Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
https://github.com/ProcessusT/EnumSSN
https://github.com/ProcessusT/EnumSSN
Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients
Trigona Ransomware in 3 Hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours
Automated Multi UAC bypass
for win10|win11|ws2019|ws2022
https://github.com/x0xr00t/Automated-MUlti-UAC-Bypass
for win10|win11|ws2019|ws2022
https://github.com/x0xr00t/Automated-MUlti-UAC-Bypass
Proof-of-concept code for the Android APEX key reuse vulnerability described in https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys
A direct improvement to remote TLS Injection
https://github.com/Uri3n/Advanced-TLS-Injection
https://github.com/Uri3n/Advanced-TLS-Injection
MyDumbEDR: This repo contains all the necessary files to run the MyDumbEDR and try to bypass
https://github.com/sensepost/mydumbedr
https://github.com/sensepost/mydumbedr
ThievingFox: is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities
https://github.com/Slowerzs/ThievingFox
https://github.com/Slowerzs/ThievingFox
Ultra-Sophisticated 0day APT SuperMalware Proxy EXE
https://gist.github.com/DanielGibson/f4ea4d46fc279d64a2d35a326e7a1a88
https://gist.github.com/DanielGibson/f4ea4d46fc279d64a2d35a326e7a1a88
Jumpserver Preauth RCE Exploit Chain
https://sites.google.com/site/zhiniangpeng/blogs/Jumpserver
https://sites.google.com/site/zhiniangpeng/blogs/Jumpserver
Persistence – Disk Clean-up
https://pentestlab.blog/2024/01/29/persistence-disk-clean-up
https://pentestlab.blog/2024/01/29/persistence-disk-clean-up
XML External Entity injection with error-based data exfiltration
https://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820
https://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820
Bypass NTLM Message Integrity Check - Drop the MIC
https://www.blackhillsinfosec.com/bypass-ntlm-message-integrity-check-drop-the-mic
https://www.blackhillsinfosec.com/bypass-ntlm-message-integrity-check-drop-the-mic
Exploiting Entra ID for Stealthier Persistence and Privilege Escalation using the Federated Authentication’s Secondary Token-signing Certificate
https://medium.com/tenable-techblog/stealthy-persistence-privesc-in-entra-id-by-using-the-federated-auth-secondary-token-signing-cert-876b21261106
https://medium.com/tenable-techblog/stealthy-persistence-privesc-in-entra-id-by-using-the-federated-auth-secondary-token-signing-cert-876b21261106
ICS and OT threat predictions for 2024
https://securelist.com/ksb-ics-predictions-2024
Uncovering USB Malware's Hidden Depths
https://www.mandiant.com/resources/blog/unc4990-evolution-usb-malware
ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign
https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign
Unveiling the intricacies of DiceLoader
https://blog.sekoia.io/unveiling-the-intricacies-of-diceloader
Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal
https://www.akamai.com/blog/security-research/fritzfrog-botnet-new-capabilities-log4shell
Pawn Storm Uses Brute Force and Stealth Again
https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth
https://securelist.com/ksb-ics-predictions-2024
Uncovering USB Malware's Hidden Depths
https://www.mandiant.com/resources/blog/unc4990-evolution-usb-malware
ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign
https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign
Unveiling the intricacies of DiceLoader
https://blog.sekoia.io/unveiling-the-intricacies-of-diceloader
Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal
https://www.akamai.com/blog/security-research/fritzfrog-botnet-new-capabilities-log4shell
Pawn Storm Uses Brute Force and Stealth Again
https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth
Unmanaged .NET Patching: A proof-of-concept for patching managed .NET function from unmanaged code
https://github.com/outflanknl/unmanaged-dotnet-patch
https://github.com/outflanknl/unmanaged-dotnet-patch
PoC for CVE-2024-20931 Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware
https://github.com/GlassyAmadeus/CVE-2024-20931
https://github.com/GlassyAmadeus/CVE-2024-20931
Vulnerability: runc process.cwd and leaked fds container breakout (CVE-2024-21626)
https://snyk.io/blog/cve-2024-21626-runc-process-cwd-container-breakout
PoC:
https://github.com/Wall1e/CVE-2024-21626-POC
https://snyk.io/blog/cve-2024-21626-runc-process-cwd-container-breakout
PoC:
https://github.com/Wall1e/CVE-2024-21626-POC
Havoc C2 with AV/EDR Bypass Methods in 2024 (Part 1)
https://medium.com/@sam.rothlisberger/havoc-c2-with-av-edr-bypass-methods-in-2024-part-1-733d423fc67b
https://medium.com/@sam.rothlisberger/havoc-c2-with-av-edr-bypass-methods-in-2024-part-1-733d423fc67b