vMass Bot
vMass Bot automates the exploitation of remote hosts by trying to find environment files (.env) in target hosts and extract tools and info insde, then the bot detects the target host CMS and tries to auto exploit and upload shell payload using the vMass vulnerability set ( 108 exploits in the current version 1.2)
https://github.com/c99tn/vMass
vMass Bot automates the exploitation of remote hosts by trying to find environment files (.env) in target hosts and extract tools and info insde, then the bot detects the target host CMS and tries to auto exploit and upload shell payload using the vMass vulnerability set ( 108 exploits in the current version 1.2)
https://github.com/c99tn/vMass
GitHub
GitHub - aziz0x48/vMass: vMass Bot Vulnerability Scanner & Auto Exploiter Tool Written in Perl.
vMass Bot :hook: Vulnerability Scanner & Auto Exploiter Tool Written in Perl. - aziz0x48/vMass
CVE-2022-36804:
A critical vulnerability in Atlassian Bitbucket Server/Data Center
https://github.com/CEOrbey/CVE-2022-36804-MASS-RCE
A critical vulnerability in Atlassian Bitbucket Server/Data Center
https://github.com/CEOrbey/CVE-2022-36804-MASS-RCE
How Malicious Actors Abuse Native Linux Tools in Attacks
https://www.trendmicro.com/en_us/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html
https://www.trendmicro.com/en_us/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html
Trend Micro
How Malicious Actors Abuse Native Linux Tools in Their Attacks
Through our honeypots and telemetry, we were able to observe instances in which malicious actors abused native Linux tools to launch attacks on Linux environments. In this blog entry, we discuss how these utilities were used and provide recommendations on…
Joern - Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs
https://github.com/joernio/joern
https://github.com/joernio/joern
GitHub
GitHub - joernio/joern: Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property…
Open-source code analysis platform for C/C++/Java/Binary/Javascript/Python/Kotlin based on code property graphs. Discord https://discord.gg/vv4MH284Hc - joernio/joern
CVE-2022-37706:
A reliable exploit + write-up to elevate privileges to root (Ubuntu 22.04)
https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit
A reliable exploit + write-up to elevate privileges to root (Ubuntu 22.04)
https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit
GitHub
GitHub - MaherAzzouzi/CVE-2022-37706-LPE-exploit: A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu…
A reliable exploit + write-up to elevate privileges to root. (Tested on Ubuntu 22.04) - MaherAzzouzi/CVE-2022-37706-LPE-exploit
👍1
Analyzing Golang Executables
https://www.pnfsoftware.com/blog/analyzing-golang-executables
https://www.pnfsoftware.com/blog/analyzing-golang-executables
CVE-2022-37706-LPE-exploit-main.zip
484.2 KB
CVE-2022-37706:
A reliable exploit + write-up to elevate privileges to root (Ubuntu 22.04)
https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit
A reliable exploit + write-up to elevate privileges to root (Ubuntu 22.04)
https://github.com/MaherAzzouzi/CVE-2022-37706-LPE-exploit
CrackMapExec - A swiss army knife for pentesting networks
https://github.com/Porchetta-Industries/CrackMapExec
https://github.com/Porchetta-Industries/CrackMapExec
GitHub
GitHub - byt3bl33d3r/CrackMapExec: A swiss army knife for pentesting networks
A swiss army knife for pentesting networks. Contribute to byt3bl33d3r/CrackMapExec development by creating an account on GitHub.
Static analysis tool based on clang, which detects source-to-binary information leaks in C/C++ projects
https://github.com/ergrelet/cpplumber
https://github.com/ergrelet/cpplumber
GitHub
GitHub - ergrelet/cpplumber: Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++…
Static analysis tool based on clang, which detects source-to-binary information leaks in C and C++ projects - ergrelet/cpplumber
JuicyPotato
https://github.com/antonioCoco/JuicyPotatoNG
research: https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
https://github.com/antonioCoco/JuicyPotatoNG
research: https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
GitHub
GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System
Another Windows Local Privilege Escalation from Service Account to System - GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System
Sacrificing Suspended Processes
https://www.optiv.com/insights/source-zero/blog/sacrificing-suspended-processes
payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods:
https://github.com/optiv/Freeze
https://www.optiv.com/insights/source-zero/blog/sacrificing-suspended-processes
payload toolkit for bypassing EDRs using suspended processes, direct syscalls, and alternative execution methods:
https://github.com/optiv/Freeze
Optiv
Sacrificing Suspended Processes
EDR hooking has become a major part of an adversary’s ability to successfully compromise an endpoint system. Hooking is a technique that alters the behavior of an application, allowing EDR tools to monitor the execution flow that occurs in a process, gather…
How To Attack Admin Panels Successfully
https://infosecwriteups.com/how-to-attack-admin-panels-successfully-72c90eeb818c
https://infosecwriteups.com/how-to-attack-admin-panels-successfully-72c90eeb818c
Medium
How To Attack Admin Panels Successfully
Attacking Web Apps Admin Panels The Right Way
👍1🔥1
Merlin - cross-platform post-exploitation HTTP/2 Command & Control server/agent (Go)
https://github.com/Ne0nd0g/merlin
https://github.com/Ne0nd0g/merlin
GitHub
GitHub - Ne0nd0g/merlin: Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang.
Merlin is a cross-platform post-exploitation HTTP/2 Command & Control server and agent written in golang. - Ne0nd0g/merlin
Attacking Encrypted HTTP Communications
https://www.pentestpartners.com/security-blog/attacking-encrypted-http-communications
https://www.pentestpartners.com/security-blog/attacking-encrypted-http-communications
Pen Test Partners
Attacking Encrypted HTTP Communications | Pen Test Partners
TL;DR The Reolink RLC-520A PoE camera obfuscates its HTTP communication by encrypting the POST body data. This level of security does defend against opportunistic attackers but falls short when defending against persistent attackers. Introduction Different…
1. Investigating Novel Malware Persistence Within ESXi Hypervisors
https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence
2. Detection and Hardening within ESXi Hypervisors
https://www.mandiant.com/resources/blog/esxi-hypervisors-detection-hardening
https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence
2. Detection and Hardening within ESXi Hypervisors
https://www.mandiant.com/resources/blog/esxi-hypervisors-detection-hardening
Google Cloud Blog
Malware Persistence Within ESXi Hypervisors | Malicious VIBs | Google Cloud Blog
Malware Persistence within ESXi Hypervisors. Learn how attackers use vSphere Installation Bundles ('VIBs") to install backdoors across ESXi hypervisors.