What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


Hash Buster is a program which uses several APIs to perform hash lookups
–> Hash-Buster - github <–

Interesting Files Scanner extends Burp Suite’s active scanner, with scans for interesting files and directories. A main feature of the extension is the check for false positives with tested patterns for each case. Furthermore, a Burp Suite tab is present to select/unselect the checks, to avoid network overload.
–> interestingFileScanner - github <–

Talks & Knowledge

All releases of the security research group (a.k.a. hackers) The Hacker’s Choice
–> THC-Archive - github <–

Virtualization-based security (VBS) memory enclaves: Data protection through isolation
–> VBS memory enclaves - Microsoft Secure <–

A Methodical Approach to Browser Exploitation - The Exploit Development Lifecycle, From A to Z(ero Day)
–> Browser Exploitation - Ret2 Systems <–

PDFiD: GoToE and GoToR Detection (“NTLM Credential Theft”)
–> PDFiD - Didier Stevens <–


Sharing Is Caring - Ein CVE-2018-7171 Round-up
–> CVE-2018-7171 - modzero <–

F-Secure Anti-Virus: Remote Code Execution via Solid RAR Unpacking
–> CVE-2018-10115 - landave’s blog <–

Researchers warn of Microsoft Zero-Day RCE Bug - Microsoft Windows JScript Error Object Use-After-Free Remote Code Execution Vulnerability
–> CVE-2018-8267 - threadpost <–

Chrome Extension And Express Server That Exploits Keylogging Abilities Of CSS
–> CSS Keylogger - KitPloit <–

Buffer overflow in Scp for powershell
–> Buffer overflow in Scp for powershell - github <–