SQL Injection to RCE
https://pentestmag.com/sql-injection-to-rce
Remote Code Execution in pfSense <= 2.5.2
https://www.shielder.it/advisories/pfsense-remote-command-execution
https://pentestmag.com/sql-injection-to-rce
Remote Code Execution in pfSense <= 2.5.2
https://www.shielder.it/advisories/pfsense-remote-command-execution
PoC CVE-2022-21907 Double Free in http.sys driver, triggering a kernel crash on IIS servers
https://github.com/p0dalirius/CVE-2022-21907-http.sys
Local privilege escalation based on Sunflower RCE without specifying ports
https://github.com/Ryze-T/CNVD-2022-10270-LPE
https://github.com/p0dalirius/CVE-2022-21907-http.sys
Local privilege escalation based on Sunflower RCE without specifying ports
https://github.com/Ryze-T/CNVD-2022-10270-LPE
Security vulnerability database inclusive of CVEs and GitHub
https://github.com/github/advisory-database
A stealth AirTag clone that bypasses all of Apple's tracking protection features
https://github.com/positive-security/find-you
https://github.com/github/advisory-database
A stealth AirTag clone that bypasses all of Apple's tracking protection features
https://github.com/positive-security/find-you
Running Cobalt Strike BOFs from Python
https://www.naksyn.com/injection/2022/02/16/running-cobalt-strike-bofs-from-python.html
https://www.naksyn.com/injection/2022/02/16/running-cobalt-strike-bofs-from-python.html
POC for CVE-2022-24124
https://github.com/ColdFusionX/CVE-2022-24124
CVE-2022-24086 RCE
https://github.com/shakeman8/CVE-2022-24086-RCE
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"
https://github.com/0vercl0k/CVE-2022-21971
PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability"
https://github.com/0vercl0k/CVE-2022-21974
https://github.com/ColdFusionX/CVE-2022-24124
CVE-2022-24086 RCE
https://github.com/shakeman8/CVE-2022-24086-RCE
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"
https://github.com/0vercl0k/CVE-2022-21971
PoC for CVE-2022-21974 "Roaming Security Rights Management Services Remote Code Execution Vulnerability"
https://github.com/0vercl0k/CVE-2022-21974
clash_for_windows_pkg RCE
https://github.com/Fndroid/clash_for_windows_pkg/issues/2710
https://github.com/Fndroid/clash_for_windows_pkg/issues/2710
.NET, PE, & Raw Shellcode Packer/Loader Written in Nim
https://github.com/icyguider/Nimcrypt2
Cheat Sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell
https://github.com/drak3hft7/Cheat-Sheet---Active-Directory
https://github.com/icyguider/Nimcrypt2
Cheat Sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell
https://github.com/drak3hft7/Cheat-Sheet---Active-Directory
All writeups about bug bounty list
https://github.com/hackforsecurity/BugBountyTool
Simwigo is a cross-platform tool, to simplify the deployment of a web service
https://github.com/8iche/simwigo
https://github.com/hackforsecurity/BugBountyTool
Simwigo is a cross-platform tool, to simplify the deployment of a web service
https://github.com/8iche/simwigo
Convert shellcode into different formats!
https://github.com/ad-995/bluffy
A simple script just made for self use for bypassing 403
https://github.com/iamj0ker/bypass-403
https://github.com/ad-995/bluffy
A simple script just made for self use for bypassing 403
https://github.com/iamj0ker/bypass-403
Mindmaps, tips & tricks, resources and every thing related to API Security and API Penetration Testing
https://github.com/cyprosecurity/API-SecurityEmpire
https://github.com/cyprosecurity/API-SecurityEmpire
Circumventing Deep Packet Inspection with Socat and rot13
https://gist.github.com/gmurdocca/88857b58dc4668d88b0d0fae6ebf8b64
https://gist.github.com/gmurdocca/88857b58dc4668d88b0d0fae6ebf8b64
SSRF & LFI In Uploads Feature
https://medium.com/@raymond-lind/ssrf-lfi-in-uploads-feature-321d83b93ec0
Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager
https://swarm.ptsecurity.com/catching-bugs-in-vmware-carbon-black-cloud-workload-appliance-and-vrealize-operations-manager
https://medium.com/@raymond-lind/ssrf-lfi-in-uploads-feature-321d83b93ec0
Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager
https://swarm.ptsecurity.com/catching-bugs-in-vmware-carbon-black-cloud-workload-appliance-and-vrealize-operations-manager
The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware
https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-searcher-malware
A week in security (February 21_February 27)
https://blog.malwarebytes.com/a-week-in-security/2022/02/a-week-in-security-february-21-february-27
https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-searcher-malware
A week in security (February 21_February 27)
https://blog.malwarebytes.com/a-week-in-security/2022/02/a-week-in-security-february-21-february-27
PPTs shared by companies in various fields of security at meetings
https://github.com/FeeiCN/Security-PPT
https://github.com/FeeiCN/Security-PPT
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon
https://github.com/lutfumertceylan/top25-parameter
https://github.com/lutfumertceylan/top25-parameter