Abusing GPO Permissions – harmj0y
https://www.harmj0y.net/blog/redteaming/abusing-gpo-permissions/
https://www.harmj0y.net/blog/redteaming/abusing-gpo-permissions/
GitHub - almandin/fuxploider: File upload vulnerability scanner and exploitation tool.
https://github.com/almandin/fuxploider
https://github.com/almandin/fuxploider
GitHub
GitHub - almandin/fuxploider: File upload vulnerability scanner and exploitation tool.
File upload vulnerability scanner and exploitation tool. - almandin/fuxploider
GitHub - Ne0nd0g/go-shellcode: a repository of Windows Shellcode runners and supporting utuilies. The applications load and execute Shellcode using various API calls or techniques.
https://github.com/Ne0nd0g/go-shellcode
https://github.com/Ne0nd0g/go-shellcode
GitHub
GitHub - Ne0nd0g/go-shellcode: A repository of Windows Shellcode runners and supporting utilities. The applications load and execute…
A repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. - Ne0nd0g/go-shellcode
My Guide to Basic Recon? | Bug Bounties + Recon | Amazing Love story.
https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
https://blog.securitybreached.org/2017/11/25/guide-to-basic-recon-for-bugbounty/
Security Breached Blog
My Guide to Basic Recon? | Bug Bounties + Recon | Amazing Love story.
The Post describe basic steps i follow before starting actual hunt for bugs in a bug bounty program, how i map out the target and which tools to use.
GitHub - thelinuxchoice/lizard: Extension spoofer and reveser shell generator
https://github.com/thelinuxchoice/lizard
https://github.com/thelinuxchoice/lizard
» Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the Domain) » Active Directory Security
https://adsecurity.org/?p=1667
https://adsecurity.org/?p=1667
Active Directory & Azure AD/Entra ID Security
Active Directory Security Risk #101: Kerberos Unconstrained Delegation (or How Compromise of a Single Server Can Compromise the…
At Black Hat USA 2015 this summer (2015), I spoke about the danger in having Kerberos Unconstrained Delegation configured in the environment. When Active Directory was first released with Windows 2000 Server, Microsoft had to provide a simple mechanism to…
GitHub - rarecoil/pantagrule: hashcat rules generated from over 840 million compromised passwords
https://github.com/rarecoil/pantagrule
https://github.com/rarecoil/pantagrule
GitHub
GitHub - rarecoil/pantagrule: large hashcat rulesets generated from real-world compromised passwords
large hashcat rulesets generated from real-world compromised passwords - rarecoil/pantagrule
GitHub - earthquake/SocksOverRDP: Socks5 Proxy support for Remote Desktop Protocol / Terminal Services
https://github.com/earthquake/SocksOverRDP
https://github.com/earthquake/SocksOverRDP
GitHub
GitHub - nccgroup/SocksOverRDP: Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop
Socks5/4/4a Proxy support for Remote Desktop Protocol / Terminal Services / Citrix / XenApp / XenDesktop - nccgroup/SocksOverRDP
Malware development part 1 – 0xPat blog – Red Teamer, infosec enthusiast
https://0xpat.github.io/Malware_development_part_1/
https://0xpat.github.io/Malware_development_part_1/
0xpat.github.io
Malware development part 1 - basics
Introduction
This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist.
Let’s…
This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist.
Let’s…
LARRYCHATTER/README.md at master · slaeryan/LARRYCHATTER · GitHub
https://github.com/slaeryan/LARRYCHATTER/blob/master/README.md
https://github.com/slaeryan/LARRYCHATTER/blob/master/README.md
GitHub
slaeryan/LARRYCHATTER
Covert C2 Framework - PoC HAMMERTOSS Revenant - C2 over Twitter - slaeryan/LARRYCHATTER
Printer Spoofer - Abusing Impersonation Privileges on Windows 10 and Server 2019 | PS C:\Users\itm4n> _
https://itm4n.github.io/printspoofer-abusing-impersonate-privileges/
https://itm4n.github.io/printspoofer-abusing-impersonate-privileges/
itm4n’s blog
PrintSpoofer - Abusing Impersonation Privileges on Windows 10 and Server 2019
Over the last few years, tools such as RottenPotato, RottenPotatoNG or Juicy Potato have made the exploitation of impersonation privileges on Windows very popular among the offensive security community. Though, recent changes to the operating system have…
GitHub - blackarrowsec/pivotnacci: A tool to make socks connections through HTTP agents
https://github.com/blackarrowsec/pivotnacci
https://github.com/blackarrowsec/pivotnacci
GitHub
GitHub - blackarrowsec/pivotnacci: A tool to make socks connections through HTTP agents
A tool to make socks connections through HTTP agents - blackarrowsec/pivotnacci
GitHub - riramar/Web-Attack-Cheat-Sheet: Web Attack Cheat Sheet
https://github.com/riramar/Web-Attack-Cheat-Sheet
https://github.com/riramar/Web-Attack-Cheat-Sheet
GitHub
GitHub - riramar/Web-Attack-Cheat-Sheet: Web Attack Cheat Sheet
Web Attack Cheat Sheet. Contribute to riramar/Web-Attack-Cheat-Sheet development by creating an account on GitHub.
Bypassing Windows Defender Runtime Scanning
https://labs.f-secure.com/blog/bypassing-windows-defender-runtime-scanning/
https://labs.f-secure.com/blog/bypassing-windows-defender-runtime-scanning/
GitHub - sundowndev/hacker-roadmap: Your beginner pen-testing start guide. A guide for amateur pen testers and a collection of hacking tools, resources and references to practice ethical hacking and web security.
https://github.com/sundowndev/hacker-roadmap
https://github.com/sundowndev/hacker-roadmap
GitHub
GitHub - sundowndev/hacker-roadmap: A collection of hacking tools, resources and references to practice ethical hacking.
A collection of hacking tools, resources and references to practice ethical hacking. - sundowndev/hacker-roadmap
Privilege escalation (UAC bypass) in ChangePK - Matt harr0ey - Medium
https://medium.com/@mattharr0ey/privilege-escalation-uac-bypass-in-changepk-c40b92818d1b
https://medium.com/@mattharr0ey/privilege-escalation-uac-bypass-in-changepk-c40b92818d1b
Medium
Privilege escalation (UAC bypass) in ChangePK
Introduction It’s been a long time since I decided to to be away from Twitter for a while for self-improvements reasons and finding…
GitHub - Flangvik/NetLoader: Loads any C# binary in mem, patching AMSI and bypassing Windows Defender
https://github.com/Flangvik/NetLoader
https://github.com/Flangvik/NetLoader
GitHub
GitHub - Flangvik/NetLoader: Loads any C# binary in mem, patching AMSI + ETW.
Loads any C# binary in mem, patching AMSI + ETW. . Contribute to Flangvik/NetLoader development by creating an account on GitHub.
Release CrackMapExec v5.0.2dev · byt3bl33d3r/CrackMapExec · GitHub
https://github.com/byt3bl33d3r/CrackMapExec/releases/tag/v5.0.2dev
https://github.com/byt3bl33d3r/CrackMapExec/releases/tag/v5.0.2dev
GitHub
Release CrackMapExec v5.0.2dev - P3l1as · byt3bl33d3r/CrackMapExec
CrackMapExec v5.0.2dev - P3l1as
💫 Features 💫
CME accepts a file as argument with option -x and -X
WinRM can now execute a command even if not local admin thanks to pypsrp lib
Kerberos support i...
💫 Features 💫
CME accepts a file as argument with option -x and -X
WinRM can now execute a command even if not local admin thanks to pypsrp lib
Kerberos support i...