#tor_rootkit Standalone executables for Windows and Linux, including python interpreter and tor
the whole communication works over tor hidden services which guarantees some degree of anonymity, The Listener can handle multiple clients
and generates payloads for different platforms on startup
https://github.com/emcruise/tor-rootkit
the whole communication works over tor hidden services which guarantees some degree of anonymity, The Listener can handle multiple clients
and generates payloads for different platforms on startup
https://github.com/emcruise/tor-rootkit
#CVE-2021-38001 #chrome #exploit
#poc CVE-2021-38001 tested on macOS exploit has super dependent for my macOS d8 environment
https://github.com/vngkv123/aSiagaming/tree/master/Chrome-v8-1260577
the first part of a series on the chrome browser and its javascript engine v8
https://seal9055.com/blog/browser/browser/chrome_browser_architecture
#poc CVE-2021-38001 tested on macOS exploit has super dependent for my macOS d8 environment
https://github.com/vngkv123/aSiagaming/tree/master/Chrome-v8-1260577
the first part of a series on the chrome browser and its javascript engine v8
https://seal9055.com/blog/browser/browser/chrome_browser_architecture
#Exploit for #CVE-2021-40449
Win32k Elevation
https://github.com/Kristal-g/CVE-2021-40449_poc
#poc for #CVE-2021-36799
ETS5 Password Recovery
https://github.com/robertguetzkow/ets5-password-recovery
A sample #poc for #CVE-2021-30657
affecting MacOS
https://github.com/shubham0d/CVE-2021-30657
#Exploitation code for #CVE-2021-40539
Zoho ManageEngine ADSelfService Plus
https://github.com/synacktiv/CVE-2021-40539
VMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE #CVE-2021-21985
https://github.com/sknux/CVE-2021-21985_PoC
Win32k Elevation
https://github.com/Kristal-g/CVE-2021-40449_poc
#poc for #CVE-2021-36799
ETS5 Password Recovery
https://github.com/robertguetzkow/ets5-password-recovery
A sample #poc for #CVE-2021-30657
affecting MacOS
https://github.com/shubham0d/CVE-2021-30657
#Exploitation code for #CVE-2021-40539
Zoho ManageEngine ADSelfService Plus
https://github.com/synacktiv/CVE-2021-40539
VMWARE VCENTER SERVER VIRTUAL SAN HEALTH CHECK PLUG-IN RCE #CVE-2021-21985
https://github.com/sknux/CVE-2021-21985_PoC
Open-source code analysis platform for C/C++/Java/Binary/Javascript based on code property graphs
https://github.com/joernio/joern
#ExcelPeek is a tool designed to help investigate potentially malicious Microsoft Excel files
https://github.com/slaughterjames/excelpeek
https://github.com/joernio/joern
#ExcelPeek is a tool designed to help investigate potentially malicious Microsoft Excel files
https://github.com/slaughterjames/excelpeek
#cybersecurity #infosec #resources
A list of helpful infosec resources
https://github.com/stong/infosec-resources
A list of helpful infosec resources
https://github.com/stong/infosec-resources
Summary of some offensive #vulnerabilities from mainstream vendors
https://github.com/r0eXpeR/supplier
https://github.com/r0eXpeR/supplier
#natpass A new generation of NAT intranet penetration tool, support tcp tunnel, shell tunnel
https://github.com/lwch/natpass
https://github.com/lwch/natpass
#Hardentools simply reduces the attack surface on Microsoft Windows by disabling low-hanging fruit risky features
https://github.com/securitywithoutborders/hardentools
#RPC_Firewall to audit all remote RPC calls. Once executing any remote attack tools, you will see which RPC UUIDs and Opnums were called remotely
https://github.com/zeronetworks/rpcfirewall
https://github.com/securitywithoutborders/hardentools
#RPC_Firewall to audit all remote RPC calls. Once executing any remote attack tools, you will see which RPC UUIDs and Opnums were called remotely
https://github.com/zeronetworks/rpcfirewall
the invisible #javaScript #backdoor
https://certitude.consulting/blog/en/invisible-backdoor/
#Trojan_Source invisible vulnerabilities
https://github.com/nickboucher/trojan-source
https://certitude.consulting/blog/en/invisible-backdoor/
#Trojan_Source invisible vulnerabilities
https://github.com/nickboucher/trojan-source
A Zeek package to detect #CVE-2021-42292, a Microsoft Excel local privilege escalation #exploit
https://github.com/corelight/CVE-2021-42292#detection-method
https://github.com/corelight/CVE-2021-42292#detection-method
Attacks-On-ETW-Blind-EDRs.pdf
2.7 MB
Attacks on ETW Blind EDR
BlackHat Europe
10 November 2021
direct download ⬇️
https://i.blackhat.com/EU-21/Wednesday/EU-21-Teodorescu-Veni-No-Vidi-No-Vici-Attacks-On-ETW-Blind-EDRs.pdf
BlackHat Europe
10 November 2021
direct download ⬇️
https://i.blackhat.com/EU-21/Wednesday/EU-21-Teodorescu-Veni-No-Vidi-No-Vici-Attacks-On-ETW-Blind-EDRs.pdf
Sorting out some key system #vulnerabilities that are vulnerable to attack in the #Red_Team
https://github.com/r0eXpeR/redteam_vul
C# Script used for #Red_Team, These binaries can be used by Cobalt Strike execute-assembly or as standalone executable
https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts
Official #Black_Hat Arsenal Security Tools Repository
https://github.com/toolswatch/blackhat-arsenal-tools
All about #Bug_Bounty (bypasses, payloads, and etc)
https://github.com/daffainfo/AllAboutBugBounty
A collection of several hundred online tools for #OSINT
https://github.com/cipher387/osint_stuff_tool_collection
https://github.com/r0eXpeR/redteam_vul
C# Script used for #Red_Team, These binaries can be used by Cobalt Strike execute-assembly or as standalone executable
https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts
Official #Black_Hat Arsenal Security Tools Repository
https://github.com/toolswatch/blackhat-arsenal-tools
All about #Bug_Bounty (bypasses, payloads, and etc)
https://github.com/daffainfo/AllAboutBugBounty
A collection of several hundred online tools for #OSINT
https://github.com/cipher387/osint_stuff_tool_collection
Execute ELF files without dropping them on disk
https://github.com/nnsee/fileless-elf-exec
A Beacon Object File that creates a minidump of the LSASS process
https://github.com/helpsystems/nanodump
#EHole is a tool for fingerprint identification of key systems in assets. In red team operations
https://github.com/EdgeSecurityTeam/EHole
#CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions
https://github.com/iangcarroll/cookiemonster
#RollerScanner Fast Port Scanner Written On Python
https://github.com/MajorRaccoon/RollerScanner
https://github.com/nnsee/fileless-elf-exec
A Beacon Object File that creates a minidump of the LSASS process
https://github.com/helpsystems/nanodump
#EHole is a tool for fingerprint identification of key systems in assets. In red team operations
https://github.com/EdgeSecurityTeam/EHole
#CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions
https://github.com/iangcarroll/cookiemonster
#RollerScanner Fast Port Scanner Written On Python
https://github.com/MajorRaccoon/RollerScanner