EyeRat: A tool for building remote access trojan
Whenever the user has an instruction to send to RAT, the user's application sends a special command to RAT such as: Tpict (to take a photo from the camera).
📖 Read
#infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #opensource #linux #rat #trojan #tools #kali
@YourJiniNews
Whenever the user has an instruction to send to RAT, the user's application sends a special command to RAT such as: Tpict (to take a photo from the camera).
📖 Read
#infosec #cybersecurity #redteam #pentest #pentesting #hacking #hackers #opensource #linux #rat #trojan #tools #kali
@YourJiniNews
GitHub
GitHub - AdolfMacro/eyeRat: A tool for building remote access trojan.
A tool for building remote access trojan. Contribute to AdolfMacro/eyeRat development by creating an account on GitHub.
👍2
Forwarded from 卩ro 爪Cracker
windows-kernel-exploits-mini-pack.zip
141.6 KB
Windows Kernel Exploits
miniPack + bonus (HEVD-HackSys Extreme Vulnerable Driver)
miniPack + bonus (HEVD-HackSys Extreme Vulnerable Driver)
Forwarded from 卩ro 爪Cracker
CVE-2022-26809 RCE Exploit
Weakness in a core Windows component (RPC) earned a CVSS score of 9.8 not without a reason, as the attack does not require authentication and can be executed remotely over a network, and can result in remote code execution (RCE) with the privileges of the RPC service, which depends on the process hosting the RPC runtime.
That critcal bug, with a bit of luck, allows to gain access to unpatched Windows host running SMB. The vulnerability can be exploited both from outside the network in order to breach it as well as between machines in the network.
https://github.com/rkxxz/CVE-2022-26809
Vendor Information:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
https://www.pwndefend.com/2022/04/14/cve-2022-26809/
#cve #poc #exploit
Weakness in a core Windows component (RPC) earned a CVSS score of 9.8 not without a reason, as the attack does not require authentication and can be executed remotely over a network, and can result in remote code execution (RCE) with the privileges of the RPC service, which depends on the process hosting the RPC runtime.
That critcal bug, with a bit of luck, allows to gain access to unpatched Windows host running SMB. The vulnerability can be exploited both from outside the network in order to breach it as well as between machines in the network.
https://github.com/rkxxz/CVE-2022-26809
Vendor Information:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26809
https://www.pwndefend.com/2022/04/14/cve-2022-26809/
#cve #poc #exploit
Forwarded from 卩ro 爪Cracker
CVE-2022-26717
Safari WebGL XFB Use After Free Vulnerability
https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit
#cve #exploit
Safari WebGL XFB Use After Free Vulnerability
https://github.com/theori-io/CVE-2022-26717-Safari-WebGL-Exploit
#cve #exploit
GitHub
GitHub - theori-io/CVE-2022-26717-Safari-WebGL-Exploit
Contribute to theori-io/CVE-2022-26717-Safari-WebGL-Exploit development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
Forwarded from Bhartiya Hunters🇮🇳 (Founder & CEO •)
Quip
A Tale of Confusing IDOR 😤
Hi!!
Forwarded from 卩ro 爪Cracker
API Unhooking
An article about a new method of avoiding AV/EDR by creating a process in a suspended state and getting a copy of the ntdll from the new process before it is hijacked by AV/EDR.
Research:
https://dosxuz.gitlab.io/post/perunsfart/
PoC:
https://github.com/dosxuz/PerunsFart
An article about a new method of avoiding AV/EDR by creating a process in a suspended state and getting a copy of the ntdll from the new process before it is hijacked by AV/EDR.
Research:
https://dosxuz.gitlab.io/post/perunsfart/
PoC:
https://github.com/dosxuz/PerunsFart
dosxuz.gitlab.io
API Unhooking with Perun's Fart
Pre-requisites To fully understand this topic, one needs to have some knowledge about the following concepts:
Little bit of C++ programming Some knowledge of API hooking by AV/EDR software Basic understanding of the PE structures Basic knowledge about Win32…
Little bit of C++ programming Some knowledge of API hooking by AV/EDR software Basic understanding of the PE structures Basic knowledge about Win32…
👍4
Forwarded from 卩ro 爪Cracker
rtfquizmasterks_customer.json
36.5 MB
Website: rewardthefan.com
Date: May 21, 2021
Lines: 97K
Fields:
'customer_id', 'active_reward_points', 'email', 'image_path', 'is_blocked', 'is_otp_verified', 'magicwand', 'no_of_lives', 'phone' , 'rtf_cur_val_bal', 'rtf_points', 'sf_ques_level', 'super_fan_chances', 'user_id.VivaAir -Columbia.txt
1.8 GB
2M lines Datasets
from Viva Air Columbia
Headers:
AccountID|FilenameXml|FilenameExtension|DateProduction|PeriodFrom|PeriodTo|CutoffTime|VersionXml|MerchantID|OrderID|EffortID|AttemptID|Recordcategory|Recordtype|PaymentReference|AdditionalReference|CurrencyLocal|AmountLocal|CurrencyDelivered|AmountDelivered|PaymentCountry|PaymentStatus|TransactionDateTime|ErrorCodes|ErrorMessages|CardNumber|ExpiryDate|IssueNumber|AuthorizationCode|PaymentGroupId|PaymentMethodId|PaymentProductId|IIN|IssuerCountry|PaymentProcessorID|MID|NumberOfInstallments|FraudResult|FraudCode|FraudStatus|ThirdPartyReferenceNumber1|ThirdPartyReferenceNumber2|ThirdPartyReferenceNumber3|Street|Zip|City|CountryCode|LanguageCode|Phonenumber|Email|EmailTypeIndicator|IPAddressCustomer|BillingStreet|BillingZip|BillingCity|BillingCountryCode|BillingPhonenumber|BillingEmail|BillingEmailTypeIndicator|AirlineCode|AirlineName|TicketNumber|PassengerName|FlightDate|DateUpload|NrOfInstallments|DateDue|AmountDue|OrderCurrency|OrderAmount|CreditcardCompany|Forwarded from 卩ro 爪Cracker