SharpLateral: is a tool that includes 4 different methods for performing lateral movement in the AD environment and is written in C#
https://github.com/mertdas/SharpLateral
https://github.com/mertdas/SharpLateral
.NetConfigLoader: List of .Net application signed by Microsoft that can be used to load a dll via a .config file. Ideal for EDR/AV evasion and execution policy bypass
https://github.com/Mr-Un1k0d3r/.NetConfigLoader
https://github.com/Mr-Un1k0d3r/.NetConfigLoader
On-Prem Software CVE-2023-47246 Vulnerability
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
Abusing Microsoft Access "Linked Table" Feature to Perform NTLM Forced Authentication Attacks
https://research.checkpoint.com/2023/abusing-microsoft-access-linked-table-feature-to-perform-ntlm-forced-authentication-attacks
https://research.checkpoint.com/2023/abusing-microsoft-access-linked-table-feature-to-perform-ntlm-forced-authentication-attacks
Demystifying Cobalt Strike’s “make_token” Command
https://research.nccgroup.com/2023/11/10/demystifying-cobalt-strikes-make_token-command
https://research.nccgroup.com/2023/11/10/demystifying-cobalt-strikes-make_token-command
Malware Unpacking With Hardware Breakpoints - Cobalt Strike Shellcode Loader
https://embee-research.ghost.io/unpacking-malware-with-hardware-breakpoints-cobalt-strike
https://embee-research.ghost.io/unpacking-malware-with-hardware-breakpoints-cobalt-strike
FalconHound, attack path management for blue teams
https://medium.com/falconforce/falconhound-attack-path-management-for-blue-teams-42adedc9cae5
https://medium.com/falconforce/falconhound-attack-path-management-for-blue-teams-42adedc9cae5
High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites
https://unit42.paloaltonetworks.com/dangers-of-clickbait-sites
https://unit42.paloaltonetworks.com/dangers-of-clickbait-sites
WhoamiAlternatives: Different methods to get current username without using whoami
https://github.com/ricardojoserf/WhoamiAlternatives
https://github.com/ricardojoserf/WhoamiAlternatives
Privilege escalation vulnerabilities in Ubuntu/Kali Linux (CVE-2023-2640 and CVE-2023-32629)
https://gist.github.com/win3zz/aa1ac16c4458aaaec6dd79343b8cd46f
https://gist.github.com/win3zz/aa1ac16c4458aaaec6dd79343b8cd46f
Exploiting Windows Kernel Wild Copy With User Fault Handling (CVE-2023–28218)
https://blog.theori.io/exploiting-windows-kernel-wild-copy-with-user-fault-handling-cve-2023-28218-89f5189d0926
https://blog.theori.io/exploiting-windows-kernel-wild-copy-with-user-fault-handling-cve-2023-28218-89f5189d0926
Flare-On 2023 Challenge 7 (flake) - Solving a compiled Python challenge using native tools
https://www.x86matthew.com/view_post?id=flareon_2023_7
https://www.x86matthew.com/view_post?id=flareon_2023_7
Awesome GPT Agents:
A curated list of GPT agents for cybersecurity
https://github.com/fr0gger/Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
https://github.com/fr0gger/Awesome-GPT-Agents
Exploring Antivirus and EDR evasion techniques step-by-step
Part 1:
https://infosecwriteups.com/exploring-antivirus-and-edr-evasion-techniques-step-by-step-part-1-6459563b12ea
Part 2:
https://infosecwriteups.com/exploring-antivirus-and-edr-evasion-techniques-step-by-step-part-2-4310c58cdc31
Part 1:
https://infosecwriteups.com/exploring-antivirus-and-edr-evasion-techniques-step-by-step-part-1-6459563b12ea
Part 2:
https://infosecwriteups.com/exploring-antivirus-and-edr-evasion-techniques-step-by-step-part-2-4310c58cdc31
2023-A-3-Years-Tale-of-Hacking-a-Pwn2Own-Target.pdf
3.2 MB
HEXACON2023 - A 3-Year Tale of Hacking a Pwn2Own Target by Orange Tsai
Video:
https://www.youtube.com/watch?v=uGofhlB1vZU
Slides:
https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2023-A-3-Years-Tale-of-Hacking-a-Pwn2Own-Target.pdf
Video:
https://www.youtube.com/watch?v=uGofhlB1vZU
Slides:
https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2023-A-3-Years-Tale-of-Hacking-a-Pwn2Own-Target.pdf
Shellcode Loader/Execute Shellcode - Automate with Python Programming
https://www.youtube.com/watch?v=hWbfifU8TtA&feature
https://www.youtube.com/watch?v=hWbfifU8TtA&feature
Wndows-Drive-Remapping-EoP: Windows System Drive Remapping - Elevation of Privileges
https://github.com/bluefrostsecurity/Windows-Drive-Remapping-EoP
https://github.com/bluefrostsecurity/Windows-Drive-Remapping-EoP
SharpReflectivePEInjection: reflectively load and execute PEs locally and remotely bypassing EDR hooks
https://github.com/cpu0x00/SharpReflectivePEInjection
https://github.com/cpu0x00/SharpReflectivePEInjection
MS Graph Commands and Tools for Blue Teamers
https://github.com/xg5-simon/MS-Graph-BlueTeam
https://github.com/xg5-simon/MS-Graph-BlueTeam
VisualStudio .suo deserialization Exploit
https://github.com/moom825/visualstudio-suo-exploit
https://github.com/moom825/visualstudio-suo-exploit