GitHub - zMarch/Orc: Orc is a post-exploitation framework for Linux written in Bash
https://github.com/zMarch/Orc
https://github.com/zMarch/Orc
GitHub
GitHub - zMarch/Orc: Orc is a post-exploitation framework for Linux written in Bash
Orc is a post-exploitation framework for Linux written in Bash - zMarch/Orc
Intrusion Testing – From Evil Printers to Parent Domain Controllers – Checkmate
http://niiconsulting.com/checkmate/2019/01/intrusion-testing-from-evil-printers-to-parent-domain-controllers/
http://niiconsulting.com/checkmate/2019/01/intrusion-testing-from-evil-printers-to-parent-domain-controllers/
UAC Bypass via SystemPropertiesAdvanced.exe and DLL Hijacking – egre55 – thoughts on security
https://egre55.github.io/system-properties-uac-bypass/
https://egre55.github.io/system-properties-uac-bypass/
egre55.github.io
SystemPropertiesAdvanced.exe DLL Hijacking UAC Bypass
Custom-Meterpreter loader in 2019 – Astr0baby's not so random thoughts _____ rand() % 100;
https://astr0baby.wordpress.com/2019/01/26/custom-meterpreter-loader-in-2019/
https://astr0baby.wordpress.com/2019/01/26/custom-meterpreter-loader-in-2019/
Astr0baby's not so random thoughts _____ rand() % 100;
Custom-Meterpreter loader in 2019
I have been using this generator for quite a while and it has always worked for me. Decided to enhance it with an additional function that spoofs certificates from websites and signs executable fro…
Open Url Redirects & exploiting them - Tutorial by zseano | BugBountyNotes.com
https://www.bugbountynotes.com/mobile/tutorial?id=1
https://www.bugbountynotes.com/mobile/tutorial?id=1
Hackers abusing Google App Engine to spread PDF malware
https://www.hackread.com/hackers-abusing-google-app-engine-to-spread-pdf-malware/
https://www.hackread.com/hackers-abusing-google-app-engine-to-spread-pdf-malware/
HackRead | Latest Cybersecurity and Hacking News Site
Hackers abusing Google App Engine to spread PDF malware
The Cobalt Strike strikes back.
21 things you can do with XSS – Somdev Sangwan
https://s0md3v.github.io/21-things-xss/
https://s0md3v.github.io/21-things-xss/
SSRF — Server Side Request Forgery (Types and ways to exploit it) Part-3
https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-3-b0f5997e3739
https://medium.com/@madrobot/ssrf-server-side-request-forgery-types-and-ways-to-exploit-it-part-3-b0f5997e3739
Medium
SSRF — Server Side Request Forgery (Types and ways to exploit it) Part-3
Lets get in to Live Examples
Bypass file upload filter with .htaccess // Personnal security blog
https://thibaudrobin.github.io/articles/bypass-filter-upload/
https://thibaudrobin.github.io/articles/bypass-filter-upload/
Exploiting Android Devices Running Insecure Remote ADB Service
https://medium.com/@madrobot/exploiting-android-devices-running-insecure-remote-adb-service-4490cc6a2282
https://medium.com/@madrobot/exploiting-android-devices-running-insecure-remote-adb-service-4490cc6a2282
Medium
Exploiting Android Devices Running Insecure Remote ADB Service
What is ADB? Android Debug Bridge (adb) is a versatile command-line tool that lets you communicate with a device. The adb command…
A Deeper Look into XSS Payloads | Digital Interruption Research
https://research.digitalinterruption.com/2018/12/18/a-deeper-look-into-xss-payloads/
https://research.digitalinterruption.com/2018/12/18/a-deeper-look-into-xss-payloads/
Digitalinterruption
A Deeper Look into XSS Payloads | Digital Interruption Research
Over time, the type of vulnerabilities seen in the web app landscape changes. One that has persisted year in, year out, is cross-site scripting. It’s been a ...
GitHub - secdec/adapt: ADAPT is a tool that performs automated Penetration Testing for WebApps.
https://github.com/secdec/adapt
https://github.com/secdec/adapt
GitHub
GitHub - secdec/adapt: ADAPT is a tool that performs automated Penetration Testing for WebApps.
ADAPT is a tool that performs automated Penetration Testing for WebApps. - secdec/adapt
Making Meterpreter Look Google-Signed (Using MSI & JAR Files)
https://medium.com/forensicitguy/making-meterpreter-look-google-signed-using-msi-jar-files-c0a7970ff8b7
https://medium.com/forensicitguy/making-meterpreter-look-google-signed-using-msi-jar-files-c0a7970ff8b7
Medium
Making Meterpreter Look Google-Signed (Using MSI & JAR Files)
In this post I’ll use some of the information made public by VirusTotal in a recent blog post and show how you can easily create a…
GitHub - m1nl/pompa: Fully-featured spear-phishing toolkit - web front-end
https://github.com/m1nl/pompa
https://github.com/m1nl/pompa
GitHub
GitHub - m1nl/pompa: Fully-featured spear-phishing toolkit - web front-end
Fully-featured spear-phishing toolkit - web front-end - m1nl/pompa
[PrivExchange] From user to domain admin in less than 60sec ! – RandoriSec
http://blog.randorisec.fr/privexchange-from-user-to-domain-admin-in-less-than-60sec/
http://blog.randorisec.fr/privexchange-from-user-to-domain-admin-in-less-than-60sec/
Protonmail XSS — Stored – Chand Singh – Medium
https://medium.com/@ChandSingh/protonmail-xss-stored-b733031ac3b5
https://medium.com/@ChandSingh/protonmail-xss-stored-b733031ac3b5
Medium
Protonmail XSS — Stored
Hello Everyone,
Exclusive: Ex-NSA cyberspies reveal how they helped hack foes of UAE
https://www.reuters.com/investigates/special-report/usa-spying-raven/
https://www.reuters.com/investigates/special-report/usa-spying-raven/
Reuters
Exclusive: Ex-NSA cyberspies reveal how they helped hack foes of UAE
Reuters reveals how a UAE surveillance operation, staffed by former U.S. cyber-agents, spied on dissidents, rivals and Americans. Inside 'Project Raven.'
GitHub - no0be/DNSlivery: Easy files and payloads delivery over DNS
https://github.com/no0be/DNSlivery
https://github.com/no0be/DNSlivery
GitHub
GitHub - no0be/DNSlivery: Easy files and payloads delivery over DNS
Easy files and payloads delivery over DNS. Contribute to no0be/DNSlivery development by creating an account on GitHub.