Open-source code analysis platform for C/C++/Java/Binary/Javascript based on code property graphs
https://github.com/joernio/joern

#ExcelPeek is a tool designed to help investigate potentially malicious Microsoft Excel files
https://github.com/slaughterjames/excelpeek

REvil domain is back online
with a message .. .
" They are not the masters they think they are
We have the skills and experience
Do you want to be with the most qualified or losers ?

#cybersecurity #infosec #resources
A list of helpful infosec resources

https://github.com/stong/infosec-resources

Summary of some offensive #vulnerabilities from mainstream vendors

https://github.com/r0eXpeR/supplier

#natpass A new generation of NAT intranet penetration tool, support tcp tunnel, shell tunnel

https://github.com/lwch/natpass

#Hardentools simply reduces the attack surface on Microsoft Windows by disabling low-hanging fruit risky features
https://github.com/securitywithoutborders/hardentools

#RPC_Firewall to audit all remote RPC calls. Once executing any remote attack tools, you will see which RPC UUIDs and Opnums were called remotely
https://github.com/zeronetworks/rpcfirewall

the invisible #javaScript #backdoor
https://certitude.consulting/blog/en/invisible-backdoor/

#Trojan_Source invisible vulnerabilities
https://github.com/nickboucher/trojan-source

A Zeek package to detect #CVE-2021-42292, a Microsoft Excel local privilege escalation #exploit

https://github.com/corelight/CVE-2021-42292#detection-method

Attacks on ETW Blind EDR
BlackHat Europe
10 November 2021

direct download ⬇️
https://i.blackhat.com/EU-21/Wednesday/EU-21-Teodorescu-Veni-No-Vidi-No-Vici-Attacks-On-ETW-Blind-EDRs.pdf

وإن الحوائج لتُقضى
بكثرة الصلاة على النبي مُحمّد ﷺ ❤

Sorting out some key system #vulnerabilities that are vulnerable to attack in the #Red_Team
https://github.com/r0eXpeR/redteam_vul

C# Script used for #Red_Team, These binaries can be used by Cobalt Strike execute-assembly or as standalone executable
https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts

Official #Black_Hat Arsenal Security Tools Repository
https://github.com/toolswatch/blackhat-arsenal-tools

All about #Bug_Bounty (bypasses, payloads, and etc)
https://github.com/daffainfo/AllAboutBugBounty

A collection of several hundred online tools for #OSINT
https://github.com/cipher387/osint_stuff_tool_collection

Execute ELF files without dropping them on disk
https://github.com/nnsee/fileless-elf-exec

A Beacon Object File that creates a minidump of the LSASS process
https://github.com/helpsystems/nanodump

#EHole is a tool for fingerprint identification of key systems in assets. In red team operations
https://github.com/EdgeSecurityTeam/EHole

#CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions
https://github.com/iangcarroll/cookiemonster

#RollerScanner Fast Port Scanner Written On Python
https://github.com/MajorRaccoon/RollerScanner

Advanced Exploitation of Simple Bugs A Parallels Desktop Case Study ( Pwn2Own2021 )

direct download ⬇️
https://zerodayengineering.com/projects/slides/ZDE2021_AdvancedSimplePwn2Own2021.pdf

Mobile Malware Mimicking
Framework
BlackHat Europe 2021

#poc CVE-2021-41351 Microsoft Edge (Chrome based) Spoofing on IE Mode
https://github.com/JaneMandy/CVE-2021-41351-POC

Week in review : Critical RCE in Palo Alto Networks firewalls, how to select a DRaaS solution
https://www.helpnetsecurity.com/2021/11/14/week-in-review-critical-rce-in-palo-alto-networks-firewalls-how-to-select-a-draas-solution