Forwarded from 卩ro 爪Cracker
Forwarded from 卩ro 爪Cracker
Forwarded from 卩ro 爪Cracker
CVE-2022-28346
Django QuerySet.annotate(), aggregate(), extra() SQL
https://github.com/DeEpinGh0st/CVE-2022-28346
#redteam #hackers #exploit
Django QuerySet.annotate(), aggregate(), extra() SQL
https://github.com/DeEpinGh0st/CVE-2022-28346
#redteam #hackers #exploit
👍1
Forwarded from 卩ro 爪Cracker
ntaxi.co.kr.7z
1.8 MB
http://ntaxi.co.kr, 남바원택시 > 대한민국 1등 개인택시 번호판 거래 플랫폼
Forwarded from 卩ro 爪Cracker
onkormanyzat.tujvaros.hu.7z
1.1 MB
http://onkormanyzat.tujvaros.hu, Önkormányzati Információs Rendszer
Forwarded from 卩ro 爪Cracker
portuguese.thecus.com.7z
42 KB
http://portuguese.thecus.com, Thecus®, Creator in Storage.
Forwarded from 卩ro 爪Cracker
rocknsoulalley.org.7z
419 KB
http://rocknsoulalley.org, Rock 'n Soul Alley
Forwarded from 卩ro 爪Cracker
www.hotelvasto.it.7z
335.5 KB
http://www.hotelvasto.it, Hotel Vasto: alberghi, pensioni, bed and breakfast, agriturismi, camping
Forwarded from 卩ro 爪Cracker
What is HTTP-TRACKER?
HTTP-TRACKER is a browser extension which tracks the network on the browser (chrome and firefox). What ever is captured on the network tab in a browser, the same and more can be done by this extension.
This provides a centralized window which displays the entire requests - responses from all the tabs and all windows of the browser. This can also track the private/incognito window tabs (if permission is enabled), bringing everything into a central place.
https://github.com/venukbh/http-tracker
HTTP-TRACKER is a browser extension which tracks the network on the browser (chrome and firefox). What ever is captured on the network tab in a browser, the same and more can be done by this extension.
This provides a centralized window which displays the entire requests - responses from all the tabs and all windows of the browser. This can also track the private/incognito window tabs (if permission is enabled), bringing everything into a central place.
https://github.com/venukbh/http-tracker
👍2
Forwarded from 卩ro 爪Cracker
Registry-Recon
Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon.
As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible.
Some of our usual tooling for this started getting flagged by EDR products, due to the use of Windows CLI commands. This aggressor script aims to solve that problem by only probing the system using native registry queries, no CLI commands.
https://github.com/optiv/Registry-Recon
Cobalt Strike Aggressor Script that Performs System/AV/EDR Recon.
As a red-team practitioner, we are often using tools that attempt to fingerprint details about a compromised system, preferably in the most stealthy way possible.
Some of our usual tooling for this started getting flagged by EDR products, due to the use of Windows CLI commands. This aggressor script aims to solve that problem by only probing the system using native registry queries, no CLI commands.
https://github.com/optiv/Registry-Recon
❤1
Forwarded from 卩ro 爪Cracker
NTLMRelay2Self over HTTP
Just a walkthrough of how to escalate privileges locally by forcing the system you landed initial access on to reflectively authenticate over HTTP to itself and forward the received connection to an HTTP listener (ntlmrelayx) configured to relay to DC servers over LDAP/LDAPs for either setting shadow credentials or configuring RBCD.
https://github.com/med0x2e/NTLMRelay2Self
#ad #ntlm #relay #rbcd #redteam
Just a walkthrough of how to escalate privileges locally by forcing the system you landed initial access on to reflectively authenticate over HTTP to itself and forward the received connection to an HTTP listener (ntlmrelayx) configured to relay to DC servers over LDAP/LDAPs for either setting shadow credentials or configuring RBCD.
https://github.com/med0x2e/NTLMRelay2Self
#ad #ntlm #relay #rbcd #redteam
GitHub
GitHub - med0x2e/NTLMRelay2Self: An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav).
An other No-Fix LPE, NTLMRelay2Self over HTTP (Webdav). - med0x2e/NTLMRelay2Self
Forwarded from 卩ro 爪Cracker
Ronin
Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.
Features:
▫️ Supports installing/updating/uninstalling of Repositories.
▫️ Provides a Database using DataMapper
▫️ Caches exploits, payloads, scanners, etc stored within Repositories into the Database.
▫️ Convenience methods provided by ronin-support.
▫️ Provides a customized Ruby Console using Ripl
▫️ Provides an extensible command-line interface.
https://github.com/ronin-rb/ronin
Ruby platform for vulnerability research and exploit development. Ronin allows for the rapid development and distribution of code, Exploits or Payloads, Scanners, etc, via Repositories.
Features:
▫️ Supports installing/updating/uninstalling of Repositories.
▫️ Provides a Database using DataMapper
▫️ Caches exploits, payloads, scanners, etc stored within Repositories into the Database.
▫️ Convenience methods provided by ronin-support.
▫️ Provides a customized Ruby Console using Ripl
▫️ Provides an extensible command-line interface.
https://github.com/ronin-rb/ronin
