Bluetooth Forward and Future Secrecy Attacks and Defenses (BLUFFS) [CVE 2023-24023]
https://github.com/francozappa/bluffs
https://github.com/francozappa/bluffs
A simple dll injector for Windows based on WINAPI's LoadLibrary function. Ring3 Injector project
https://github.com/ReFo0/injector
https://github.com/ReFo0/injector
Click-Once + App-Domain Injection
https://github.com/weaselsec/Click-Once-App-Domain-Injection
https://github.com/weaselsec/Click-Once-App-Domain-Injection
ServiceMove: is a POC code for an interesting lateral movement technique by abusing Windows Perception Simulation Service to achieve DLL hijacking code execution
https://github.com/netero1010/ServiceMove-BOF
https://github.com/netero1010/ServiceMove-BOF
Windows Internals / Debugging / Performance Learning Resources
https://github.com/pmatula/Windows-Internals-Debugging-Performance-Learning-Resources
https://github.com/pmatula/Windows-Internals-Debugging-Performance-Learning-Resources
Evading Detection With Nmap Part 2
https://infosecwriteups.com/evading-detection-with-nmap-part-2-7b4861f1377a
https://infosecwriteups.com/evading-detection-with-nmap-part-2-7b4861f1377a
How GitLab's Red Team automates C2 testing
https://about.gitlab.com/blog/2023/11/28/how-gitlabs-red-team-automates-c2-testing
Mythic v3.2 Highlights: Interactive Tasking, Push C2, and Dynamic File Browser
https://posts.specterops.io/mythic-v3-2-highlights-interactive-tasking-push-c2-and-dynamic-file-browser-7035065e2b3d
https://about.gitlab.com/blog/2023/11/28/how-gitlabs-red-team-automates-c2-testing
Mythic v3.2 Highlights: Interactive Tasking, Push C2, and Dynamic File Browser
https://posts.specterops.io/mythic-v3-2-highlights-interactive-tasking-push-c2-and-dynamic-file-browser-7035065e2b3d
GhostDriver: is a Rust-built AV killer tool using BYOVD
https://github.com/BlackSnufkin/GhostDriver
https://github.com/BlackSnufkin/GhostDriver
CTFCON2023-POC: This report documents a local elevation of privilege vulnerability in Active Directory Certificate Services (AD CS)
https://github.com/wh0amitz/CTFCON2023-POC
https://github.com/wh0amitz/CTFCON2023-POC
Autonomous Hacking of PHP Web Applications at the Bytecode Level
https://finixbit.github.io/posts/autonomous-Hacking-of-PHP-Web-Applications-at-the-Bytecode-Level
https://finixbit.github.io/posts/autonomous-Hacking-of-PHP-Web-Applications-at-the-Bytecode-Level
Shooting Yourself in the .flags – Jailbreaking the Sonos Era 100
https://research.nccgroup.com/2023/12/04/shooting-yourself-in-the-flags-jailbreaking-the-sonos-era-100
https://research.nccgroup.com/2023/12/04/shooting-yourself-in-the-flags-jailbreaking-the-sonos-era-100
Owncloud: details about CVE-2023-49103 and CVE-2023-49105
https://www.ambionics.io/blog/owncloud-cve-2023-49103-cve-2023-49105
https://www.ambionics.io/blog/owncloud-cve-2023-49103-cve-2023-49105
EDR Evasion Techniques Using Syscalls
https://hadess.io/edr-evasion-techniques-using-syscalls
https://hadess.io/edr-evasion-techniques-using-syscalls
SQL Brute Force leads to Bluesky Ransomware
https://thedfirreport.com/2023/12/04/sql-brute-force-leads-to-bluesky-ransomware
https://thedfirreport.com/2023/12/04/sql-brute-force-leads-to-bluesky-ransomware
PoCs for Kernel-mode rootkit techniques research
https://github.com/daem0nc0re/VectorKernel
https://github.com/daem0nc0re/VectorKernel
ADOKit: Azure DevOps Services Attack Toolkit
https://github.com/xforcered/ADOKit
https://github.com/xforcered/ADOKit
SharpTokenFinder: A C# implementation of TokenFinder. Enumerates M365 Desktop Office applications for plain text authentication tokens
https://github.com/HuskyHacks/SharpTokenFinder
https://github.com/HuskyHacks/SharpTokenFinder
Hunting Malicious Infrastructure-Headers and Hardcoded/Static Strings
https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
https://michaelkoczwara.medium.com/hunting-malicious-infrastructure-headers-and-hardcoded-static-strings-2d7bb4e46d64
BlueNoroff: new Trojan attacking macOS users
https://securelist.com/bluenoroff-new-macos-malware
https://securelist.com/bluenoroff-new-macos-malware
ownCloud exploits for CVE-2023-49105
https://github.com/ambionics/owncloud-exploits
https://github.com/ambionics/owncloud-exploits