ice phishing on the blockchain
https://www.microsoft.com/security/blog/2022/02/16/ice-phishing-on-the-blockchain
Evasive Trickbot Attacks Customers of 60 High-Profile Companies
https://research.checkpoint.com/2022/a-modern-ninja-evasive-trickbot-attacks-customers-of-60-high-profile-companies

A simple POC that abuses Backup Operator privileges to remote dump SAM, SYSTEM, and SECURITY
https://github.com/horizon3ai/backup_dc_registry
Playing with the VMProtect software protection. Automatic deobfuscation of pure functions using symbolic execution and LLVM
https://github.com/JonathanSalwan/VMProtect-devirtualization

A New Class of Active Directory Protocol Injection Attacks
https://i.blackhat.com/EU-21/Wednesday/EU-21-Sheinfeld-Is-This-My-Domain-Controller.pdf

تثبيت Kali NetHunter على الأندرويد
متطلبات أساسية:
_أندرويد lollipop مع وجود صلاحيات الروت
_مساحة تخزين خالية لا تقل عن 8 جيجابايت
بعد فتح البرنامج ومنحه الأذونات المطلوبة ادخل الى kali chroot manger وبعدها install kali chroot هتلاقي خيارين:
_الأول لتحميل حزمة ملفات Chroot ومن خلاله بتختار بنية نظامك وحجم الحزمة full ولا min وبعدين مسار تنزيل الملف وتضغط ok وتنتظر التنزيل، وطبعا الوقت هيختلف باختلاف سرعة النت عندك وحجم الحزمة اللي اخترتها
_تاني خيار هو للإستعادة من الملفات وهو انك بتحدد مسار المجلد اللي الحزمة موجودة فيه واسمها وهو اللي انا استخدمته

_حزمة chroot كاملة حجمها يقرُب لـ 1 جيجا ونص والـ minimal حجمها 651 ميجا
_استخدام ادوات الـ wifi يتطلب تثبيت Busybox
_استخدام هواتف سامسونج أفضل من غيرها لدعمها الكبير من مطورين xda ومشروعات الريكفري المعدل مفتوحة المصدر TWRP
_تثبيت Andrax بيكون بنفس الطريقة لكن الفرق ان andrax بيحتاج مساحة تخزين حوالي 15 جيجا

لتحميل تطبيق NetHunter و terminal
https://store.nethunter.com
أو gitlab
https://gitlab.com/kalilinux/nethunter/apps

Exploiting CVE 2019-2215 Android Binder
https://cutesmilee.github.io/kernel/linux/android/2022/02/17/cve-2019-2215_writeup
Case Study: Zabbix Frontend Vulnerabilities CVE-2022-23131 & CVE-2022-23134
https://blog.sonarsource.com/zabbix-case-study-of-unsafe-session-storage

the most memory safe buffer overflow in rust
https://gist.github.com/rexim/38c176fe4669ef83db69aca9909d7b7f
Tutorial: Kubernetes Vulnerability
Scanning & Testing With Open Source
https://www.conjur.org/blog/tutorial-kubernetes-vulnerability-scanning-testing-with-open-source

Vulnerability in WordPress' UpdraftPlus plugin allows subscribers to download sensitive backups
https://www.wordfence.com/blog/2022/02/vulnerability-in-updraftplus-allowed-subscribers-to-download-sensitive-backups
Local Privilege Escalation Vulnerability Discovered in snap-confine CVE-2021-44731
https://blog.qualys.com/vulnerabilities-threat-research/2022/02/17/oh-snap-more-lemmings-local-privilege-escalation-vulnerability-discovered-in-snap-confine-cve-2021-44731

EmailAll is a powerful Email Collect tool
https://github.com/Taonn/EmailAll
extract JavaScript files from burp suite project with ease
https://github.com/0xDexter0us/uproot-JS

AI Powered Hacking Environment, A Software For Hackers, Social Engineers, ..
https://github.com/Mahmoud7Osman/Digle
For Building Distributed Denial Of Service Bots (DDOS), Attacking Network Applications Such As Web Applications, Services, ..
https://github.com/Mahmoud7Osman/EvilDoser

Ethical / unethical hacking platform to learn the concepts of hacking and cyber security and tools to exploit old and new services or system applications such as file path looting https://github.com/ArkAngeL43/Red-Rabbit-V5

Zenith exploits a memory corruption vulnerability in the NetUSB driver to get remote-code execution on the TP-Link Archer C7 V5 router for Pwn2Own Austin 2021
https://github.com/0vercl0k/zenith

CVE-2022-23131 zabbix-saml-bypass-exp
https://github.com/Mr-xn/cve-2022-23131
Bypassing Linux Executable Space Protection CVE-2022-25265
https://github.com/x0reaxeax/exec-prot-bypass

Bug Bounty Roadmaps
https://github.com/1ndianl33t/Bug-Bounty-Roadmaps
Useful Google Dorks for BugBounty
https://github.com/Proviesec/google-dorks
A curated list of backdoor learning resources
https://github.com/THUYimingLi/backdoor-learning-resources

InfoSecSherpa’s News Roundup for Sunday, February 20, 2022
https://infosecsherpa.medium.com/infosecsherpas-news-roundup-for-sunday-february-20-2022-a5a2aec09ddc

CVE-2022-24086 about Magento RCE
https://github.com/Mr-xn/CVE-2022-24086
CVE-2022-24112 Apache APISIX check
https://github.com/shakeman8/CVE-2022-24112
CVE-2022-24112 Apache apisix/batch-requests RCE
https://github.com/Mr-xn/CVE-2022-24112

Eventlistener xss Recon
https://github.com/yavolo/eventlistener-xss-recon
A blind XSS detection framework
https://github.com/daxAKAhackerman/XSS-Catcher
An automated SSRF finder. Just give the domain name and your server and chill! ;) Also has options to find XSS and open redirects
https://github.com/ksharinarayanan/SSRFire

A easily modifiable shellcode template for Windows x64/x86
https://github.com/Cracked5pider/ShellcodeTemplate
list of resources, and other things that aid in malware analysis / dev and exploit dev
https://github.com/evilbuffer/malware-and-exploitdev-resources

A multi-platform HTTP(S) Reverse Shell Server and Client in Python 3
https://github.com/EONRaider/BCA-Phantom