clash_for_windows_pkg RCE
https://github.com/Fndroid/clash_for_windows_pkg/issues/2710
https://github.com/Fndroid/clash_for_windows_pkg/issues/2710
.NET, PE, & Raw Shellcode Packer/Loader Written in Nim
https://github.com/icyguider/Nimcrypt2
Cheat Sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell
https://github.com/drak3hft7/Cheat-Sheet---Active-Directory
https://github.com/icyguider/Nimcrypt2
Cheat Sheet contains common enumeration and attack methods for Windows Active Directory with the use of powershell
https://github.com/drak3hft7/Cheat-Sheet---Active-Directory
All writeups about bug bounty list
https://github.com/hackforsecurity/BugBountyTool
Simwigo is a cross-platform tool, to simplify the deployment of a web service
https://github.com/8iche/simwigo
https://github.com/hackforsecurity/BugBountyTool
Simwigo is a cross-platform tool, to simplify the deployment of a web service
https://github.com/8iche/simwigo
Convert shellcode into different formats!
https://github.com/ad-995/bluffy
A simple script just made for self use for bypassing 403
https://github.com/iamj0ker/bypass-403
https://github.com/ad-995/bluffy
A simple script just made for self use for bypassing 403
https://github.com/iamj0ker/bypass-403
Mindmaps, tips & tricks, resources and every thing related to API Security and API Penetration Testing
https://github.com/cyprosecurity/API-SecurityEmpire
https://github.com/cyprosecurity/API-SecurityEmpire
Circumventing Deep Packet Inspection with Socat and rot13
https://gist.github.com/gmurdocca/88857b58dc4668d88b0d0fae6ebf8b64
https://gist.github.com/gmurdocca/88857b58dc4668d88b0d0fae6ebf8b64
SSRF & LFI In Uploads Feature
https://medium.com/@raymond-lind/ssrf-lfi-in-uploads-feature-321d83b93ec0
Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager
https://swarm.ptsecurity.com/catching-bugs-in-vmware-carbon-black-cloud-workload-appliance-and-vrealize-operations-manager
https://medium.com/@raymond-lind/ssrf-lfi-in-uploads-feature-321d83b93ec0
Catching bugs in VMware: Carbon Black Cloud Workload Appliance and vRealize Operations Manager
https://swarm.ptsecurity.com/catching-bugs-in-vmware-carbon-black-cloud-workload-appliance-and-vrealize-operations-manager
The Hunt for the Lost Soul: Unraveling the Evolution of the SoulSearcher Malware
https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-searcher-malware
A week in security (February 21_February 27)
https://blog.malwarebytes.com/a-week-in-security/2022/02/a-week-in-security-february-21-february-27
https://www.fortinet.com/blog/threat-research/unraveling-the-evolution-of-the-soul-searcher-malware
A week in security (February 21_February 27)
https://blog.malwarebytes.com/a-week-in-security/2022/02/a-week-in-security-february-21-february-27
PPTs shared by companies in various fields of security at meetings
https://github.com/FeeiCN/Security-PPT
https://github.com/FeeiCN/Security-PPT
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon
https://github.com/lutfumertceylan/top25-parameter
https://github.com/lutfumertceylan/top25-parameter
PoC for KeePass CVE-2022-0725
https://github.com/ByteHackr/keepass_poc
PoC CVE-2021-30955
Mac OS Kernel race condition
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa
Exploiting CVE-2021-26708 (Linux kernel) with sshd
https://hardenedvault.net/2022/03/01/poc-cve-2021-26708.html
https://github.com/ByteHackr/keepass_poc
PoC CVE-2021-30955
Mac OS Kernel race condition
https://gist.github.com/jakeajames/37f72c58c775bfbdda3aa9575149a8aa
Exploiting CVE-2021-26708 (Linux kernel) with sshd
https://hardenedvault.net/2022/03/01/poc-cve-2021-26708.html
Beacon Object Files
https://github.com/BOFs/BOFs
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc
https://github.com/wumb0/rust_bof
https://github.com/BOFs/BOFs
Cobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc
https://github.com/wumb0/rust_bof
All in one complete hacking toolkit for termux, kali and any other linux distro
https://github.com/Cvar1984/MR.X-0day
https://github.com/Cvar1984/MR.X-0day
Digital technology and the war in Ukraine
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks
IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine
https://www.welivesecurity.com/2022/03/01/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine
Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage
https://blogs.microsoft.com/on-the-issues/2022/02/28/ukraine-russia-digital-war-cyberattacks
IsaacWiper and HermeticWizard: New wiper and worm targeting Ukraine
https://www.welivesecurity.com/2022/03/01/isaacwiper-hermeticwizard-wiper-worm-targeting-ukraine
Daxin: Stealthy Backdoor Designed for Attacks Against Hardened Networks
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/daxin-backdoor-espionage
CVE-2022-22947 Spring Cloud Gateway RCE Exploit
1. https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947
2. https://github.com/Axx8/CVE-2022-22947_Rce_Exp
1. https://github.com/lucksec/Spring-Cloud-Gateway-CVE-2022-22947
2. https://github.com/Axx8/CVE-2022-22947_Rce_Exp
CVE-2022-25090 PrintixService
https://github.com/ComparedArray/printix-CVE-2022-25090
CVE-2022-25064 TP-LINK TL-WR840N RCE via the function oal_wan6_setIpAddr
https://github.com/Mr-xn/CVE-2022-25064
https://github.com/ComparedArray/printix-CVE-2022-25090
CVE-2022-25064 TP-LINK TL-WR840N RCE via the function oal_wan6_setIpAddr
https://github.com/Mr-xn/CVE-2022-25064
UAC Bypass
tested works well on Windows 11
https://github.com/aaaddress1/PR0CESS/tree/main/UACBypassJF_RpcALPC
tested works well on Windows 11
https://github.com/aaaddress1/PR0CESS/tree/main/UACBypassJF_RpcALPC