Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

Shared Library to intercept nvram get/set/match calls for emulating libnvram.so used by many IoT firmware software
–> custom_nvram - github <–



Talks & Knowledge

Google Adds Control-Flow Integrity to Beef up Android Kernel Security
–> CFI - The Hacker News <–

Capturing NetNTLM Hashes with Office [DOT] XML Documents
–> Capturing NetNTLM Hashes - bohops <–

The Illustrated TLS Connection
–> The Illustrated TLS Connection - Ulfheim <–

Deobfuscating PowerShell: Putting The Toothpaste Back In The Tube
–> Deobfuscating PowerShell - ENDGAME <–



Threats

Bug in Newly Released iOS 12.0.1 Gives Access To Your Photos
–> iOS 12.0.1 Bug - HackRead <–