badgerDAPS: A Brute Ratel LDAP query-log sorting tool, for the aspiring anti-LDAP query/Windows powershell hacker
https://github.com/johnjhacking/badgerDAPS
https://github.com/johnjhacking/badgerDAPS
Evading Detection while using nmap
https://infosecwriteups.com/evading-detection-while-using-nmap-69633df091f3
https://infosecwriteups.com/evading-detection-while-using-nmap-69633df091f3
Hunting Sandworm Team’s TTPs
https://montysecurity.medium.com/hunting-sandworm-teams-ttps-57a6fb31dd4b
https://montysecurity.medium.com/hunting-sandworm-teams-ttps-57a6fb31dd4b
PoC Exploit for CVE-2023-46214 Splunk RCE
https://github.com/nathan31337/Splunk-RCE-poc
PoC for CVE-2023-2598 Linux Kernel LPE: PoC of a vulnerability in the io_uring subsystem of the Linux Kernel
https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598
https://github.com/nathan31337/Splunk-RCE-poc
PoC for CVE-2023-2598 Linux Kernel LPE: PoC of a vulnerability in the io_uring subsystem of the Linux Kernel
https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598
Hijacking OAuth Code via Reverse Proxy for Account Takeover
https://blog.voorivex.team/hijacking-oauth-code-via-reverse-proxy-for-account-takeover
https://blog.voorivex.team/hijacking-oauth-code-via-reverse-proxy-for-account-takeover
Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
https://embee-research.ghost.io/combining-pivot-points-to-identify-malware-infrastructure-redline-smokeloader-and-cobalt-strike
https://embee-research.ghost.io/combining-pivot-points-to-identify-malware-infrastructure-redline-smokeloader-and-cobalt-strike
Threat Intelligence Malware Analysis: SolarMarker — To Jupyter and Back - SolarMarker uses process injection to run the hVNC and data staging payload. The actors behind SolarMarker primarily utilize .NET for the majority of their payloads
https://www.esentire.com/blog/solarmarker-to-jupyter-and-back
https://www.esentire.com/blog/solarmarker-to-jupyter-and-back
Introducing the Best EDR Of The Market Project ⚔️
A Little AV/EDR Bypassing Lab for Training & Leaning Purposes
https://xacone.github.io/BestEdrOfTheMarket
BestEDROfTheMarket: is a naive user-mode EDR project, designed to serve as a testing ground for understanding and bypassing EDR's user-mode detection methods that are frequently used by these security solutions.
These techniques are mainly based on a dynamic analysis of the target process state (memory, API calls, etc.),
https://github.com/Xacone/BestEdrOfTheMarket
A Little AV/EDR Bypassing Lab for Training & Leaning Purposes
https://xacone.github.io/BestEdrOfTheMarket
BestEDROfTheMarket: is a naive user-mode EDR project, designed to serve as a testing ground for understanding and bypassing EDR's user-mode detection methods that are frequently used by these security solutions.
These techniques are mainly based on a dynamic analysis of the target process state (memory, API calls, etc.),
https://github.com/Xacone/BestEdrOfTheMarket
AESCrypt implementation of Microsoft Cryptography API, encrypt/decrypt with AES-256 from a passphrase
https://github.com/hackerhouse-opensource/AESCrypt
https://github.com/hackerhouse-opensource/AESCrypt
HavocExploit: A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc
https://github.com/syncwithali/HavocExploit
https://github.com/syncwithali/HavocExploit
Forwarded from Ralf Hacker Channel (Ralf Hacker)
NtlmThief: This is a C++ implementation of the Internal Monologue attack. It allows to get NetNTLM hashes of users using SSPI
https://github.com/MzHmO/NtlmThief
https://github.com/MzHmO/NtlmThief
DotNET XorCryptor: This is a .NET executable packer with payload encryption
https://github.com/DosX-dev/DotNET_XorCryptor
https://github.com/DosX-dev/DotNET_XorCryptor
RunWithDll: A utility that can be used to launch an executable with a DLL injected
https://github.com/TimMisiak/RunWithDll
https://github.com/TimMisiak/RunWithDll
matro7sh_loaders: this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
https://github.com/matro7sh/matro7sh_loaders
https://github.com/matro7sh/matro7sh_loaders
Obfusheader.h is a portable header file for C++14 and higher which implements multiple features for compile-time obfuscation for example string & decimal encryption, control flow, call hiding
https://github.com/ac3ss0r/obfusheader.h
https://github.com/ac3ss0r/obfusheader.h
CVE-2023-4357 Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors
https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE
https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE
Hide your files of any type inside a image of your choice
https://github.com/JoshuaKasa/van-gonography
https://github.com/JoshuaKasa/van-gonography
PenTesting Report Generation and Collaboration Engine
https://github.com/factionsecurity/faction
https://github.com/factionsecurity/faction
InfoSec Black Friday Deals:
Friday Hack Fest 2023 Edition
https://github.com/0x90n/InfoSec-Black-Friday
Friday Hack Fest 2023 Edition
https://github.com/0x90n/InfoSec-Black-Friday
Mass Hunting XSS vulnerabilities
https://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db
https://infosecwriteups.com/mass-hunting-xss-vulnerabilities-5b53363dd3db