#Offensive_security
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk, plus functions and strings obfuscation, duplicate lsass handle from existed processes
https://github.com/D1rkMtr/DumpThatLSASS
Dumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk, plus functions and strings obfuscation, duplicate lsass handle from existed processes
https://github.com/D1rkMtr/DumpThatLSASS
#Threat_Research
1. Analysis of the First Critical Vulnerability of Aptos Move VM
https://medium.com/numen-cyber-labs/analysis-of-the-first-critical-0-day-vulnerability-of-aptos-move-vm-8c1fd6c2b98e
2. OWASSRF - New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations
1. Analysis of the First Critical Vulnerability of Aptos Move VM
https://medium.com/numen-cyber-labs/analysis-of-the-first-critical-0-day-vulnerability-of-aptos-move-vm-8c1fd6c2b98e
2. OWASSRF - New Exploit Method for Exchange Bypassing ProxyNotShell Mitigations
https://www.crowdstrike.com/blog/owassrf-exploit-analysis-and-recommendations
Medium
Analysis of the First Critical 0-Day Vulnerability of Aptos Move VM
An Analysis on a Critical Aptos vulnerability discovered by Numen Cyber Technology
#Red_Team_Tactics
1. Process reparenting in MS Windows
https://blog.trailofbits.com/2022/12/20/process-reparenting-microsoft-windows
2. CLI tool/library to enhance and speed up script/exploit writing with string conversion/manipulation
https://github.com/noraj/ctf-party
1. Process reparenting in MS Windows
https://blog.trailofbits.com/2022/12/20/process-reparenting-microsoft-windows
2. CLI tool/library to enhance and speed up script/exploit writing with string conversion/manipulation
https://github.com/noraj/ctf-party
Trail of Bits Blog
What child is this?
A Primer on Process Reparenting in Windows By Yarden Shafir Process reparenting is a technique used in Microsoft Windows to create a child process under a different parent process than the one maki…
#tools
#Malware_analysis
1. PortexAnalyzer - free PE parser tailored for malware analysis
https://github.com/struppigel/PortexAnalyzerGUI/releases
2. XLLing in Excel - Evolution of malicious XLLs
https://blog.talosintelligence.com/xlling-in-excel-malicious-add-ins
#Malware_analysis
1. PortexAnalyzer - free PE parser tailored for malware analysis
https://github.com/struppigel/PortexAnalyzerGUI/releases
2. XLLing in Excel - Evolution of malicious XLLs
https://blog.talosintelligence.com/xlling-in-excel-malicious-add-ins
GitHub
Releases · struppigel/PortexAnalyzerGUI
Graphical interface for PortEx, a Portable Executable and Malware Analysis Library - struppigel/PortexAnalyzerGUI
#exploit
1. CVE-2022-48870:
maccms admin+ xss attacks
https://github.com/Cedric1314/CVE-2022-48870
2. CVE-2022-39253:
Docker host file read
https://github.com/ssst0n3/docker-cve-2022-39253-poc
1. CVE-2022-48870:
maccms admin+ xss attacks
https://github.com/Cedric1314/CVE-2022-48870
2. CVE-2022-39253:
Docker host file read
https://github.com/ssst0n3/docker-cve-2022-39253-poc
GitHub
GitHub - Cedric1314/CVE-2022-44870: maccms admin+ xss attacks
maccms admin+ xss attacks . Contribute to Cedric1314/CVE-2022-44870 development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
chatgpt_chinese_prompt_hack
Use prompt hack to bypass OpenAI's content policy restrictions by golfzert
https://github.com/golfzert/chatgpt-chinese-prompt-hack
Use prompt hack to bypass OpenAI's content policy restrictions by golfzert
https://github.com/golfzert/chatgpt-chinese-prompt-hack
Forwarded from 卩ro 爪Cracker
hackGPT
OpenAI and #ChatGPT to do hackerish things by NoDataFound
https://github.com/NoDataFound/hackGPT
OpenAI and #ChatGPT to do hackerish things by NoDataFound
https://github.com/NoDataFound/hackGPT
Forwarded from 卩ro 爪Cracker
Forwarded from 卩ro 爪Cracker
Puckungfu: A NETGEAR WAN Command Injection
https://ift.tt/8pYDvB4
Submitted December 22, 2022 at 05:02PM by ArbitraryWrite
via reddit https://ift.tt/paMGtRe
https://ift.tt/8pYDvB4
Submitted December 22, 2022 at 05:02PM by ArbitraryWrite
via reddit https://ift.tt/paMGtRe
NCC Group Research
Puckungfu: A NETGEAR WAN Command Injection
Summary Vulnerability Details Overview Execution Flow /bin/pucfu /usr/lib/libfwcheck.so get_check_fw fw_check_api curl_post /lib/libpu_util.so SetFileValue pegaPopen Check Firmware HTTPS Normal Req…
Forwarded from 卩ro 爪Cracker
CVE-2022-2602
PoC Kernel Privilege Escalation Linux
https://github.com/kiks7/CVE-2022-2602-Kernel-Exploit
#cve
PoC Kernel Privilege Escalation Linux
https://github.com/kiks7/CVE-2022-2602-Kernel-Exploit
#cve
Copilot, for your terminal
A CLI tool that generates shell scripts from a human readable description.
https://github.com/m1guelpf/plz-cli
A CLI tool that generates shell scripts from a human readable description.
https://github.com/m1guelpf/plz-cli
SquarePhish
SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes.
https://github.com/secureworks/squarephish
SquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes.
https://github.com/secureworks/squarephish
MSI Shenanigans
This repository contains Proof of Concept code and harmless weaponised packages representing various weaponisation strategies that Threat Actors abuse in Windows Installer MSI format.
https://github.com/mgeeky/msi-shenanigans
MSI Shenanigans. Part 1 – Offensive Capabilities Overview:
https://mgeeky.tech/msi-shenanigans-part-1/
This repository contains Proof of Concept code and harmless weaponised packages representing various weaponisation strategies that Threat Actors abuse in Windows Installer MSI format.
https://github.com/mgeeky/msi-shenanigans
MSI Shenanigans. Part 1 – Offensive Capabilities Overview:
https://mgeeky.tech/msi-shenanigans-part-1/