A New PWK/OSCP, Election Hacking, Kernel Exploits, and Fuzzing
Day[0] - A podcast by dayzerosec
Categorie:
Is the new OSCP worth-it? Can election apps be made secure? We'll talk about those questions and several kernel exploits and a few cool fuzzing innovations.
- [00:00:23] PWK and the OSCP Certification | Offensive Security
- [00:16:24] Rescheduling Root KSK Ceremony 40
- [00:20:15] The Ballot is Busted Before the Blockchain:A Security Analysis of Voatz
- [00:49:26] Lateral movement via MSSQL: a tale of CLR and socket reuse
- [00:55:51] Fix for CVE-2018-12122 can be bypassed via keep-alive requests
- [01:00:28] A Trivial Privilege Escalation Bug in Windows Service Tracing (CVE-2020-0668)
- [01:05:01] Intel CSME Escalation of Privilege
- [01:07:41] Project Zero: A day^W^W Several months in the life of Project Zero
- [01:18:54] Project Zero: Mitigations are attack surface, too
- [01:33:42] Samsung SEND_FILE_WITH_HEADER Use-After-Free
- [01:35:52] Samsung /dev/tsmux Heap Out-Of-Bounds Write
- [01:39:55] Exploiting a Linux kernel vulnerability in the V4L2 subsystem (CVE-2019-18683)
- [01:45:10] KOOBE: Towards Facilitating Exploit Generation of Kernel Out-Of-Bounds Write Vulnerabilities
- [01:54:06] HotFuzz: Discovering Algorithmic Denial-of-Service Vulnerabilities Through Guided Micro-Fuzzing
- [01:58:14] HYPER-CUBE: High-Dimensional Hypervisor Fuzzing
- [02:02:21] FIDO2 Deep Dive: Attestations, Trust model and Security
- [02:03:04] Hypervisor Necromancy; Reanimating Kernel Protectors
Watch the DAY[0] podcast live on Twitch (@dayzerosec) every Monday afternoon at 12:00pm PST (3:00pm EST)
Or the video archive on Youtube (@DAY[0])