MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
https://github.com/Xre0uS/MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
https://github.com/Xre0uS/MultiDump
MediaTek WLAN Driver Memory Corruption
https://packetstormsecurity.com/files/177011/MediaTek-WLAN-Driver-Memory-Corruption.html
CVE-2023-5178:
NVMe-oF TCP vulnerability
https://github.com/rockrid3r/CVE-2023-5178
https://packetstormsecurity.com/files/177011/MediaTek-WLAN-Driver-Memory-Corruption.html
CVE-2023-5178:
NVMe-oF TCP vulnerability
https://github.com/rockrid3r/CVE-2023-5178
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
GitHub
GitHub - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC: Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386) - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
1. Using form hijacking to bypass CSP
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
2. Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
2. Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
This is a proof of concept for #CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.
https://github.com/nettitude/CVE-2024-25153
https://github.com/nettitude/CVE-2024-25153
GitHub
GitHub - nettitude/CVE-2024-25153: Proof-of-concept exploit for CVE-2024-25153.
Proof-of-concept exploit for CVE-2024-25153. Contribute to nettitude/CVE-2024-25153 development by creating an account on GitHub.
Infosec Awesome.
- Um repositório com vários materiais e ferramentas de segurança da informação. Você pode encontrar informações úteis para todos os gostos e cores:
• Adversary Simulation & Emulation;
• Application Security;
• Binary Analysis;
• Cloud Security;
• Courses;
• Cryptography;
• Data Sets;
• Digital Forensics and Incident Response;
• Exploits;
• Hardening;
• Hardware;
• Malware Analysis;
• Mobile Security;
• Network Security;
• Open-source Intelligence (OSINT);
• Password Cracking and Wordlists;
• Social Engineering;
• Smart Contract;
• Vulnerable.
@hackingbra
- Um repositório com vários materiais e ferramentas de segurança da informação. Você pode encontrar informações úteis para todos os gostos e cores:
• Adversary Simulation & Emulation;
• Application Security;
• Binary Analysis;
• Cloud Security;
• Courses;
• Cryptography;
• Data Sets;
• Digital Forensics and Incident Response;
• Exploits;
• Hardening;
• Hardware;
• Malware Analysis;
• Mobile Security;
• Network Security;
• Open-source Intelligence (OSINT);
• Password Cracking and Wordlists;
• Social Engineering;
• Smart Contract;
• Vulnerable.
@hackingbra
Proof of Concept (PoC) for #CVE-2024-23334, demonstrating how #malicious actors can exploit vulnerabilities in aiohttp using #LFI .
https://github.com/jhonnybonny/CVE-2024-23334
https://github.com/jhonnybonny/CVE-2024-23334
Fiz esse vídeo sem muita firula, apenas para trazer conteúdos em português sobre o Flipper Zero. Quem puder estar se inscrevendo e curtindo o vídeo, vai ajudar bastante.
https://www.youtube.com/watch?v=O1wZ0PST6Xc
https://www.youtube.com/watch?v=O1wZ0PST6Xc
YouTube
Instalando o firmware Xtreme no Flipper Zero
Neste vídeo eu mostro como instalar o firmware Xtreme no Flipper Zero. Abaixo estarei deixando os links citados no vídeos.
🔴 Xtreme Firmware: https://github.com/Flipper-XFW/Xtreme-Firmware/releases
🔴 Instagram: https://www.instagram.com/hackingbrasil/
🔴…
🔴 Xtreme Firmware: https://github.com/Flipper-XFW/Xtreme-Firmware/releases
🔴 Instagram: https://www.instagram.com/hackingbrasil/
🔴…
This media is not supported in your browser
VIEW IN TELEGRAM
CVE-2024-1086 Linux kernel LPE
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
A full write-up of the exploit - including background information and loads of useful diagrams - can be found in the Flipping Pages blogpost.
Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
A full write-up of the exploit - including background information and loads of useful diagrams - can be found in the Flipping Pages blogpost.
Windows Defender Killer | código em C++ para desabilitar permanentemente o Windows Defender através de chaves no registro.
https://github.com/S12cybersecurity/WinDefenderKiller
https://github.com/S12cybersecurity/WinDefenderKiller
Low-Level x86-64 Architecture, Linking & Loading, Memory Management, etc...
from SANS sec660.4 (Exploiting Linux for Penetration Testers)
credit: Stephen Sims
https://www.youtube.com/watch?v=I37AJebKh2Y
from SANS sec660.4 (Exploiting Linux for Penetration Testers)
credit: Stephen Sims
https://www.youtube.com/watch?v=I37AJebKh2Y
Backdoor in upstream xz/liblzma leading to ssh server compromisehttps://www.openwall.com/lists/oss-security/2024/03/29/4