CISA Adds 13 Known Exploited Vulnerabilities to Catalog
https://www.cisa.gov/uscert/ncas/current-activity/2022/01/18/cisa-adds-13-known-exploited-vulnerabilities-catalog
https://www.cisa.gov/uscert/ncas/current-activity/2022/01/18/cisa-adds-13-known-exploited-vulnerabilities-catalog
Metasploit Ex Log4Shell: vCenter RCE
https://github.com/rapid7/metasploit-framework/pull/16050
https://github.com/rapid7/metasploit-framework/pull/16050
CVE-2021-30949 - XNU kernel use-after-free in mach_msg
https://bugs.chromium.org/p/project-zero/issues/detail?id=2232
CVE-2021-45467 - CWP CentOS Web Panel - preauth RCE
https://octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce
CVE-2021-44515 - ZohOwned :: A Critical Authentication Bypass on Zoho ManageEngine Desktop Central
https://srcincite.io/blog/2022/01/20/zohowned-a-critical-authentication-bypass-on-zoho-manageengine-desktop-central
https://bugs.chromium.org/p/project-zero/issues/detail?id=2232
CVE-2021-45467 - CWP CentOS Web Panel - preauth RCE
https://octagon.net/blog/2022/01/22/cve-2021-45467-cwp-centos-web-panel-preauth-rce
CVE-2021-44515 - ZohOwned :: A Critical Authentication Bypass on Zoho ManageEngine Desktop Central
https://srcincite.io/blog/2022/01/20/zohowned-a-critical-authentication-bypass-on-zoho-manageengine-desktop-central
#Phishing Domains, urls websites and threats database
https://github.com/mitchellkrogza/Phishing.Database
Super organized and flexible script for sending #phishing campaigns
https://github.com/KINGSABRI/goCabrito
Easy to use #phishing tool with 65 website templates
https://github.com/KasRoudra/PyPhisher
#Camera phishing tool If anyone opens link generated and permits camera access his/her photo will be captured!
https://github.com/KasRoudra/CamHacker
#PUBG & BGMI Mobile Phishing Tool ID Hack Tool For Online Hacking
https://github.com/OnlineHacKing/PUBG_BGMI-Phishing
#Free_Fire Phishing Tool ID Hack Tool For Online Hacking
https://github.com/OnlineHacKing/FreeFire-Phishing
https://github.com/mitchellkrogza/Phishing.Database
Super organized and flexible script for sending #phishing campaigns
https://github.com/KINGSABRI/goCabrito
Easy to use #phishing tool with 65 website templates
https://github.com/KasRoudra/PyPhisher
#Camera phishing tool If anyone opens link generated and permits camera access his/her photo will be captured!
https://github.com/KasRoudra/CamHacker
#PUBG & BGMI Mobile Phishing Tool ID Hack Tool For Online Hacking
https://github.com/OnlineHacKing/PUBG_BGMI-Phishing
#Free_Fire Phishing Tool ID Hack Tool For Online Hacking
https://github.com/OnlineHacKing/FreeFire-Phishing
LoadLibrary for offensive operations
https://github.com/bats3c/DarkLoadLibrary
Hundreds of Offensive and Useful Docker Images for Network Intrusion
https://github.com/cybersecsi/HOUDINI
https://github.com/bats3c/DarkLoadLibrary
Hundreds of Offensive and Useful Docker Images for Network Intrusion
https://github.com/cybersecsi/HOUDINI
A Workflow Engine for Offensive Security
https://github.com/j3ssie/osmedeus
Second-order subdomain takeover scanner
https://github.com/mhmdiaa/second-order
https://github.com/j3ssie/osmedeus
Second-order subdomain takeover scanner
https://github.com/mhmdiaa/second-order
bypass IP source restrictions using HTTP headers
https://github.com/p0dalirius/ipsourcebypass
weaponize a vulnerable signed driver to bypass EDR detections
https://github.com/wavestone-cdt/EDRSandblast
https://github.com/p0dalirius/ipsourcebypass
weaponize a vulnerable signed driver to bypass EDR detections
https://github.com/wavestone-cdt/EDRSandblast
Flutter Roadmap 2022
https://github.com/Flutterando/roadmap
Collection of Flutter and Dart Tips and Tricks
https://github.com/vandadnp/flutter-tips-and-tricks
Flutter Reverse Engineering Framework
Android: arm64, arm32 & iOS: arm64;
https://github.com/ptswarm/reFlutter
https://github.com/Flutterando/roadmap
Collection of Flutter and Dart Tips and Tricks
https://github.com/vandadnp/flutter-tips-and-tricks
Flutter Reverse Engineering Framework
Android: arm64, arm32 & iOS: arm64;
https://github.com/ptswarm/reFlutter
CVE-2021-26084 Confluence Server Webwork OGNL injection
https://github.com/thomsdev/CVE-2021-26084
PoC script to exploit Pulse Secure CVE-2021-22893
https://github.com/thomsdev/CVE-2021-22893
https://github.com/thomsdev/CVE-2021-26084
PoC script to exploit Pulse Secure CVE-2021-22893
https://github.com/thomsdev/CVE-2021-22893
Automation for internal Windows Penetest/AD-Security
https://github.com/S3cur3Th1sSh1t/WinPwn
some code execution and AV Evasion methods for Macros in Office documents
https://github.com/S3cur3Th1sSh1t/OffensiveVBA
https://github.com/S3cur3Th1sSh1t/WinPwn
some code execution and AV Evasion methods for Macros in Office documents
https://github.com/S3cur3Th1sSh1t/OffensiveVBA
A small reverse shell for Linux & Windows
https://github.com/xct/xc
A repository of Windows Shellcode runners and supporting utilities
https://github.com/Ne0nd0g/go-shellcode
A method of bypassing EDR's active projection DLL's by preventing entry point exection
https://github.com/CCob/SharpBlock
https://github.com/xct/xc
A repository of Windows Shellcode runners and supporting utilities
https://github.com/Ne0nd0g/go-shellcode
A method of bypassing EDR's active projection DLL's by preventing entry point exection
https://github.com/CCob/SharpBlock
A utility to safely generate malicious network traffic patterns and evaluate controls
https://github.com/alphasoc/flightsim
Sliver is an open source cross-platform adversary emulation / red team framework
https://github.com/BishopFox/sliver
https://github.com/alphasoc/flightsim
Sliver is an open source cross-platform adversary emulation / red team framework
https://github.com/BishopFox/sliver
An introduction to Active Directory security
https://github.com/cfalta/adsec
Python implementation for Active Directory certificate abuse
https://github.com/ly4k/Certipy
https://github.com/cfalta/adsec
Python implementation for Active Directory certificate abuse
https://github.com/ly4k/Certipy
Analysis and Impact of LockBit Ransomware’s First Linux and VMware ESXi Variant
https://www.trendmicro.com/en_us/research/22/a/analysis-and-Impact-of-lockbit-ransomwares-first-linux-and-vmware-esxi-variant
TianySpy Malware Uses Smishing Disguised as Message From Telco
https://www.trendmicro.com/en_us/research/22/a/tianyspy-malware-uses-smishing-disguised-as-message-from-telco
https://www.trendmicro.com/en_us/research/22/a/analysis-and-Impact-of-lockbit-ransomwares-first-linux-and-vmware-esxi-variant
TianySpy Malware Uses Smishing Disguised as Message From Telco
https://www.trendmicro.com/en_us/research/22/a/tianyspy-malware-uses-smishing-disguised-as-message-from-telco
This media is not supported in your browser
VIEW IN TELEGRAM
PwnKit: Local Privilege Escalation Vulnerability Discovered in polkit’s pkexec (CVE-2021-4034)
Affect the all major Linux distributions and can be exploited to gain full root privileges on the system
https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034
CVE-2021-4034 1day
https://github.com/berdav/CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec CVE-2021-4034
https://github.com/arthepsy/CVE-2021-4034
Affect the all major Linux distributions and can be exploited to gain full root privileges on the system
https://blog.qualys.com/vulnerabilities-threat-research/2022/01/25/pwnkit-local-privilege-escalation-vulnerability-discovered-in-polkits-pkexec-cve-2021-4034
CVE-2021-4034 1day
https://github.com/berdav/CVE-2021-4034
PoC for PwnKit: Local Privilege Escalation Vulnerability in polkit’s pkexec CVE-2021-4034
https://github.com/arthepsy/CVE-2021-4034
Exploits for CVE-2022-0185
https://github.com/Crusaders-of-Rust/CVE-2022-0185
PoC for CVE-2022-0332
Moodle 3.11 to 3.11.4 - SQL injection
https://github.com/numanturle/CVE-2022-0332
https://github.com/Crusaders-of-Rust/CVE-2022-0185
PoC for CVE-2022-0332
Moodle 3.11 to 3.11.4 - SQL injection
https://github.com/numanturle/CVE-2022-0332
CVE-2022-21882 win32k LPE bypass
https://github.com/KaLendsi/CVE-2022-21882
CVE-2022-23967 TightVNC Vulnerability
https://github.com/MaherAzzouzi/CVE-2022-23967
CVE-2022-21371 Oracle WebLogic Server
https://github.com/Mr-xn/CVE-2022-21371
https://github.com/KaLendsi/CVE-2022-21882
CVE-2022-23967 TightVNC Vulnerability
https://github.com/MaherAzzouzi/CVE-2022-23967
CVE-2022-21371 Oracle WebLogic Server
https://github.com/Mr-xn/CVE-2022-21371