๐ข๐ช๐๐ฆ๐ฃ ๐ง๐ข๐ฃ ๐ญ๐ฌ - ๐ฉ๐๐น๐ป๐ฒ๐ฟ๐ฎ๐ฏ๐น๐ฒ ๐๐๐ ๐๐ฝ๐ฝ๐น๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป๐
The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security.
Link ๐:-
https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Vulnerable-LLM-Applications
The OWASP Top 10 for LLMs is a list of the most critical vulnerabilities found in applications utilizing LLMs. It was created to provide developers, data scientists, and security experts with practical, actionable, and concise security guidance to navigate the complex and evolving terrain of LLM security.
Link ๐:-
https://github.com/OWASP/www-project-top-10-for-large-language-model-applications/wiki/Vulnerable-LLM-Applications
This media is not supported in your browser
VIEW IN TELEGRAM
Bluetooth-DOS-Attack
Tool idea:
Make it mandatory for nearby Bluetooth-enabled devices to connect to nearby Bluetooth-enabled devices such as speakers and other things.
https://github.com/Yasher201/Bluetooth-DOS-Attack
Tool idea:
Make it mandatory for nearby Bluetooth-enabled devices to connect to nearby Bluetooth-enabled devices such as speakers and other things.
https://github.com/Yasher201/Bluetooth-DOS-Attack
๐ง๐ฒ๐ฐ๐ต๐ป๐ถ๐พ๐๐ฒ๐ ๐ณ๐ผ๐ฟ ๐ฃ๐ฟ๐ถ๐๐ถ๐น๐ฒ๐ด๐ฒ ๐๐๐ฐ๐ฎ๐น๐ฎ๐๐ถ๐ผ๐ป ๐ผ๐ป ๐ช๐ถ๐ป๐ฑ๐ผ๐๐
Breaking Barriers and Assumptions
๐ Part 1 :-
https://www.zerodayinitiative.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1
๐ Part 2 :-
https://www.zerodayinitiative.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2
๐ Part 3 :-
https://www.zerodayinitiative.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3
Breaking Barriers and Assumptions
๐ Part 1 :-
https://www.zerodayinitiative.com/blog/2024/7/29/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-1
๐ Part 2 :-
https://www.zerodayinitiative.com/blog/2024/7/30/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-2
๐ Part 3 :-
https://www.zerodayinitiative.com/blog/2024/7/31/breaking-barriers-and-assumptions-techniques-for-privilege-escalation-on-windows-part-3
C2 Cloud - The C2 Cloud is a robust web-based C2 framework, designed to simplify the life of penetration testers. It allows easy access to compromised backdoors, just like accessing an EC2 instance in the AWS cloud. It can manage several simultaneous backdoor sessions with a user-friendly interface.
https://github.com/govindasamyarun/c2-cloud?tab=readme-ov-file#application-setup
https://github.com/govindasamyarun/c2-cloud?tab=readme-ov-file#application-setup
Black Hat Bash.pdf
8.5 MB
Black Hat Bash - Creative Scripting for Hackers and Pentesters by Dolev Farhi, Nick Aleks
๐ฅ1
Kaspersky TDSSKiller abuse to disable EDR software
You can abuse TDSSKiller to interact with kernel-level services to disable EDR software running on the machine.
Removal of Malwarebytes Anti-Malware Service:
Removal of Microsoft Defender:
The "-dcsvc <service_name>" command deletes the specified service, removing the registry keys and executables associated with the service and software.
https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/lockbit-ransomware-silently-disables-edr-using-tdsskiller
https://www.threatdown.com/blog/new-ransomhub-attack-uses-tdskiller-and-lazagne-disables-edr/
You can abuse TDSSKiller to interact with kernel-level services to disable EDR software running on the machine.
Removal of Malwarebytes Anti-Malware Service:
tdsskiller.exe -dcsvc MBAMService Removal of Microsoft Defender:
tdsskiller.exe -dcsvc windefend The "-dcsvc <service_name>" command deletes the specified service, removing the registry keys and executables associated with the service and software.
https://www.sangfor.com/farsight-labs-threat-intelligence/cybersecurity/lockbit-ransomware-silently-disables-edr-using-tdsskiller
https://www.threatdown.com/blog/new-ransomhub-attack-uses-tdskiller-and-lazagne-disables-edr/
Leaked Wallpaper
This is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.
https://github.com/MzHmO/LeakedWallpaper
This is a privilege escalation tool (fixed with CVE-2024-38100 in KB5040434) that allows us to leak a user's NetNTLM hash from any session on the computer, even if we are working from a low-privileged user.
https://github.com/MzHmO/LeakedWallpaper
PoC Exploit for Windows 0-Day Flaws CVE-2024-38202 and CVE-2024-21302 Released:
https://securityonline.info/poc-exploit-for-windows-0-day-flaws-cve-2024-38202-and-cve-2024-21302-released/
https://securityonline.info/poc-exploit-for-windows-0-day-flaws-cve-2024-38202-and-cve-2024-21302-released/
Estou publicando um curso de Flipper Zero no YouTube e conto com o apoio de vocรชs para poder trazer outros projetos futuramente. Curtam os vรญdeos e se inscrevam, ajudarรก bastante o canal.
https://www.youtube.com/playlist?list=PLDCjkmO5apxafYqY1JJEtMe186HK6ksN8
https://www.youtube.com/playlist?list=PLDCjkmO5apxafYqY1JJEtMe186HK6ksN8
YouTube
Curso de Flipper Zero
Um curso onde visa trazer usos bรกsicos e avanรงados desse dispositivo magnรญfico.
Forwarded from Jame Time
PowerShell for Penetration Testing: Explore the capabilities of PowerShell for pentesters across multiple platforms (2024)
Forwarded from Jame Time
PowerShell for Penetration Testing.pdf
12.5 MB