Will Hack For SUSHI
- Windows Command Line -CMD commands, command prompt, batch files, Powershell
- Wireskip.
- Wiz: Cloud infrastructure security reimagined
- Word List Downloads
- xorl
- ZeroTier – Global Area Networking
February 12th, 2010 on 5:13 am
I am very impressed with the article I have just read. I wish the writer of zitstif.no-ip.org can continue to provide so much practical information and unforgettable experience to zitstif.no-ip.org readers. There is not much to state except the following universal truth: The opposite of upside down is not down side up. It?s upside up. I will be back.