duck.ai
Uma ferramenta de comunicação com chatbots feita pela DuckDuckGo. Gratuito, não requer cadastro (posiciona-se como anônimo e não coleta esses usuários) e muito rápido:
Turbo GPT-3.5
Claude 4 Haiku
Liama 3 70B
Mixtral 8x78
Uma ferramenta de comunicação com chatbots feita pela DuckDuckGo. Gratuito, não requer cadastro (posiciona-se como anônimo e não coleta esses usuários) e muito rápido:
Turbo GPT-3.5
Claude 4 Haiku
Liama 3 70B
Mixtral 8x78
Persistence Techniques That Persist https://www.cyberark.com/resources/threat-research-blog/persistence-techniques-that-persist
Cyberark
Persistence Techniques That Persist
Abstract Once threat actors gain a foothold on a system, they must implement techniques to maintain that access, even in the event of restarts, updates in credentials or any other type of change...
Fascinating C code: TCP sockets & HTTP file downloads using only ntdll exports (NtCreateFile & NtDeviceIoControlFile syscalls). Bypasses Winsock for low-level Windows networking.
https://www.x86matthew.com/view_post?id=ntsockets
https://www.x86matthew.com/view_post?id=ntsockets
Red Team Privilege Escalation
Part 1 - Writable SYSTEM Path Privilege Escalation
https://www.praetorian.com/blog/red-team-local-privilege-escalation-writable-system-path-privilege-escalation-part-1
Part 2 - RBCD Based Privilege Escalation
https://www.praetorian.com/blog/red-team-privilege-escalation-rbcd-based-privilege-escalation-part-2
Part 1 - Writable SYSTEM Path Privilege Escalation
https://www.praetorian.com/blog/red-team-local-privilege-escalation-writable-system-path-privilege-escalation-part-1
Part 2 - RBCD Based Privilege Escalation
https://www.praetorian.com/blog/red-team-privilege-escalation-rbcd-based-privilege-escalation-part-2
👍1
😈 RedTeam Story #1: XSS, LFI, Logrotate.
• MITRE ATT&CK Techniques and Tactics;
• Attack Context;
• Methodology;
• Evasion Mechanism;
• Goal;
• Exploitation of Website;
• Privilege Escalation and Lateral Movement;
• Post-Exploitation;
• Automation and Scripting;
• Persistence;
- MITRE ATT&CK Techniques and Tactics Sorted by Tactics;
- Attack Context;
• Scripting;
- Creating and Testing a Bash Reverse Shell;
- Verifying the Reverse Shell;
- Establishing a Reverse Shell Connection;
- Analyzing Root Crontab and Persistence Mechanisms;
— Reviewing Crontab;
— Root Reset Script;
— Log Rotation Configuration;
— Automated Root Login Script;
— Database Cleanup Script;
• Privilege Escalation;
• MITRE ATT&CK Techniques and Tactics;
• Attack Context;
• Methodology;
• Evasion Mechanism;
• Goal;
• Exploitation of Website;
• Privilege Escalation and Lateral Movement;
• Post-Exploitation;
• Automation and Scripting;
• Persistence;
- MITRE ATT&CK Techniques and Tactics Sorted by Tactics;
- Attack Context;
• Scripting;
- Creating and Testing a Bash Reverse Shell;
- Verifying the Reverse Shell;
- Establishing a Reverse Shell Connection;
- Analyzing Root Crontab and Persistence Mechanisms;
— Reviewing Crontab;
— Root Reset Script;
— Log Rotation Configuration;
— Automated Root Login Script;
— Database Cleanup Script;
• Privilege Escalation;
A Universal Windows Bootkit
An analysis of the MBR bootkit referred to as “HDRoot”
https://williamshowalter.com/a-universal-windows-bootkit/
An analysis of the MBR bootkit referred to as “HDRoot”
https://williamshowalter.com/a-universal-windows-bootkit/
𝗢𝗪𝗔𝗦𝗣 𝗧𝗢𝗣 𝟭𝟬 - 𝗩𝘂𝗹𝗻𝗲𝗿𝗮𝗯𝗹𝗲 𝗟𝗟𝗠 𝗔𝗽𝗽𝗹𝗶𝗰𝗮𝘁𝗶𝗼𝗻𝘀
The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security.
Link 🔗:-
https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Vulnerable-LLM-Applications
The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security.
Link 🔗:-
https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Vulnerable-LLM-Applications
This media is not supported in your browser
VIEW IN TELEGRAM
Bluetooth-DOS-Attack
Tool idea:
Make it mandatory for nearby Bluetooth-enabled devices to connect to nearby Bluetooth-enabled devices such as speakers and other things.
https://github.com/Yasher201/Bluetooth-DOS-Attack
Tool idea:
Make it mandatory for nearby Bluetooth-enabled devices to connect to nearby Bluetooth-enabled devices such as speakers and other things.
https://github.com/Yasher201/Bluetooth-DOS-Attack
𝗧𝗲𝗰𝗵𝗻𝗶𝗾𝘂𝗲𝘀 𝗳𝗼𝗿 𝗣𝗿𝗶𝘃𝗶𝗹𝗲𝗴𝗲 𝗘𝘀𝗰𝗮𝗹𝗮𝘁𝗶𝗼𝗻 𝗼𝗻 𝗪𝗶𝗻𝗱𝗼𝘄𝘀
Breaking Barriers and Assumptions
🔗 Part 1 :-
https://www.zerodayinitiative.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1
🔗 Part 2 :-
https://www.zerodayinitiative.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2
🔗 Part 3 :-
https://www.zerodayinitiative.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3
Breaking Barriers and Assumptions
🔗 Part 1 :-
https://www.zerodayinitiative.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1
🔗 Part 2 :-
https://www.zerodayinitiative.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2
🔗 Part 3 :-
https://www.zerodayinitiative.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3
C2 Cloud - The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.
https://github.com/govindasamyarun/c2-cloud?tab=readme-ov-file#application-setup
https://github.com/govindasamyarun/c2-cloud?tab=readme-ov-file#application-setup
Black Hat Bash.pdf
8.5 MB
Black Hat Bash - Creative Scripting for Hackers and Pentesters by Dolev Farhi, Nick Aleks
🔥1
Kaspersky TDSSKiller abuse to disable EDR software
You can abuse TDSSKiller to interact with kernel-level services to disable EDR software running on the machine.
Removal of Malwarebytes Anti-Malware Service:
Removal of Microsoft Defender:
The "-dcsvc <service_name>" command deletes the specified service, removing the registry keys and executables associated with the service and software.
https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/lockbit-ransomware-silently-disables-edr-using-tdsskiller
https://www.threatdown.com/blog/new-ransomhub-attack-uses-tdskiller-and-lazagne-disables-edr/
You can abuse TDSSKiller to interact with kernel-level services to disable EDR software running on the machine.
Removal of Malwarebytes Anti-Malware Service:
tdsskiller.exe -dcsvc MBAMService Removal of Microsoft Defender:
tdsskiller.exe -dcsvc windefend The "-dcsvc <service_name>" command deletes the specified service, removing the registry keys and executables associated with the service and software.
https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/lockbit-ransomware-silently-disables-edr-using-tdsskiller
https://www.threatdown.com/blog/new-ransomhub-attack-uses-tdskiller-and-lazagne-disables-edr/
Leaked Wallpaper
This is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.
https://github.com/MzHmO/LeakedWallpaper
This is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.
https://github.com/MzHmO/LeakedWallpaper