ProtonVPN TCP Accleration SYN+ACK Spoofing Analysis
Of course, not all applications complete the TCP 3-Way handshake, such as nmap which in some modes will only send the TCP SYN to determine if a port is open on a server.
https://remyhax.xyz/posts/protonvpn-tcp-hacks/
ScarredMonk/SysmonSimulator: Sysmon event simulation utility which can be used to simulate the attacks to generate the Sysmon Event logs for testing the EDR detections and correlation rules by Blue teams.
This can be used by Blue teams for testing the EDR detections and correlation rules.
https://github.com/ScarredMonk/SysmonSimulator
Zynq Part 3: CVE-2021-27208 // ropcha.in //
Iteratively adding ONFI opcode support was nothing terribly exciting - though one amusing point was discovering that the NAND controller hardware in the Zynq won't complete a page read transaction unless you drive R/#B low for some period of time.
https://blog.ropcha.in/part-3-zynq-cve-2021-27208.html
|