How To Attack Admin Panels Successfully
https://infosecwriteups.com/how-to-attack-admin-panels-successfully-72c90eeb818c

Merlin - cross-platform post-exploitation HTTP/2 Command & Control server/agent (Go)
https://github.com/Ne0nd0g/merlin

Attacking Encrypted HTTP Communications
https://www.pentestpartners.com/security-blog/attacking-encrypted-http-communications

1. Investigating Novel Malware Persistence Within ESXi Hypervisors
https://www.mandiant.com/resources/blog/esxi-hypervisors-malware-persistence
2. Detection and Hardening within ESXi Hypervisors
https://www.mandiant.com/resources/blog/esxi-hypervisors-detection-hardening

0-Day RCE on Microsoft Exchange Server
https://gteltsc.vn/blog/warning-new-attack-campaign-utilized-a-new-0day-rce-vulnerability-on-microsoft-exchange-server-12715.html

Mindmap of 2FA bypass techniques

https://www.mindmeister.com/1736437018/2fa-bypass-techniques

CVE-2022-40684:
Critical Authentication Bypass in FortiOS and FortiProxy
https://github.com/dickson0day/CVE-2022-40684

ShadowSpray - tool to spray Shadow Credentials across an entire domain in hopes of abusing long forgotten GenericWrite/GenericAll DACLs over other objects
https://github.com/Dec0ne/ShadowSpray

Pivoting Over TTLS-PAP WPA Enterprise Networks
https://tbhaxor.com/pivoting-over-ttls-pap-wifi-network

Fortinet RCE (CVE-2022-40684)

Fortinet recently patched a critical authentication bypass vulnerability in their FortiOS, FortiProxy, and FortiSwitchManager projects (CVE-2022-40684). This vulnerability gives an attacker the ability to login as an administrator on the affected system.

Shodan Dork:
product:"Fortinet FortiGate"

Research:
https://www.horizon3.ai/fortios-fortiproxy-and-fortiswitchmanager-authentication-bypass-technical-deep-dive-cve-2022-40684/

PoC:
https://github.com/horizon3ai/CVE-2022-40684

Detection for SOC:
https://www.horizon3.ai/fortinet-iocs-cve-2022-40684/

Cobaltstrike client android
https://github.com/linshaoSec/csdroid

RedEye is a visual analytic tool supporting Red & Blue Team operations
https://github.com/cisagov/RedEye/

https://youtu.be/b_ARIVl4BkQ

Chopper payload smuggling
https://ired.dev/discussion/13/chopper-payload-smuggling

https://github.com/0xsp-SRD/0xsp.com/tree/main/chopper

Fantastic Rootkits: And Where To Find Them
https://www.cyberark.com/resources/threat-research-blog/fantastic-rootkits-and-where-to-find-them-part-1
Repo: https://github.com/cyberark/malware-research/tree/master/FantasticRootkits

Reverse Shell using Powershell and Small Library for Post-Exploitation, currently undetected by Windows Defender

https://github.com/ItsCyberAli/PowerMeUp

SMBleedingGhost Writeup
Part 1 - Chaining SMBleed (CVE-2020-1206) with SMBGhost
https://blog.zecops.com/research/smbleedingghost-writeup-chaining-smbleed-cve-2020-1206-with-smbghost
Part 2 - Unauthenticated Memory Read - Preparing the Ground for an RCE
https://blog.zecops.com/research/smbleedingghost-writeup-part-ii-unauthenticated-memory-read-preparing-the-ground-for-an-rce
Part 3 - From Remote Read (SMBleed) to RCE
https://blog.zecops.com/research/smbleedingghost-writeup-part-iii-from-remote-read-smbleed-to-rce

CVE-2022-31678:
Pre-authenticated RCE in VMWare NSX Manager
https://srcincite.io/blog/2022/10/25/eat-what-you-kill-pre-authenticate

The Anatomy of Wiper Malware
Part 1 - Common Techniques:
https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-1
Part 2 - Third-Party Drivers
https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-2
Part 3 - Input/Output Controls
https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-3
Part 4 - Less Common "Helper" Techniques
https://www.crowdstrike.com/blog/the-anatomy-of-wiper-malware-part-4

Leeloo Multipath: Authorization bypass and symlink attack in multipathd (CVE-2022-41974 and CVE-2022-41973)
https://blog.qualys.com/vulnerabilities-threat-research/2022/10/25/leeloo-multipath-authorization-bypass-and-symlink-attack-in-multipathd-cve-2022-41974-and-cve-2022-41973