INE | eCPPT Penetration Testing Professional (NEW - 2024)

Download : https://1024terabox.com/s/1cVvLsmUf-Jb81Rawna24LQ

More info :https://security.ine.com/certifications/ecppt-certification/

pcap-did-what: Analyze pcaps with Zeek and a Grafana Dashboard https://github.com/hackertarget/pcap-did-what

duck.ai

Uma ferramenta de comunicação com chatbots feita pela DuckDuckGo. Gratuito, não requer cadastro (posiciona-se como anônimo e não coleta esses usuários) e muito rápido:

Turbo GPT-3.5
Claude 4 Haiku
Liama ​​​​3 70B
Mixtral 8x78

Fascinating C code: TCP sockets & HTTP file downloads using only ntdll exports (NtCreateFile & NtDeviceIoControlFile syscalls). Bypasses Winsock for low-level Windows networking.


https://www.x86matthew.com/view_post?id=ntsockets

😈 RedTeam Story #1: XSS, LFI, Logrotate.

• MITRE ATT&CK Techniques and Tactics;
• Attack Context;
• Methodology;
• Evasion Mechanism;
• Goal;

• Exploitation of Website;
• Privilege Escalation and Lateral Movement;
• Post-Exploitation;
• Automation and Scripting;
• Persistence;
- MITRE ATT&CK Techniques and Tactics Sorted by Tactics;
- Attack Context;
• Scripting;
- Creating and Testing a Bash Reverse Shell;
- Verifying the Reverse Shell;
- Establishing a Reverse Shell Connection;
- Analyzing Root Crontab and Persistence Mechanisms;
— Reviewing Crontab;
— Root Reset Script;
— Log Rotation Configuration;
— Automated Root Login Script;
— Database Cleanup Script;
• Privilege Escalation;

𝗢𝗪𝗔𝗦𝗣 𝗧𝗢𝗣 𝟭𝟬 - 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗹𝗲 𝗟𝗟𝗠 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀

The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security.

Link 🔗:-
https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Vulnerable-LLM-Applications

Bluetooth-DOS-Attack

Tool idea:
Make it mandatory for nearby Bluetooth-enabled devices to connect to nearby Bluetooth-enabled devices such as speakers and other things.

https://github.com/Yasher201/Bluetooth-DOS-Attack

𝗧𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲𝘀 𝗳𝗼𝗿 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲 𝗘𝘀𝗰𝗮𝗹𝗮𝘁𝗶𝗼𝗻 𝗼𝗻 𝗪𝗶𝗻𝗱𝗼𝘄𝘀

Breaking Barriers and Assumptions

🔗 Part 1 :-
https://www.zerodayinitiative.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1

🔗 Part 2 :-
https://www.zerodayinitiative.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2

🔗 Part 3 :-
https://www.zerodayinitiative.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3

C2 Cloud - The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.

https://github.com/govindasamyarun/c2-cloud?tab=readme-ov-file#application-setup

Web Hacking Arsenal: A Practical Guide to Modern Web Pentesting [2024]

Black Hat Bash - Creative Scripting for Hackers and Pentesters by Dolev Farhi, Nick Aleks

Tools and Techniques for Red Team / Penetration Testing

https://github.com/A-poc/RedTeam-Tools

CVE-2024-5932
*
WordPress GiveWP POP to RCE
*
POC exploit