Security Brief: TA866 Returns with a Large Email Campaign
https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta866-returns-large-email-campaign
Parrot TDS: A Persistent and Evolving Malware Campaign
https://unit42.paloaltonetworks.com/parrot-tds-javascript-evolution-analysis
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta866-returns-large-email-campaign
Parrot TDS: A Persistent and Evolving Malware Campaign
https://unit42.paloaltonetworks.com/parrot-tds-javascript-evolution-analysis
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
LOLSpoof: is a an interactive shell program that automatically spoof the command line arguments of the spawned process
https://github.com/itaymigdal/LOLSpoof
https://github.com/itaymigdal/LOLSpoof
Forwarded from Ralf Hacker Channel (Ralf Hacker)
EvadingEDR.pdf
13.4 MB
My Bug Hunting Methodology.txt
13.7 KB
Bug Hunting Methodology
https://github.com/WadQamar10/My-Hunting-Methodology-
https://github.com/WadQamar10/My-Hunting-Methodology-
Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite "Lazy Bundle" mitigation
https://github.com/michalbednarski/TheLastBundleMismatch
https://github.com/michalbednarski/TheLastBundleMismatch
Remote TLS Callback Injection:
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
https://github.com/Maldev-Academy/RemoteTLSCallbackInjection
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
https://github.com/Maldev-Academy/RemoteTLSCallbackInjection
GraphStrike: is a suite of tools that enables Cobalt Strike's HTTPS Beacon to use Microsoft Graph API for C2 communications
https://github.com/RedSiege/GraphStrike
https://github.com/RedSiege/GraphStrike
Domain Escalation – Backup Operator
https://pentestlab.blog/2024/01/22/domain-escalation-backup-operator
https://pentestlab.blog/2024/01/22/domain-escalation-backup-operator
Atlassian Confluence - Remote Code Execution (CVE-2023-22527)
https://blog.projectdiscovery.io/atlassian-confluence-ssti-remote-code-execution
https://blog.projectdiscovery.io/atlassian-confluence-ssti-remote-code-execution
the Google search bar enough to hack Belgian companies?
https://blog.nviso.eu/2024/01/22/is-the-google-search-bar-enough-to-hack-belgium-companies
https://blog.nviso.eu/2024/01/22/is-the-google-search-bar-enough-to-hack-belgium-companies
How Threat Actors Leveraged HAR Files To Attack Okta’s Customers
https://www.rezonate.io/blog/har-files-attack-okta-customers
https://www.rezonate.io/blog/har-files-attack-okta-customers
Cracked software beats gold: new macOS backdoor stealing cryptowallets
https://securelist.com/new-macos-backdoor-crypto-stealer
https://securelist.com/new-macos-backdoor-crypto-stealer
ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals
https://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals
https://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals
Building Windows Shellcode in Linux
https://github.com/defparam/win_shellcode_builder
https://github.com/defparam/win_shellcode_builder
InjectKit: This repository contains modified versions of the Cobalt Strike Process Injection Kit
https://github.com/REDMED-X/InjectKit
https://github.com/REDMED-X/InjectKit
1.6_C2: Using the Counter Strike 1.6 RCON protocol as a C2 Channel
https://github.com/eversinc33/1.6_C2
https://github.com/eversinc33/1.6_C2
EventLogCrasher: PoC for a bug, that allows any user to crash the Windows Event Log service of any other Windows 10/Windows Server 2022 machine on the same domain
https://github.com/floesen/EventLogCrasher
https://github.com/floesen/EventLogCrasher
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
https://github.com/horizon3ai/CVE-2024-0204
CVE-2023-4863 Heap buffer overflow in Google libwebp (WebP)
https://github.com/LiveOverflow/webp-CVE-2023-4863
CVE-2023-22527 RCE using SSTI in Confluence
https://github.com/Vozec/CVE-2023-22527
https://github.com/horizon3ai/CVE-2024-0204
CVE-2023-4863 Heap buffer overflow in Google libwebp (WebP)
https://github.com/LiveOverflow/webp-CVE-2023-4863
CVE-2023-22527 RCE using SSTI in Confluence
https://github.com/Vozec/CVE-2023-22527
Frameless BITB: A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx
https://github.com/waelmas/frameless-bitb
https://github.com/waelmas/frameless-bitb
Hiding payloads in Java source code strings
https://portswigger.net/research/hiding-payloads-in-java-source-code-strings
https://portswigger.net/research/hiding-payloads-in-java-source-code-strings
ADCS Attack Paths in BloodHound — Part 1
https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-1-799f3d3b03cf
Rust for Cyber Security and Red Teaming
https://infosecwriteups.com/rust-for-cyber-security-and-red-teaming-275595d3fdec
https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-1-799f3d3b03cf
Rust for Cyber Security and Red Teaming
https://infosecwriteups.com/rust-for-cyber-security-and-red-teaming-275595d3fdec