wget-root :

If the wget binary has the SUID bit set, It does not drop the elevated privileges and may be abused to access the file system. It may be used to do privileged writes or write files outside a restricted file system. This script automates the rewriting of the passwd file of the victim's machine.

https://github.com/CopernicusPY/wget-root

Apache Tomcat Vulnerability Scanner:
https://github.com/p0dalirius/ApacheTomcatScanner

ATLAS - Malware Analysis Description
https://github.com/MALWARE-ATLAS/ATLAS

Linux kernel through 5.18.9 LPE

POC:

https://github.com/veritas501/CVE-2022-34918

#Linux #Kernel #LPE

Powershell script that can be used by Blue Teams, Incident Responders and System Administrators to hunt persistences implanted in Windows machines.
https://github.com/last-byte/PersistenceSniper/

Certipy 4.0: ESC9 & ESC10, BloodHound GUI, New Authentication and Request Methods — and more!
https://research.ifcr.dk/certipy-4-0-esc9-esc10-bloodhound-gui-new-authentication-and-request-methods-and-more-7237d88061f7
https://github.com/ly4k/Certipy

This script allows to find MySQLi vulnerabilities Based on Errors with nuclei
https://github.com/HernanRodriguez1/ScanMySQLiErrorBased-Nuclei

redteam infra

https://github.com/chipmanfu/RGI-redteam-scripts

PersistAssist is a fully modular persistence framework written in C#. All persistence techniques contain a cleanup method which will server to remove the persistence aside from the persistence code. This is a WIP so there are many empty classes, the main object of this project initially was to build out a fully modular framework meant to make adding new features as simple as inheriting a class and adding the code.
https://github.com/FortyNorthSecurity/PersistAssist

GoAVBypass
https://github.com/TideSec/GoBypassAV

JMX enumeration and attacking tool
https://github.com/qtc-de/beanshooter

winapi search:

https://dennisbabkin.com/winapisearch/

A Python script to exploit CVE-2022-36446 Software Package Updates RCE (Authenticated) on Webmin < 1.997
for mitigation Update to Webmin >= 1.997

https://github.com/p0dalirius/CVE-2022-36446-Webmin-Software-Package-Updates-RCE
#webmin #rce

An automatic unpacker and logger for DotNet Framework targeting files! This tool has been unveiled at Black Hat USA 2022.

https://github.com/advanced-threat-research/DotDumper

#unpacker #DotNet

This repository contains de materials for the talk "Exploring the hidden attack surface of OEM IoT devices: pwning thousands of routers with a vulnerability in Realtek’s SDK for eCos OS.", which was presented at DEFCON30.

https://github.com/infobyte/cve-2022-27255
#Realtek #eCos

Parameter miner for zap

https://github.com/zaproxy/zap-extensions
#bugbounty

Sandman is a NTP based backdoor for red team engagements in hardened networks.

https://github.com/Idov31/Sandman

#NTP #backdoor

TOP All bugbounty pentesting CVE-2022- POC Exp RCE example payload Things
https://github.com/hktalent/TOP
#bugbounty

Zimbra RCE simple poc
https://github.com/vnhacker1337/CVE-2022-27925-PoC
#Zimbra #RCE

Security researchers discovered 3 vulnerabilities in the Linux kernel that could allow a local attacker to elevate privileges and potentially execute malicious code. The proof-of-concept code is publicly available increasing the likelihood of exploitation in the wild.

https://github.com/greek0x0/2022-LPE-UAF

https://zplin.me/papers/DirtyCred-Zhenpeng.pdf

#LPE