the Google search bar enough to hack Belgian companies?
https://blog.nviso.eu/2024/01/22/is-the-google-search-bar-enough-to-hack-belgium-companies

How Threat Actors Leveraged HAR Files To Attack Okta’s Customers
https://www.rezonate.io/blog/har-files-attack-okta-customers

Cracked software beats gold: new macOS backdoor stealing cryptowallets
https://securelist.com/new-macos-backdoor-crypto-stealer

ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals
https://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals

Building Windows Shellcode in Linux
https://github.com/defparam/win_shellcode_builder

InjectKit: This repository contains modified versions of the Cobalt Strike Process Injection Kit
https://github.com/REDMED-X/InjectKit

1.6_C2: Using the Counter Strike 1.6 RCON protocol as a C2 Channel
https://github.com/eversinc33/1.6_C2

EventLogCrasher: PoC for a bug, that allows any user to crash the Windows Event Log service of any other Windows 10/Windows Server 2022 machine on the same domain
https://github.com/floesen/EventLogCrasher

CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
https://github.com/horizon3ai/CVE-2024-0204
CVE-2023-4863 Heap buffer overflow in Google libwebp (WebP)
https://github.com/LiveOverflow/webp-CVE-2023-4863
CVE-2023-22527 RCE using SSTI in Confluence
https://github.com/Vozec/CVE-2023-22527

Frameless BITB: A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx
https://github.com/waelmas/frameless-bitb

Hiding payloads in Java source code strings
https://portswigger.net/research/hiding-payloads-in-java-source-code-strings

ADCS Attack Paths in BloodHound — Part 1
https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-1-799f3d3b03cf
Rust for Cyber Security and Red Teaming
https://infosecwriteups.com/rust-for-cyber-security-and-red-teaming-275595d3fdec

Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver
https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl

MemRunner: A Simple Linux Loader
https://github.com/T0k1To/MemRunner

SyscallMeMaybe: Implementation of Indirect Syscall technique to pop an innocent calc.exe
https://github.com/oldboy21/SyscallMeMaybe

SOAPHound: is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol.
SOAPHound is able to extract the same information without directly communicating to the LDAP server
https://github.com/FalconForceTeam/SOAPHound

Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE
https://github.com/h4x0r-dz/CVE-2024-23897

Top-GPTs: Run popular GPTs without the need for ChatGPT Plus subscription
https://github.com/Anil-matcha/Top-GPTs

SigFinder: Identify binaries with Authenticode digital signatures signed to an internal CA/domain
https://github.com/mlcsec/SigFinder

Thread-Pool-Injection-PoC: Proof of concept code for thread pool based process injection in Windows
https://github.com/Uri3n/Thread-Pool-Injection-PoC