What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


Omnibus: Automating OSINT Collection
–> Omnibus - inQuest Blog <–

A PowerShell front-end for the Windows debugger engine
–> DbgShell - github <–

Detours with just single dependency - NTDLL
–> DetoursNT - github <–

Speculation control powershell script
–> SpeculationControl - github <–

Direct Memory Access (DMA) Attack Software
–> pcileech - github <–

Simple C# for checking for the existence of credential files related to AWS, Microsoft Azure, and Google Compute
–> SharpCloud - github <–

UEFI firmware image viewer and editor
–> UEFITool - github <–

Talks & Knowledge

Ring 0/-2 RootKits: Compromising Defenses
–> Ring 0/-2 RootKits - DefCon 2018/Alexandre Borges <–

EAP Relay with Sycophant
–> EAP-Relay-with-Sycophant - github <–

Binaries That Does Other Stuff
–> api0cradle - github <–

Wireshark Column Setup DeepDive, covering all the secrets of setting up your Wireshark columns and how to make them display data you didn’t think you could
–> Wireshark Column Setup Deepdive - Packet-Foo / Jasper <–

Extracting SSH Private Keys from Windows 10 ssh-agent
–> Exctract SSH PrivKey from Win10 ssh-agent - ropnop <–

earning of exploitation on pwn websites challenges. Getting shell for fun!
–> Exploits - github <–

Hackers Leverage AWS To Breach, Persist In Corporate Networks
–> AWS Breah, Persist in Corporate Network - DarkReading <–


Breaking the Virtual Memory Abstraction with Transient Out-of-Order Execution
–> Foreshadow - Foreshadow <–

Researchers Break IPsec VPN Connections with 20-Year-Old Protocol Flaw
–> CVE-2018-0131 - Threat Post <–

NFile Operation Induced Unserialization via the “phar://” Stream Wrapper
–> har:// attack vector - black hat 2018 / Sam Thomas <–

Darkhotel Exploits Microsoft Zero-Day VBScript Flaw
–> CVE-2018-8373 - Threat Post <–

SSD Advisory – VirtualBox VRDP Guest-to-Host Escape
–> VRDP Guest-to-Host Escape - SecuriTeam Blogs <–

One&Done: A Single-Decryption EM-Based Attack on OpenSSL’s Constant-Time Blinded RSA
–> One&Done - USENIX <–

USBHarpoon Is a BadUSB Attack with A Twist
–> USBHarpoon - Bleeping Computer <–