Attacks-On-ETW-Blind-EDRs.pdf
2.7 MB
Attacks on ETW Blind EDR
BlackHat Europe
10 November 2021
direct download ⬇️
https://i.blackhat.com/EU-21/Wednesday/EU-21-Teodorescu-Veni-No-Vidi-No-Vici-Attacks-On-ETW-Blind-EDRs.pdf
BlackHat Europe
10 November 2021
direct download ⬇️
https://i.blackhat.com/EU-21/Wednesday/EU-21-Teodorescu-Veni-No-Vidi-No-Vici-Attacks-On-ETW-Blind-EDRs.pdf
Sorting out some key system #vulnerabilities that are vulnerable to attack in the #Red_Team
https://github.com/r0eXpeR/redteam_vul
C# Script used for #Red_Team, These binaries can be used by Cobalt Strike execute-assembly or as standalone executable
https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts
Official #Black_Hat Arsenal Security Tools Repository
https://github.com/toolswatch/blackhat-arsenal-tools
All about #Bug_Bounty (bypasses, payloads, and etc)
https://github.com/daffainfo/AllAboutBugBounty
A collection of several hundred online tools for #OSINT
https://github.com/cipher387/osint_stuff_tool_collection
https://github.com/r0eXpeR/redteam_vul
C# Script used for #Red_Team, These binaries can be used by Cobalt Strike execute-assembly or as standalone executable
https://github.com/Mr-Un1k0d3r/RedTeamCSharpScripts
Official #Black_Hat Arsenal Security Tools Repository
https://github.com/toolswatch/blackhat-arsenal-tools
All about #Bug_Bounty (bypasses, payloads, and etc)
https://github.com/daffainfo/AllAboutBugBounty
A collection of several hundred online tools for #OSINT
https://github.com/cipher387/osint_stuff_tool_collection
Execute ELF files without dropping them on disk
https://github.com/nnsee/fileless-elf-exec
A Beacon Object File that creates a minidump of the LSASS process
https://github.com/helpsystems/nanodump
#EHole is a tool for fingerprint identification of key systems in assets. In red team operations
https://github.com/EdgeSecurityTeam/EHole
#CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions
https://github.com/iangcarroll/cookiemonster
#RollerScanner Fast Port Scanner Written On Python
https://github.com/MajorRaccoon/RollerScanner
https://github.com/nnsee/fileless-elf-exec
A Beacon Object File that creates a minidump of the LSASS process
https://github.com/helpsystems/nanodump
#EHole is a tool for fingerprint identification of key systems in assets. In red team operations
https://github.com/EdgeSecurityTeam/EHole
#CookieMonster helps you detect and abuse vulnerable implementations of stateless sessions
https://github.com/iangcarroll/cookiemonster
#RollerScanner Fast Port Scanner Written On Python
https://github.com/MajorRaccoon/RollerScanner
Advanced Exploitation of Simple Bugs.pdf
8.5 MB
Advanced Exploitation of Simple Bugs A Parallels Desktop Case Study ( Pwn2Own2021 )
direct download ⬇️
https://zerodayengineering.com/projects/slides/ZDE2021_AdvancedSimplePwn2Own2021.pdf
direct download ⬇️
https://zerodayengineering.com/projects/slides/ZDE2021_AdvancedSimplePwn2Own2021.pdf
Mobile Malware Mimicking Framework.pdf
762.9 KB
Mobile Malware Mimicking
Framework
BlackHat Europe 2021
Framework
BlackHat Europe 2021
#poc CVE-2021-41351 Microsoft Edge (Chrome based) Spoofing on IE Mode
https://github.com/JaneMandy/CVE-2021-41351-POC
Week in review : Critical RCE in Palo Alto Networks firewalls, how to select a DRaaS solution
https://www.helpnetsecurity.com/2021/11/14/week-in-review-critical-rce-in-palo-alto-networks-firewalls-how-to-select-a-draas-solution
https://github.com/JaneMandy/CVE-2021-41351-POC
Week in review : Critical RCE in Palo Alto Networks firewalls, how to select a DRaaS solution
https://www.helpnetsecurity.com/2021/11/14/week-in-review-critical-rce-in-palo-alto-networks-firewalls-how-to-select-a-draas-solution
Sincon2021_MobileAppHardeningRE.pdf
1.8 MB
Mobile App Hardening
Against Reverse Engineering
direct download ⬇️
https://github.com/su-vikas/Presentations/raw/main/Sincon2021.MobileAppHardeningRE.pdf
Against Reverse Engineering
direct download ⬇️
https://github.com/su-vikas/Presentations/raw/main/Sincon2021.MobileAppHardeningRE.pdf
#ChopChop is a command-line tool for dynamic application security testing on web applications
https://github.com/michelin/ChopChop
#NTFS_parser for digital forensics & incident response
https://github.com/msuhanov/dfir_ntfs
https://github.com/michelin/ChopChop
#NTFS_parser for digital forensics & incident response
https://github.com/msuhanov/dfir_ntfs
#TLS_poison A tool that allows for generic SSRF via TLS, as well as CSRF via image tags in most browsers
https://github.com/jmdx/TLS-poison
#EXOCET AV-evading, undetectable, payload delivery tool
https://github.com/tanc7/EXOCET-AV-Evasion
https://github.com/jmdx/TLS-poison
#EXOCET AV-evading, undetectable, payload delivery tool
https://github.com/tanc7/EXOCET-AV-Evasion
Malicious Command-Line
https://github.com/3CORESec/MAL-CL
A Full-Featured HexEditor compatible with Linux/Windows/MacOS
https://github.com/echo-devim/fhex
https://github.com/3CORESec/MAL-CL
A Full-Featured HexEditor compatible with Linux/Windows/MacOS
https://github.com/echo-devim/fhex
#poc CVE-2021-41794 Exploit the Fuzz
Exploiting Vulnerabilities in 5G Core Networks
https://research.nccgroup.com/2021/11/16/exploit-the-fuzz-exploiting-vulnerabilities-in-5g-core-networks
#CVE-2021-41228 TensorFlow Python Code Injection: More eval() Woes
https://jfrog.com/blog/tensorflow-python-code-injection-more-eval-woes
#poc CVE-2021-37580
https://github.com/fengwenhua/CVE-2021-37580
Exploiting Vulnerabilities in 5G Core Networks
https://research.nccgroup.com/2021/11/16/exploit-the-fuzz-exploiting-vulnerabilities-in-5g-core-networks
#CVE-2021-41228 TensorFlow Python Code Injection: More eval() Woes
https://jfrog.com/blog/tensorflow-python-code-injection-more-eval-woes
#poc CVE-2021-37580
https://github.com/fengwenhua/CVE-2021-37580