حوار مع Kajit عضو سابق في REvil و DarkSide ومسؤول عن منتدى Ransomware Marketplace _ RAMP

Digitally-Signed Rootkits
are Back – A Look at
FiveSys and Companions
#Bitdefender

#CVE-2021-22205 RCE

https://github.com/c0okB/CVE-2021-22205

2021 #CWE Most Important Hardware Weaknesses #Mitre
https://cwe.mitre.org/scoring/lists/2021_CWE_MIHW

Today Symantec released a paper on BlackMatter new exfiltration tool dubbed #ExMatter
#Sample
password : infected

Burp Suite Pro
v2021.9.1 + Crack

Released
26 October 2021

Hidden parameters discovery suite
#burp_suite
https://github.com/Impact-I/x8-Burp

#burp_suite Extender plugin - Adds autocompletion support and useful payloads in Burp Suite
https://github.com/synacktiv/HopLa

Awesome #burp_suite Resources. 400+ open source Burp plugins, 400+ posts and videos
https://github.com/alphaSeclab/awesome-burp-suite

#REvil Ransomware #Decryption_Tool
#Bitdefender
https://www.bitdefender.com/blog/labs/bitdefender-offers-free-universal-decryptor-for-revil-sodinokibi-ransomware

#Darkside Ransomware #Decryption_Tool
#Bitdefender
https://www.bitdefender.com/blog/labs/darkside-ransomware-decryption-tool

#babuk ransomware #Decryption_Tool
#avast
https://www.avast.com/ransomware-decryption-tools

#AtomSilo and #LockFile #Decryption_Tool
direct link #avast
https://files.avast.com/files/decryptor/avast_decryptor_atomsilo.exe

#BlackByte ransomware #Decryption_Tool
#github
https://github.com/SpiderLabs/BlackByteDecryptor

Another meterpreter injection technique using C# that attempts to bypass Defender
https://github.com/plackyhacker/Suspended-Thread-Injection

A collection of C# shellcode injection techniques All techniques use an AES encrypted meterpreter payload
https://github.com/plackyhacker/Shellcode-Injection-Techniques

An example of using Syscalls in C# to get a meterpreter shell
https://github.com/plackyhacker/Sys-Calls

A simple shell code encryptor/decryptor/executor to bypass anti virus
https://github.com/plackyhacker/Shellcode-Encryptor

Unhooks Bit Defender from NTDLL and KERNELBASE using a classic technique
https://github.com/plackyhacker/Unhook-BitDefender

Applications that reproduce #CVE-2021-22119
https://github.com/mari6274/oauth-client-exploit

Generate malicious files using recently published homoglyphic-attack #CVE-2021-42694
https://github.com/js-on/CVE-2021-42694

metasploit script #poc about #CVE-2021-36260
https://github.com/TaroballzChen/CVE-2021-36260-metasploit

Burp Suite Pro
version : 2021.10

Released
1 November 2021

Some docker images to play with #CVE-2021-41773 and #CVE-2021-42013
https://github.com/Hydragyrum/CVE-2021-41773-Playground

#CVE-2021-42663 HTML Injection vulnerability in the Online event booking and reservation system
https://github.com/TheHackingRabbi/CVE-2021-42663

#Sudomy to collect subdomains and analyzing domains performing automated reconnaissance #recon for bug hunting / #pentesting

https://github.com/screetsec/Sudomy

#shad0w, it provides the operator the ability to execute .NET assemblies, DLLs, EXEs, JS, VBS or XSLs fully inside memory. Dynamically resolved syscalls are heavily used to avoid userland API hooking, anti DLL #injection to make it harder for EDR to load code into the beacons and official Microsoft mitigation methods to protect spawn processes

https://github.com/bats3c/shad0w

A collection of more than 160+ tools, scripts, cheatsheets and other loots for Red Teaming / #Pentesting / IT Security audits purposes
https://github.com/mgeeky/Penetration-Testing-Tools

An advanced in-memory evasion technique fluctuating #shellcode's memory protection between RW/NoAccess & RX and then encrypting/decrypting its contents
https://github.com/mgeeky/ShellcodeFluctuation

#poc for an advanced In-Memory evasion technique allowing to better hide injected #shellcode's memory allocation from scanners and analysts
https://github.com/mgeeky/ThreadStackSpoofer

PHP Script intdended to be used during #Phishing campaigns as a credentials collector linked to #backdoored HTML <form> action parameter
https://github.com/mgeeky/PhishingPost

Automate installation of extra #pentest_tools on #Kali_Linux, The script will create two directories within CWD: tools and www. The first one contains all the tools that will be installed on Kali, The second one contains all the scripts and binaries that will be downloaded and may be delivered onto the victim host later

https://github.com/penetrarnya-tm/WeaponizeKali.sh

The Engineers Online Portal System

#CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system
https://github.com/TheHackingRabbi/CVE-2021-42662

#CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system
https://github.com/TheHackingRabbi/CVE-2021-42663

#CVE-2021-42664 - Stored Cross-Site Scripting vulnerability in the Engineers online portal system
https://github.com/TheHackingRabbi/CVE-2021-42664

#CVE-2021-42665 - SQL Injection authentication bypass vulnerability in the Engineers online portal system
https://github.com/TheHackingRabbi/CVE-2021-42665

#CVE-2021-42666 - SQL Injection vulnerability in the Engineers online portal system
https://github.com/TheHackingRabbi/CVE-2021-42666

#CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system
https://github.com/TheHackingRabbi/CVE-2021-42667

#RSA attack tool ( mainly for ctf ) retreive private key from weak public key and / or uncipher data

https://github.com/Ganapati/RsaCtfTool