Black_Hat_Python_2nd.pdf
4.6 MB
#Tech_book
"Black Hat Python: Python Programming for Hackers and Pentesters, 2nd Edition", 2021.
]-> Python 3 Source Code:
https://github.com/EONRaider/blackhat-python3
"Black Hat Python: Python Programming for Hackers and Pentesters, 2nd Edition", 2021.
]-> Python 3 Source Code:
https://github.com/EONRaider/blackhat-python3
#tools
#Offensive_security
1. Neton - tool for getting information from Internet connected sandboxes
https://github.com/Aetsu/Neton
2. Debugging Protected Processes
https://itm4n.github.io/debugging-protected-processes
]-> Controlling Windows PP(L)s:
https://github.com/itm4n/PPLcontrol
#Offensive_security
1. Neton - tool for getting information from Internet connected sandboxes
https://github.com/Aetsu/Neton
2. Debugging Protected Processes
https://itm4n.github.io/debugging-protected-processes
]-> Controlling Windows PP(L)s:
https://github.com/itm4n/PPLcontrol
GitHub
GitHub - Aetsu/Neton: Neton is a tool for getting information from Internet connected sandboxes
Neton is a tool for getting information from Internet connected sandboxes - GitHub - Aetsu/Neton: Neton is a tool for getting information from Internet connected sandboxes
#exploit
1. CVE-2022-26265:
Contao CMS v.1.5.0 - RCE
https://github.com/Inplex-sys/CVE-2022-26265
2. CVE-2022-25765:
pdfkit URL Command Injection
https://security.snyk.io/vuln/SNYK-RUBY-PDFKIT-2869795
]-> A Shell exploit: https://github.com/Atsukoro1/PDFKitExploit
1. CVE-2022-26265:
Contao CMS v.1.5.0 - RCE
https://github.com/Inplex-sys/CVE-2022-26265
2. CVE-2022-25765:
pdfkit URL Command Injection
https://security.snyk.io/vuln/SNYK-RUBY-PDFKIT-2869795
]-> A Shell exploit: https://github.com/Atsukoro1/PDFKitExploit
GitHub
GitHub - Inplex-sys/CVE-2022-26265: The first proof of concept of the Contao CMS RCE
The first proof of concept of the Contao CMS RCE. Contribute to Inplex-sys/CVE-2022-26265 development by creating an account on GitHub.
ALASTOR.pdf
1.5 MB
#Research
"ALASTOR: Reconstructing the Provenance of Serverless Intrusions", 2022.
]-> https://bitbucket.org/sts-lab/alastor/src
"ALASTOR: Reconstructing the Provenance of Serverless Intrusions", 2022.
]-> https://bitbucket.org/sts-lab/alastor/src
branch_injection.pdf
289.7 KB
#reversing
"Exploiting Branch Target Injection", 2021.
"Exploiting Branch Target Injection", 2021.
Attacking_riscv.pdf
626.9 KB
#Research
#Hardware_Security
"Control-Flow Integrity at RISC: Attacking RISC-V by Jump-Oriented Programming", 2022.
#Hardware_Security
"Control-Flow Integrity at RISC: Attacking RISC-V by Jump-Oriented Programming", 2022.
hunting_cobaltstrike_beacons.pdf
13.6 MB
#Tech_book
"Finding Beacons in the Dark: A Guide to Cyber Threat Intelligence", 2022.
"Finding Beacons in the Dark: A Guide to Cyber Threat Intelligence", 2022.
vlc_vnc_int_overflow.pdf
94.6 KB
#Whitepaper
"VLC: Integer overflow in vnc module <= 3.0.18 (CVE-2022-41325): Security advisory".
"VLC: Integer overflow in vnc module <= 3.0.18 (CVE-2022-41325): Security advisory".
SSH_pentesting.pdf
2.1 MB
#Whitepaper
"SSH Penetration Testing", 2022.
"SSH Penetration Testing", 2022.
Scapolite.pdf
1.3 MB
#hardening
"Hardening with Scapolite: a DevOps-based Approach for Improved Authoring and Testing of Security-Configuration Guides in Large Scale Organizations", 2022.
"Hardening with Scapolite: a DevOps-based Approach for Improved Authoring and Testing of Security-Configuration Guides in Large Scale Organizations", 2022.
UAV_security.pdf
1005.8 KB
#Research
"UAV Traffic Management: A Survey On Communication Security", 2022.
"UAV Traffic Management: A Survey On Communication Security", 2022.
TLB_DR.pdf
245.1 KB
#reversing
"TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering", 2022.
]-> https://github.com/vusec/tlbdr
"TLB;DR: Enhancing TLB-based Attacks with TLB Desynchronized Reverse Engineering", 2022.
]-> https://github.com/vusec/tlbdr
Forwarded from Bug Bounty
Offensive Security Approved OSCP Notes
Link : https://oscpnotes.infosecsanyam.in/My_OSCP_Preparation_Notes.html
#bugbounty #OSCP #infosec #pentest
Link : https://oscpnotes.infosecsanyam.in/My_OSCP_Preparation_Notes.html
#bugbounty #OSCP #infosec #pentest
🔰 8000+ XSS Payloads
#bugbounty #Infosec
Git Ripo : https://github.com/Aacle/xss_payload
Check This Out : 👆
#bugbounty #Infosec
Git Ripo : https://github.com/Aacle/xss_payload
Check This Out : 👆
GitHub
GitHub - radhasec/xss_payload
Contribute to radhasec/xss_payload development by creating an account on GitHub.
Forwarded from Bug Bounty
🔰All Google Dorks
#bugbounty #infosec
• Operators
• Purposes
• Can be Mixed with other operators ?
• Can be used alone ?
• Does Search Work in ? : Web, Image, Groups, News
Download In More Clarity : https://bugbountyguide.org/index.php/mindmaps-cheatsheets/
Check this Out : 👆
#bugbounty #infosec
• Operators
• Purposes
• Can be Mixed with other operators ?
• Can be used alone ?
• Does Search Work in ? : Web, Image, Groups, News
Download In More Clarity : https://bugbountyguide.org/index.php/mindmaps-cheatsheets/
Check this Out : 👆
Awesome Hacker Search Engines
https://github.com/edoardottt/awesome-hacker-search-engines
// Repo containing search engines and online services useful for pentesting, general security, red team, bug bounty etc
●▬۩❁ credits:@geeekgirls ❁۩▬●
https://github.com/edoardottt/awesome-hacker-search-engines
// Repo containing search engines and online services useful for pentesting, general security, red team, bug bounty etc
●▬۩❁ credits:@geeekgirls ❁۩▬●
GitHub
GitHub - edoardottt/awesome-hacker-search-engines: A curated list of awesome search engines useful during Penetration testing,…
A curated list of awesome search engines useful during Penetration testing, Vulnerability assessments, Red/Blue Team operations, Bug Bounty and more - edoardottt/awesome-hacker-search-engines
Wi-Fi Exploitation Framework
https://github.com/D3Ext/WEF
Stealer + Clipper + Keylogger
https://github.com/Stealerium/Stealerium
JavaScript file crawler and secret finder
https://github.com/oppsec/Pinkerton
Reveals invisible links within JavaScript files
https://github.com/riza/linx
A simple CLI for converting WARC to Parquet
https://github.com/maxcountryman/warc-parquet
Web-See is Tool For Checkout Status Of Urls in Mass Its For Bug Bounty Hunters And Black Hat Hackers
https://github.com/indiancybertroops/Web-See
https://github.com/D3Ext/WEF
Stealer + Clipper + Keylogger
https://github.com/Stealerium/Stealerium
JavaScript file crawler and secret finder
https://github.com/oppsec/Pinkerton
Reveals invisible links within JavaScript files
https://github.com/riza/linx
A simple CLI for converting WARC to Parquet
https://github.com/maxcountryman/warc-parquet
Web-See is Tool For Checkout Status Of Urls in Mass Its For Bug Bounty Hunters And Black Hat Hackers
https://github.com/indiancybertroops/Web-See
GitHub
GitHub - D3Ext/WEF: Wi-Fi Exploitation Framework
Wi-Fi Exploitation Framework. Contribute to D3Ext/WEF development by creating an account on GitHub.
#Python Ethical Hacking, published by Packt
https://github.com/PacktPublishing/Python-Ethical-Hacking
A pure #Python Network Packet Sniffing tool
https://github.com/EONRaider/Packet-Sniffer
#Python Script to access ATT&CK content available in STIX via a public TAXII server
https://github.com/OTRF/ATTACK-Python-Client
#Python Scripts for Hacking
https://github.com/Adastra-thw/pyHacks
https://github.com/PacktPublishing/Python-Ethical-Hacking
A pure #Python Network Packet Sniffing tool
https://github.com/EONRaider/Packet-Sniffer
#Python Script to access ATT&CK content available in STIX via a public TAXII server
https://github.com/OTRF/ATTACK-Python-Client
#Python Scripts for Hacking
https://github.com/Adastra-thw/pyHacks
GitHub
GitHub - PacktPublishing/Python-Ethical-Hacking: Python Ethical Hacking, published by Packt
Python Ethical Hacking, published by Packt. Contribute to PacktPublishing/Python-Ethical-Hacking development by creating an account on GitHub.