Couple.uk Database

https://anonfiles.com/34W2y764ub/members_csv

#cheatsheet

Cheatsheet Resources

Command-Line-Cheatsheet - Interactive command-line cheatsheet tool.

Python-Cheatsheet - A comprehensive Python cheatsheet.

Kali-Linux-Cheetsheet - Kali Linux cheatsheet.

PayloadAllTheThings - Payloads and cheatsheet for PT.

Awesome-RedTeam-Cheatsheet - AD and pentesting cheatsheet

Reverse-Proxies-Cheatsheet - Reverse proxies cheatsheet.

Reverse Shell-Cheatsheet - Reverse shell cheatsheet

SQL-Injection-Cheatsheet - SQL Injection cheatsheet.

Simulating attacks with Sysmon

Research:
https://rootdse.org/posts/understanding-sysmon-events/

Tool:
https://github.com/ScarredMonk/SysmonSimulator

#sysmon #simulator #blueteam #lab

​CVE-2022-23642

PoC for Sourcegraph Gitserver 3.37.0 RCE

Sourcegraph prior to 3.37.0 has a remote code execution vulnerability on its gitserver service. This is due to lack of restriction on git config execution thus "core.sshCommand" can be passed on the HTTP arguments which can contain arbitrary bash commands. Note that this is only possible if gitserver is exposed to the attacker.

https://github.com/Altelus1/CVE-2022-23642

Research:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23642

#exploit #cve

COFFInjector

A Proof of Concept code - loading and injecting MSVC object file.

https://github.com/0xpat/COFFInjector

Research:
https://0xpat.github.io/Malware_development_part_8/

𝗪𝗵𝗮𝘁 𝗶𝘀 𝘁𝗵𝗲 𝗧𝗖𝗣/𝗜𝗣 𝗠𝗼𝗱𝗲𝗹?

Introduction to TCP/IP Model. 🧵👇🏻

It is a standardization model for computer networking. The OSI model, while widely referenced, is not used in practice. The TCP/IP model, on the other hand, is the real deal. Fortunately, it's not all that different.


https://twitter.com/xtremepentest/status/1535919885586513920?t=CYsB6fjYnnnxarfpZ3pEUw&s=19

https://github.com/Screetsec/TheFatRat

Thefatrat a massive exploiting tool : Easy tool to generate backdoor and easy tool to post exploitation attack like browser attack and etc . This tool compiles a malware with popular payload and then the compiled malware can be execute on windows, android, mac . The malware that created with this tool also have an ability to bypass most AV softw…

https://github.com/SecuProject/DLLHijackingScanner

This is a PoC for bypassing UAC using DLL hijacking and abusing the "Trusted Directories" verification.

These people are underestimating the Indian hackers, then show them some power. Their twitter handle: https://twitter.com/DragonForceIO

From XSS to reverse shell with BeEF
https://youtu.be/cdVxC-Fwgyo

https://github.com/youhacker55/BeefAuto

python script Automate Beef And Configure it to use overwan by using ngrok to open ports

https://github.com/swagkarna/Nivistealer

steal victim images exact location device info and much more

From XSS to reverse shell with BeEF
https://youtu.be/cdVxC-Fwgyo

https://github.com/pussycat0x/malicious-pdf

Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator