Scour - AWS Exploitation Framework
https://github.com/grines/scour
onaws is a simple tool to check if an IP/hostname belongs to the AWS IP space or not. It uses the AWS IP address ranges data published by AWS to perform the search.
https://github.com/amalmurali47/onaws
Lightspin AWS IAM Vulnerability Scanner
https://github.com/lightspin-tech/red-shadow
#AWS #Explotation #Framework

Invoke-DNSteal is a Simple & Customizable DNS Data Exfiltrator.
https://github.com/JoelGMSec/Invoke-DNSteal
Exfiltrator یا Covert channel
روش هایی جهت انتقال اطلاعات به بیرون از شبکه می باشند و برای دور زدن فایروال DLP استفاده می شوند.
اطلاعات بیشتر:
https://en.wikipedia.org/wiki/Covert_channel
https://attack.mitre.org/tactics/TA0010/
#Exfiltration #Covertchannel #DNS

Post Exploit :
mimikatz new version Workgroup and Domain now .... !
https://github.com/gentilkiwi/mimikatz/releases/tag/2.2.0-20210704
Rubeus is a C# toolset for raw Kerberos interaction and abuses.
Source :
https://github.com/GhostPack/Rubeus
Binary :
https://github.com/r3motecontrol/Ghostpack-CompiledBinaries
PS1 :
https://github.com/LuemmelSec/Pentest-Tools-Collection/tree/main/tools
Post Exploit Collection :
https://github.com/LuemmelSec/Pentest-Tools-Collection
Awesome Post Exploit include #printnightmare :
https://github.com/S3cur3Th1sSh1t/WinPwn
For Convert exe to PS1
https://github.com/cfalta/PowerShellArmoury
#postexploit #kerberos #mimikatz

Resources for DFIR Professionals Responding to the REvil Ransomware Kaseya Supply Chain Attack
#DFIR #Revil
https://github.com/cado-security/DFIR_Resources_REvil_Kaseya/

Brute Ratel v0.5.0 (Syndicate) is now available for download and provides a major update towards several features and the user interface of Brute Ratel. Commander comes with a new user interface providing a much more granular information on the metadata of the C4 features which can be seen in the figure below.
New Shellcode and DLL Loader
PowerShell Payload
Windows Remote Management (WinRM) Pivoting
Windows Management Instrumentation Queries and Pivots
LDAP Sentinel Re-Write and Raw Queries
Mimikatz
DCSync
Share Enumeration
AMSI and ETW Patching
Click Scripting and Automation
Commander
https://bruteratel.com/release/2021/07/03/Release-Syndicate/
#PostExploit #BRc4

Disabling spooler on just your DC's is not enough #PrintNightmare
https://threadreaderapp.com/thread/1411364227089117185.html

Reverse Engineers' Hex Editor

Large (1TB+) file support
Decoding of integer/floating point value types
Inline disassembly of machine code
Highlighting and annotation of ranges of bytes
Side by side comparision of selections
Lua scripting support
Virtual address mapping support
https://github.com/solemnwarning/rehex

Free
کورس مجانی زمان محدود
The OWASP top 10 demystified
https://www.udemy.com/course/the-owasp-top-10-demystified/?couponCode=81E0D38A002319EAD0B1
#bugbounty

Here it is ! End of #printnightmare ? Some links are down, but we can hope for something... in next hours?
بالاخره پچ داد !
Microsoft has released updates to protect against CVE-2021-34527. Please see:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-34527
#patch
https://blog.peneter.com/printnightmare-0day/
https://blog.peneter.com/printnightmare-patched/

Sharperner - Simple Executable Generator With Encrypted Shellcode
Sharperner is a tool written in CSharp that generate .NET dropper with AES and XOR obfuscated shellcode. Generated executable can possibly bypass signature check but I cant be sure it can bypass heuristic scanning.
https://github.com/aniqfakhrul/Sharperner
#redteaming

ورژن جدید mimikatz منتشر شد برای بعد از اپدیت جدید🔓
پ.ن :مایکروسافت اپدیت که داده فقط برای rce هست و LPE بعد اپدیت هم کار میکند
https://github.com/gentilkiwi/mimikatz/releases
#printnightmare

https://www.youtube.com/watch?v=kO_um6uWEZ4

https://www.clubhouse.com/join/penetercom/dU4Ss8mT/M43qzGYk
شنبه ۱۹ تیر روی اسیب پذیری صحبت میکنیم و همچنین روش های mitigation
ساعت ۲۳ به وقت ایران
#printnightmare

In May of 2021, Microsoft released a patch to correct CVE-2021-28474, a remote code execution bug in supported versions of Microsoft SharePoint Server.
https://www.zerodayinitiative.com/blog/2021/7/7/cve-2021-28474-sharepoint-remote-code-execution-via-server-side-control-interpretation-conflict

Technical Advisory – Arbitrary File Read in Dell Wyse Management Suite (CVE-2021-21586, CVE-2021-21587)

https://research.nccgroup.com/2021/07/06/technical-advisory-arbitrary-file-read-in-dell-wyse-management-suite-cve-2021-21586-cve-2021-21587/amp/?__twitter_impression=true

Benjamin Delpy :
Clarified Guidance for CVE-2021-34527 #printnightmare So I presume all is OK, and:
- you will not change UNC path detection
-RestrictDriverInstallation To Administrators & driver no exploitation? It's not, and you know it
===
As I test it LPE work after Patch deploy it so for apply patch u should follow Microsoft steps and change the registry.
طبق تستی که بعد از نصب پچ انجام دادم اکسپلویت کار میکنه و شما باید حتما تغییرات در رجیستری که مایکروسافت گفته انجام بدید.
https://lnkd.in/eJYGz6P
https://lnkd.in/eW-UWGi
#infosec #0day #microsoft #OOB #printspooler

چرا از ویندوز 11 استفاده نکنیم :) ؟
Previous WhyNotWin11 Releases Vulnerable to DLL Hijacking, Privilege Escalation
https://github.com/rcmaehl/WhyNotWin11/wiki/Vulnerability-Disclosure-07-09-2021
https://github.com/rcmaehl/WhyNotWin11

UDP Technology IP Camera vulnerabilities
آسیب پذیری های روی سری دوربین های UDP technology
سری دوربین ها :

Geutebruck
Ganz
Visualint
Cap
THRIVE Intelligence
Sophus
VCA
TripCorps
Sprinx Technologies
Smartec
Riva

https://www.randorisec.fr/udp-technology-ip-camera-vulnerabilities/
#RCE #IPCAMERA #udptechnology