Collection of Facebook Bug Bounty Writeups
https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups
L.O.C extension: this extension will automatically grant a third-party server access to some of the user's Facebook data
https://github.com/brave/extension-whitelist/issues/48
https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups
L.O.C extension: this extension will automatically grant a third-party server access to some of the user's Facebook data
https://github.com/brave/extension-whitelist/issues/48
Mimikatz in JS Oneliner
https://gist.github.com/secdev-01/3edc6283bce6b5848a10b7001e030037
The Derby of Static Software Testing:
Joern vs CodeQl
https://elmanto.github.io/posts/sast_derby_joern_vs_codeql
https://gist.github.com/secdev-01/3edc6283bce6b5848a10b7001e030037
The Derby of Static Software Testing:
Joern vs CodeQl
https://elmanto.github.io/posts/sast_derby_joern_vs_codeql
Cisco RV340 SSL VPN Unauthenticated Remote Code Execution as root
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md
Gather and update all available and newest CVEs with their PoC
https://github.com/trickest/cve
https://github.com/trickest/cve
CVE-2022-21661 WordPress SQL Injection
https://github.com/purple-WL/wordpress-CVE-2022-21661
CVE-2022-22536 SAP memory pipes(MPI)
https://github.com/antx-code/CVE-2022-22536
https://github.com/purple-WL/wordpress-CVE-2022-21661
CVE-2022-22536 SAP memory pipes(MPI)
https://github.com/antx-code/CVE-2022-22536
PoC for CVE-2021-43893 EFSRPC Arbitrary File Upload Privilege Escalation
https://github.com/jbaines-r7/blankspace
Dropping Files on a Domain Controller
https://www.rapid7.com/blog/post/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893
https://github.com/jbaines-r7/blankspace
Dropping Files on a Domain Controller
https://www.rapid7.com/blog/post/2022/02/14/dropping-files-on-a-domain-controller-using-cve-2021-43893
Kali Linux 2022.1 Release ♻️
New Features:
_Visual Refresh
_Kali Everything Image
_Shell Prompt Changes
_VMware i3 Improvements
_Refreshed Browser Landing Page
_Kali-Tweaks: Legacy SSH Made Easy
New Tools:
dnsx, naabu, nuclei, PoshC2, proxify, email2phonenumber
https://www.kali.org/blog/kali-linux-2022-1-release/
New Features:
_Visual Refresh
_Kali Everything Image
_Shell Prompt Changes
_VMware i3 Improvements
_Refreshed Browser Landing Page
_Kali-Tweaks: Legacy SSH Made Easy
New Tools:
dnsx, naabu, nuclei, PoshC2, proxify, email2phonenumber
https://www.kali.org/blog/kali-linux-2022-1-release/
Domain penetration one-stop
https://github.com/0range-x/Domain-penetration_one-stop/blob/master/Domain-penetration_one-stop.md
https://github.com/0range-x/Domain-penetration_one-stop/blob/master/Domain-penetration_one-stop.md
Windows Remote Administration Tool that uses Discord as C2
https://github.com/3ct0s/disctopia-c2
Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading
https://github.com/hasherezade/process_overwriting
https://github.com/3ct0s/disctopia-c2
Process Overwriting is a PE injection technique, closely related to Process Hollowing and Module Overloading
https://github.com/hasherezade/process_overwriting
Object Overloading
https://blog.xpnsec.com/object-overloading
Static Taint Analysis using Binary Ninja: A Case Study of MySQL Cluster Vulnerabilities
https://www.zerodayinitiative.com/blog/2022/2/14/static-taint-analysis-using-binary-ninja-a-case-study-of-mysql-cluster-vulnerabilities
https://blog.xpnsec.com/object-overloading
Static Taint Analysis using Binary Ninja: A Case Study of MySQL Cluster Vulnerabilities
https://www.zerodayinitiative.com/blog/2022/2/14/static-taint-analysis-using-binary-ninja-a-case-study-of-mysql-cluster-vulnerabilities
NFT Lure Used to Distribute BitRAT
https://www.fortinet.com/blog/threat-research/nft-lure-used-to-distribute-bitrat
Allcome clipbanker is a newcomer in underground forums
https://www.gdatasoftware.com/blog/2022/02/37239-allcome-clipbanker-is-a-newcomer-in-malware-underground-forums
https://www.fortinet.com/blog/threat-research/nft-lure-used-to-distribute-bitrat
Allcome clipbanker is a newcomer in underground forums
https://www.gdatasoftware.com/blog/2022/02/37239-allcome-clipbanker-is-a-newcomer-in-malware-underground-forums
CVE-2021-44521 – Exploiting Apache Cassandra User-Defined Functions for Remote Code Execution
https://jfrog.com/blog/cve-2021-44521-exploiting-apache-cassandra-user-defined-functions-for-remote-code-execution
https://jfrog.com/blog/cve-2021-44521-exploiting-apache-cassandra-user-defined-functions-for-remote-code-execution
Analysis of Microsoft CVE-2022-21907
https://www.fortinet.com/blog/threat-research/analysis-of-microsoft-cve-2022-21907
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel
https://blog.immunityinc.com/p/a-remote-stack-overflow-in-the-linux-kernel
https://www.fortinet.com/blog/threat-research/analysis-of-microsoft-cve-2022-21907
CVE-2022-0435: A Remote Stack Overflow in The Linux Kernel
https://blog.immunityinc.com/p/a-remote-stack-overflow-in-the-linux-kernel
One Byte to ROP // Deep Dive Edition
https://hackmd.io/@pepsipu/ry-SK44pt
A primer on DCSync attack and detection
https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
https://hackmd.io/@pepsipu/ry-SK44pt
A primer on DCSync attack and detection
https://www.alteredsecurity.com/post/a-primer-on-dcsync-attack-and-detection
ice phishing on the blockchain
https://www.microsoft.com/security/blog/2022/02/16/ice-phishing-on-the-blockchain
Evasive Trickbot Attacks Customers of 60 High-Profile Companies
https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies
https://www.microsoft.com/security/blog/2022/02/16/ice-phishing-on-the-blockchain
Evasive Trickbot Attacks Customers of 60 High-Profile Companies
https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies
A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
https://github.com/horizon3ai/backup_dc_registry
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM
https://github.com/JonathanSalwan/VMProtect-devirtualization
https://github.com/horizon3ai/backup_dc_registry
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM
https://github.com/JonathanSalwan/VMProtect-devirtualization
EU-21-Sheinfeld-Is-This-My-Domain-Controller.pdf
1.2 MB
A New Class of Active Directory Protocol Injection Attacks
https://i.blackhat.com/EU-21/Wednesday/EU-21-Sheinfeld-Is-This-My-Domain-Controller.pdf
https://i.blackhat.com/EU-21/Wednesday/EU-21-Sheinfeld-Is-This-My-Domain-Controller.pdf
Media is too big
VIEW IN TELEGRAM
تثبيت Kali NetHunter على الأندرويد
متطلبات أساسية:
_أندرويد lollipop مع وجود صلاحيات الروت
_مساحة تخزين خالية لا تقل عن 8 جيجابايت
بعد فتح البرنامج ومنحه الأذونات المطلوبة ادخل الى kali chroot manger وبعدها install kali chroot هتلاقي خيارين:
_الأول لتحميل حزمة ملفات Chroot ومن خلاله بتختار بنية نظامك وحجم الحزمة full ولا min وبعدين مسار تنزيل الملف وتضغط ok وتنتظر التنزيل، وطبعا الوقت هيختلف باختلاف سرعة النت عندك وحجم الحزمة اللي اخترتها
_تاني خيار هو للإستعادة من الملفات وهو انك بتحدد مسار المجلد اللي الحزمة موجودة فيه واسمها وهو اللي انا استخدمته
_حزمة chroot كاملة حجمها يقرُب لـ 1 جيجا ونص والـ minimal حجمها 651 ميجا
_استخدام ادوات الـ wifi يتطلب تثبيت Busybox
_استخدام هواتف سامسونج أفضل من غيرها لدعمها الكبير من مطورين xda ومشروعات الريكفري المعدل مفتوحة المصدر TWRP
_تثبيت Andrax بيكون بنفس الطريقة لكن الفرق ان andrax بيحتاج مساحة تخزين حوالي 15 جيجا
لتحميل تطبيق NetHunter و terminal
https://store.nethunter.com
أو gitlab
https://gitlab.com/kalilinux/nethunter/apps
متطلبات أساسية:
_أندرويد lollipop مع وجود صلاحيات الروت
_مساحة تخزين خالية لا تقل عن 8 جيجابايت
بعد فتح البرنامج ومنحه الأذونات المطلوبة ادخل الى kali chroot manger وبعدها install kali chroot هتلاقي خيارين:
_الأول لتحميل حزمة ملفات Chroot ومن خلاله بتختار بنية نظامك وحجم الحزمة full ولا min وبعدين مسار تنزيل الملف وتضغط ok وتنتظر التنزيل، وطبعا الوقت هيختلف باختلاف سرعة النت عندك وحجم الحزمة اللي اخترتها
_تاني خيار هو للإستعادة من الملفات وهو انك بتحدد مسار المجلد اللي الحزمة موجودة فيه واسمها وهو اللي انا استخدمته
_حزمة chroot كاملة حجمها يقرُب لـ 1 جيجا ونص والـ minimal حجمها 651 ميجا
_استخدام ادوات الـ wifi يتطلب تثبيت Busybox
_استخدام هواتف سامسونج أفضل من غيرها لدعمها الكبير من مطورين xda ومشروعات الريكفري المعدل مفتوحة المصدر TWRP
_تثبيت Andrax بيكون بنفس الطريقة لكن الفرق ان andrax بيحتاج مساحة تخزين حوالي 15 جيجا
لتحميل تطبيق NetHunter و terminal
https://store.nethunter.com
أو gitlab
https://gitlab.com/kalilinux/nethunter/apps