How to exploit a double free vulnerability in 2021 'Use After Free for Dummies'
https://github.com/stong/how-to-exploit-a-double-free
https://github.com/stong/how-to-exploit-a-double-free
The project is compiled based on the LandGrey/SpringBootVulExploit list The purpose is to quickly exploit vulnerabilities during hvv and lower the threshold for exploiting vulnerabilities
https://github.com/0x727/SpringBootExploit
https://github.com/0x727/SpringBootExploit
A framework for bug hunting or pentesting targeting websites that have #CVE-2021-41773 Vulnerability in public
https://github.com/HightechSec/scarce-apache2
#poc for the #CVE-2021-20837 RCE in MovableType
https://github.com/ghost-nemesis/cve-2021-20837-poc
https://github.com/HightechSec/scarce-apache2
#poc for the #CVE-2021-20837 RCE in MovableType
https://github.com/ghost-nemesis/cve-2021-20837-poc
converse with Kajit.pdf
5.5 MB
حوار مع Kajit عضو سابق في REvil و DarkSide ومسؤول عن منتدى Ransomware Marketplace _ RAMP
2021 #CWE Most Important Hardware Weaknesses #Mitre
https://cwe.mitre.org/scoring/lists/2021_CWE_MIHW
https://cwe.mitre.org/scoring/lists/2021_CWE_MIHW
ExMatter.rar
2.1 MB
Burp_Suite_pro_2021.9.1.7z
507.1 MB
Burp Suite Pro
v2021.9.1 + Crack
Released
26 October 2021
v2021.9.1 + Crack
Released
26 October 2021
Hidden parameters discovery suite
#burp_suite
https://github.com/Impact-I/x8-Burp
#burp_suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
https://github.com/synacktiv/HopLa
Awesome #burp_suite Resources. 400+ open source Burp plugins, 400+ posts and videos
https://github.com/alphaSeclab/awesome-burp-suite
#burp_suite
https://github.com/Impact-I/x8-Burp
#burp_suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
https://github.com/synacktiv/HopLa
Awesome #burp_suite Resources. 400+ open source Burp plugins, 400+ posts and videos
https://github.com/alphaSeclab/awesome-burp-suite
#REvil Ransomware #Decryption_Tool
#Bitdefender
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
#Darkside Ransomware #Decryption_Tool
#Bitdefender
https://www.bitdefender.com/blog/labs/darkside-ransomware-decryption-tool
#babuk ransomware #Decryption_Tool
#avast
https://www.avast.com/ransomware-decryption-tools
#AtomSilo and #LockFile #Decryption_Tool
direct link #avast
https://files.avast.com/files/decryptor/avast_decryptor_atomsilo.exe
#BlackByte ransomware #Decryption_Tool
#github
https://github.com/SpiderLabs/BlackByteDecryptor
#Bitdefender
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware
#Darkside Ransomware #Decryption_Tool
#Bitdefender
https://www.bitdefender.com/blog/labs/darkside-ransomware-decryption-tool
#babuk ransomware #Decryption_Tool
#avast
https://www.avast.com/ransomware-decryption-tools
#AtomSilo and #LockFile #Decryption_Tool
direct link #avast
https://files.avast.com/files/decryptor/avast_decryptor_atomsilo.exe
#BlackByte ransomware #Decryption_Tool
#github
https://github.com/SpiderLabs/BlackByteDecryptor
Another meterpreter injection technique using C# that attempts to bypass Defender
https://github.com/plackyhacker/Suspended-Thread-Injection
A collection of C# shellcode injection techniques All techniques use an AES encrypted meterpreter payload
https://github.com/plackyhacker/Shellcode-Injection-Techniques
An example of using Syscalls in C# to get a meterpreter shell
https://github.com/plackyhacker/Sys-Calls
A simple shell code encryptor/decryptor/executor to bypass anti virus
https://github.com/plackyhacker/Shellcode-Encryptor
Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique
https://github.com/plackyhacker/Unhook-BitDefender
https://github.com/plackyhacker/Suspended-Thread-Injection
A collection of C# shellcode injection techniques All techniques use an AES encrypted meterpreter payload
https://github.com/plackyhacker/Shellcode-Injection-Techniques
An example of using Syscalls in C# to get a meterpreter shell
https://github.com/plackyhacker/Sys-Calls
A simple shell code encryptor/decryptor/executor to bypass anti virus
https://github.com/plackyhacker/Shellcode-Encryptor
Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique
https://github.com/plackyhacker/Unhook-BitDefender
Applications that reproduce #CVE-2021-22119
https://github.com/mari6274/oauth-client-exploit
Generate malicious files using recently published homoglyphic-attack #CVE-2021-42694
https://github.com/js-on/CVE-2021-42694
metasploit script #poc about #CVE-2021-36260
https://github.com/TaroballzChen/CVE-2021-36260-metasploit
https://github.com/mari6274/oauth-client-exploit
Generate malicious files using recently published homoglyphic-attack #CVE-2021-42694
https://github.com/js-on/CVE-2021-42694
metasploit script #poc about #CVE-2021-36260
https://github.com/TaroballzChen/CVE-2021-36260-metasploit
Burp-Suite_Pro 2021.10.7z
489 MB
Burp Suite Pro
version : 2021.10
Released
1 November 2021
version : 2021.10
Released
1 November 2021
Some docker images to play with #CVE-2021-41773 and #CVE-2021-42013
https://github.com/Hydragyrum/CVE-2021-41773-Playground
#CVE-2021-42663 HTML Injection vulnerability in the Online event booking and reservation system
https://github.com/TheHackingRabbi/CVE-2021-42663
https://github.com/Hydragyrum/CVE-2021-41773-Playground
#CVE-2021-42663 HTML Injection vulnerability in the Online event booking and reservation system
https://github.com/TheHackingRabbi/CVE-2021-42663
#Sudomy to collect subdomains and analyzing domains performing automated reconnaissance #recon for bug hunting / #pentesting
https://github.com/screetsec/Sudomy
https://github.com/screetsec/Sudomy
#shad0w, it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs fully inside memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti DLL #injection to make it harder for EDR to load code into the beacons and official Microsoft mitigation methods to protect spawn processes
https://github.com/bats3c/shad0w
https://github.com/bats3c/shad0w
A collection of more than 160+ tools, scripts, cheatsheets and other loots for Red Teaming / #Pentesting / IT Security audits purposes
https://github.com/mgeeky/Penetration-Testing-Tools
An advanced in-memory evasion technique fluctuating #shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
https://github.com/mgeeky/ShellcodeFluctuation
#poc for an advanced In-Memory evasion technique allowing to better hide injected #shellcode's memory allocation from scanners and analysts
https://github.com/mgeeky/ThreadStackSpoofer
PHP Script intdended to be used during #Phishing campaigns as a credentials collector linked to #backdoored HTML <form> action parameter
https://github.com/mgeeky/PhishingPost
https://github.com/mgeeky/Penetration-Testing-Tools
An advanced in-memory evasion technique fluctuating #shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
https://github.com/mgeeky/ShellcodeFluctuation
#poc for an advanced In-Memory evasion technique allowing to better hide injected #shellcode's memory allocation from scanners and analysts
https://github.com/mgeeky/ThreadStackSpoofer
PHP Script intdended to be used during #Phishing campaigns as a credentials collector linked to #backdoored HTML <form> action parameter
https://github.com/mgeeky/PhishingPost