Some time last year, I came across a Burp extension on Github that replicates the Invoke Applications functionality from OWASP ZAP in Burp....

One place for all the default credentials to assist the Blue/Red teamers identifying devices with default password 🛡️ - ihebski/DefaultCreds-cheat-sheet

AV/EDR evasion via direct system calls. Contribute to jthuraisamy/SysWhispers2 development by creating an account on GitHub.

MindMap of common Internal Network Pentest workflow and commands. - GitHub - sdcampbell/Internal-Network-Pentest-MindMap: MindMap of common Internal Network Pentest workflow and commands.

A free software to find the components installed in Joomla CMS, built out of the ashes of Joomscan. - drego85/JoomlaScan

Distributed malware processing framework based on Python, Redis and S3. - CERT-Polska/karton

XSS scanner that detects Cross-Site Scripting vulnerabilities in website by injecting malicious scripts - MariaGarber/XSS-Scanner

Like most defenders out there today we keep hearing and seeing CobaltStrike used by actors. I wanted to share some notes on some back of…

Workshop on XML External Entity attacks. 5 exercises with different techniques and tricks to reach RCE.

Our SunburstDomainDecoder tool can now be used to identify SUNBURST victims that have been explicitly targeted by the attackers. The only input needed is passive DNS (pDNS) data for avsvmcloud.com subdomains. Companies and organizations that have installed…

This post will cover how to edit some open source Command & Control (C2) Frameworks source code for AV-Evasion. It will cover Powershell Empire, Pupy C2 ...

Widespread Cross-Platform ElectroRAT Malware Targets Cryptocurrency Users

رابط المدونة
https://huntersploit.blogspot.com
**************** Command *****************
mkdir
mkdir -p
touch
nano
cat
clear
*********************************************