Real profit
2.88K subscribers
107 photos
4 videos
155 files
3.37K links
Just invest your time
Download Telegram
A simple PoC of injection shellcode into a remote process and get the output using namepipe
https://github.com/MaorSabag/interactive-execute-shellcode
whats-spoofing: Whatsapp Exploit to spoofing impersonate of reply message
https://github.com/lichti/whats-spoofing
Some tips to earn your first bounty to find XSS,Blind-XSS,SQLI,SSRF,LFI,LOG4J using some handy automation tools
https://medium.com/@Alra3ees/some-tips-to-earn-your-first-bounty-find-xss-blind-xss-sqli-ssrf-lfi-log4j-using-some-handy-tools-2ae31afeae1a
AtlasLdr: Reflective x64 loader implemented using dynamic indirect syscalls
https://github.com/Krypteria/AtlasLdr
NotEnough: This tool calculates tricky canonical huffman histogram for CVE-2023-4863
https://github.com/caoweiquan322/NotEnough
Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook:
Part 1    ○●    Part 2
bbs: is a router for SOCKS and HTTP proxies
https://github.com/synacktiv/bbs
Useful tools for searching for WebCams, Information Channels and public access Wifi for the collection of information useful for analysis activities
https://github.com/CScorza/OSINTSurveillance
What Are Server-Side Request Forgeries And How To Exploit Them
https://blog.novasec.io/what-are-server-side-request-forgeries-ssrf-and-how-to-exploit-them
npm search RCE? - Escape Sequence Injection
https://blog.solidsnail.com/posts/npm-esc-seq
Windows CLFS and five exploits used by ransomware operators
https://securelist.com/windows-clfs-exploits-ransomware
codecave hook: reverse engineering toolkit
https://github.com/byte2mov/codecave-hook
Just another C2 Redirector using CloudFlare
https://github.com/som3canadian/Cloudflare-Redirector
SharpHIBP: A C# Tool to gather information about email breaches
https://github.com/dmcxblue/SharpHIBP
smtpsmug: Script to help analyze mail servers for SMTP Smuggling vulnerabilities.
https://github.com/hannob/smtpsmug
sessionless: TokenSigner is a Burp Suite extension for editing, signing, verifying various signed web tokens
https://github.com/d0ge/sessionless
AuthLogParser: is a powerful DFIR tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log
https://github.com/YosfanEilay/AuthLogParser