.NET Process injection in a new process with QueueUserAPC using D/invoke
https://gist.github.com/tothi/9cdd2be3b49cb42723726fd75df96471
https://gist.github.com/tothi/9cdd2be3b49cb42723726fd75df96471
Gist
.NET Process injection in a new process with QueueUserAPC using D/invoke - compatible with gadgettojscript
.NET Process injection in a new process with QueueUserAPC using D/invoke - compatible with gadgettojscript - DInjectQueuerAPC.cs
Writing Windows Kernel Drivers for Advanced Persistence
https://v3ded.github.io/redteam/red-team-tactics-writing-windows-kernel-drivers-for-advanced-persistence-part-1
https://v3ded.github.io/redteam/red-team-tactics-writing-windows-kernel-drivers-for-advanced-persistence-part-1
v3ded.github.io
Red Team Tactics: Writing Windows Kernel Drivers for Advanced Persistence (Part 1)
Introduction This post, as indicated by the title, will cover the topic of writing Windows kernel drivers for advanced persistence. Because the subject matte...
1. All in One Hacking tool For Hackers
https://github.com/Z4nzu/hackingtool
2. Tools and Techniques for Red Team/Penetration Testing
https://github.com/A-poc/RedTeam-Tools
https://github.com/Z4nzu/hackingtool
2. Tools and Techniques for Red Team/Penetration Testing
https://github.com/A-poc/RedTeam-Tools
GitHub
GitHub - Z4nzu/hackingtool: ALL IN ONE Hacking Tool For Hackers
ALL IN ONE Hacking Tool For Hackers. Contribute to Z4nzu/hackingtool development by creating an account on GitHub.
👍1
Dimorf - ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s
https://github.com/Ort0x36/Dimorf
https://github.com/Ort0x36/Dimorf
GitHub
GitHub - Ort0x36/Dimorf: Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s
Dimorf is a ransomware using 256-bit AES with a self-destructing, randomly generated key for Linux OS´s - Ort0x36/Dimorf
Breaking RSA with a Quantum Computer
https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html
https://www.schneier.com/blog/archives/2023/01/breaking-rsa-with-a-quantum-computer.html
OWASP Mobile Application Security Testing Guide (MASTG)
https://github.com/OWASP/owasp-mastg
https://github.com/OWASP/owasp-mastg
GitHub
GitHub - OWASP/mastg: The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security…
The OWASP Mobile Application Security Testing Guide (MASTG) is a comprehensive manual for mobile app security testing and reverse engineering. It describes technical processes for verifying the OWA...
Powershell scripts for post exploitation
https://github.com/ItsCyberAli/PowerMeUp
https://github.com/ItsCyberAli/PowerMeUp
👍1🔥1
NASim.pdf
1.7 MB
"Autonomous Penetration Testing using Reinforcement Learning"
Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator
Network Attack Simulator: https://github.com/Jjschwartz/NetworkAttackSimulator
👍2
x64 binary obfuscator that is able to obfuscate various different PE files including:
.exe
.dll
.sys
https://github.com/weak1337/Alcatraz
.exe
.dll
.sys
https://github.com/weak1337/Alcatraz
GitHub
GitHub - weak1337/Alcatraz: x64 binary obfuscator
x64 binary obfuscator. Contribute to weak1337/Alcatraz development by creating an account on GitHub.
The OWASSRF + TabShell exploit chain
https://blog.viettelcybersecurity.com/tabshell-owassrf
https://blog.viettelcybersecurity.com/tabshell-owassrf
OPWNAI: CYBERCRIMINALS STARTING TO USE CHATGPT
https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
https://research.checkpoint.com/2023/opwnai-cybercriminals-starting-to-use-chatgpt/
Check Point Research
OPWNAI : Cybercriminals Starting to Use ChatGPT - Check Point Research
Introduction At the end of November 2022, OpenAI released ChatGPT, the new interface for its Large Language Model (LLM), which instantly created a flurry of interest in AI and its possible uses. However, ChatGPT has also added some spice to the modern cyber…
👍1
Security Audit of Git:
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
CVE-2022-23521:
Truncated Allocation Leading to Out of Bounds Write Via Large Number of Attributes
CVE-2022-41903:
Out of Bounds Memory Write in Log Formatting
https://x41-dsec.de/security/research/news/2023/01/17/git-security-audit-ostif
X41 D-Sec - Penetration Tests and Source Code Audits
X41 Audited Git
X41 releases the audit report of Git
Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
Cyberark
Chatting Our Way Into Creating a Polymorphic Malware
Abstract ChatGPT took the world by storm being released less than two months ago, it has become prominent and is used everywhere, for a wide variety of tasks – from automation tasks to the...
👍1🥰1
A script to automate privilege escalation with CVE-2023-22809 vulnerability
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
https://github.com/n3m1dotsys/CVE-2023-22809-sudoedit-privesc
GitHub
GitHub - n3m1sys/CVE-2023-22809-sudoedit-privesc: A script to automate privilege escalation with CVE-2023-22809 vulnerability
A script to automate privilege escalation with CVE-2023-22809 vulnerability - n3m1sys/CVE-2023-22809-sudoedit-privesc
qscan - Quick Network Scanner
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
https://github.com/0xor0ne/qscan
+ its companion command line tool qsc:
https://github.com/0xor0ne/qscan/tree/main/qsc
GitHub
GitHub - 0xor0ne/qscan: Quick network scanner library. https://crates.io/crates/qscan
Quick network scanner library. https://crates.io/crates/qscan - 0xor0ne/qscan
LinWinPwn - Active Directory Vulnerability Scanner.
Scan with the help of impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump, and more.
#AD #scan #windows
https://github.com/lefayjey/linWinPwn
Scan with the help of impacket, bloodhound, crackmapexec, ldapdomaindump, lsassy, smbmap, kerbrute, adidnsdump, and more.
#AD #scan #windows
https://github.com/lefayjey/linWinPwn
GitHub
GitHub - lefayjey/linWinPwn: linWinPwn is a bash script that streamlines the use of a number of Active Directory tools
linWinPwn is a bash script that streamlines the use of a number of Active Directory tools - lefayjey/linWinPwn
exploit.sh
1.1 KB
Script for automation of exploitation CVE-2023-22809 vulnerability to gain a root shell.
The script checks if the current user has access to run the sudoedit or sudo -e command for some file with root privileges. If it does it opens the sudoers file for the attacker to introduce the privilege escalation policy for the current user and get a root shell.
The script checks if the current user has access to run the sudoedit or sudo -e command for some file with root privileges. If it does it opens the sudoers file for the attacker to introduce the privilege escalation policy for the current user and get a root shell.
Linux Kernel Defence Map (v.5.13)
shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
https://github.com/a13xp0p0v/linux-kernel-defence-map
shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
https://github.com/a13xp0p0v/linux-kernel-defence-map
GitHub
GitHub - a13xp0p0v/linux-kernel-defence-map: Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation…
Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies - a13xp0p0v/linux-kernel-defence-map
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions
https://github.com/machine1337/gmailc2
https://github.com/machine1337/gmailc2
GitHub
GitHub - root4031/gmailc2: A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and…
A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions - root4031/gmailc2