A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls
https://github.com/OmriBaso/RToolZ
https://github.com/OmriBaso/RToolZ
GitHub
GitHub - OmriBaso/RToolZ: A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls. - OmriBaso/RToolZ
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
https://github.com/hacksysteam/CVE-2023-21608
https://github.com/hacksysteam/CVE-2023-21608
GitHub
GitHub - hacksysteam/CVE-2023-21608: Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit - hacksysteam/CVE-2023-21608
👍3
This map lists the essential techniques to bypass anti-virus and EDR
https://github.com/CMEPW/BypassAV
https://github.com/CMEPW/BypassAV
GitHub
GitHub - matro7sh/BypassAV: This map lists the essential techniques to bypass anti-virus and EDR
This map lists the essential techniques to bypass anti-virus and EDR - matro7sh/BypassAV
❤4👍1
Network_Pentesting_Mindmap.pdf
11.7 MB
#Infographics
"Network Nightmare" Mindmap, 2023.
// It is a mindmap for conducting network attacks. It will be useful to pentesters/red team operators
"Network Nightmare" Mindmap, 2023.
// It is a mindmap for conducting network attacks. It will be useful to pentesters/red team operators
👍2
#Fuzzing
1. Firefly - smart black-box fuzzer for WebApp testing
https://blog.yeswehack.com/yeswerhackers/firefly-smart-black-box-fuzzer-web-applications
2. WEB API fuzzing
https://github.com/vulntinker/FUA
1. Firefly - smart black-box fuzzer for WebApp testing
https://blog.yeswehack.com/yeswerhackers/firefly-smart-black-box-fuzzer-web-applications
2. WEB API fuzzing
https://github.com/vulntinker/FUA
YesWeHack
YesWeHack Blog | Cybersecurity Insights and Bug Bounty Trends
Explore bug bounty insights on the YesWeHack Blog. Stay updated with vulnerability disclosure trends, hacker stories, and tips to excel in bug bounty programs.
Gitlab_Security_Audit.pdf
466 KB
"Source Code Audit on Git for Open Source Technology Improvement Fund (OSTIF)", 2023.
100 Red Team Projects for Pentesters and Network Managers
https://github.com/kurogai/100-redteam-projects/blob/master/README.md
https://github.com/kurogai/100-redteam-projects/blob/master/README.md
GitHub
100-redteam-projects/README.md at master · kurogai/100-redteam-projects
Projects for security students. Contribute to kurogai/100-redteam-projects development by creating an account on GitHub.
Rustproofing Linux
Part 1 - Leaking Addresses:
https://research.nccgroup.com/2023/02/06/rustproofing-linux-part-1-4-leaking-addresses
Porting Linux Kernel Bugs to Rust:
https://github.com/nccgroup/rustproofing-linux
Part 2 - Race Conditions:
https://research.nccgroup.com/2023/02/08/rustproofing-linux-part-2-4-race-conditions
Part 3 - Integer Overflows:
https://research.nccgroup.com/2023/02/14/rustproofing-linux-part-3-4-integer-overflows
PoC, which guards against copying the full 4GB+ of data: https://github.com/nccgroup/rustproofing-linux/blob/main/poc/poc_vuln_int_ovf.c
Part 4 - Shared Memory:
https://research.nccgroup.com/2023/02/16/rustproofing-linux-part-4-4-shared-memory
Part 1 - Leaking Addresses:
https://research.nccgroup.com/2023/02/06/rustproofing-linux-part-1-4-leaking-addresses
Porting Linux Kernel Bugs to Rust:
https://github.com/nccgroup/rustproofing-linux
Part 2 - Race Conditions:
https://research.nccgroup.com/2023/02/08/rustproofing-linux-part-2-4-race-conditions
Part 3 - Integer Overflows:
https://research.nccgroup.com/2023/02/14/rustproofing-linux-part-3-4-integer-overflows
PoC, which guards against copying the full 4GB+ of data: https://github.com/nccgroup/rustproofing-linux/blob/main/poc/poc_vuln_int_ovf.c
Part 4 - Shared Memory:
https://research.nccgroup.com/2023/02/16/rustproofing-linux-part-4-4-shared-memory
Nccgroup
Cyber Security Research
Cutting-edge cyber security research from NCC Group. Find public reports, technical advisories, analyses, & other novel insights from our global experts.
👍2
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
https://securityintelligence.com/posts/direct-kernel-object-manipulation-attacks-etw-providers
https://securityintelligence.com/posts/direct-kernel-object-manipulation-attacks-etw-providers
Security Intelligence
Direct Kernel Object Manipulation (DKOM) Attacks on ETW Providers
IBM Security X-Force Red offensive hackers analyze how attackers, with elevated privileges, can use their access to stage Windows Kernel post-exploitation capabilities.
CVE-2022-39952:
Unauthenticated RCE in Fortinet FortiNAC
https://github.com/Florian-R0th/CVE-2022-39952
Unauthenticated RCE in Fortinet FortiNAC
https://github.com/Florian-R0th/CVE-2022-39952
CVE-2023-23752:
CMS Joomla - unauthorized access to webservice endpoints
https://github.com/WhiteOwl-Pub/CVE-2023-23752
CMS Joomla - unauthorized access to webservice endpoints
https://github.com/WhiteOwl-Pub/CVE-2023-23752
DiffCSP.pdf
868.5 KB
#Research
"DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential Testing", 2023.
"DiffCSP: Finding Browser Bugs in Content Security Policy Enforcement through Differential Testing", 2023.
#reversing
1. apk sh - Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks
https://github.com/ax/apk.sh#getting-started
2. Sekiryu - Python script for automatic decompilation and analysis of binary files with ChatGPT and Ghidra (IDA & Binja support soon)
https://github.com/20urc3/Sekiryu
1. apk sh - Bash script that makes reverse engineering Android apps easier, automating some repetitive tasks
https://github.com/ax/apk.sh#getting-started
2. Sekiryu - Python script for automatic decompilation and analysis of binary files with ChatGPT and Ghidra (IDA & Binja support soon)
https://github.com/20urc3/Sekiryu
GitHub
GitHub - ax/apk.sh: Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding…
Makes reverse engineering Android apps easier, automating repetitive tasks like pulling, decoding, rebuilding and patching an APK. - ax/apk.sh
👍1
Firefox Addons for Pentester
https://github.com/Ignitetechnologies/Mindmap/tree/main/Firefox%20Pentest%20Addons
https://github.com/Ignitetechnologies/Mindmap/tree/main/Firefox%20Pentest%20Addons
GitHub
Mindmap/Firefox Pentest Addons at main · Ignitetechnologies/Mindmap
This repository will contain many mindmaps for cyber security technologies, methodologies, courses, and certifications in a tree structure to give brief details about them - Ignitetechnologies/Mindmap
Android_Non-SDK_Srv_API_Sec.pdf
560.5 KB
#Mobile_Security
"A Systematic Study of Android Non-SDK (Hidden) Service API Security", 2022.
ServiceAudit tool - Android Service Helper bypass vulnerabilties detecting:
https://github.com/fripSide/ServiceAudit
Android static analysis repository:
https://github.com/krizzsk/HackersCave4StaticAndroidSec/blob/main/Android%20Research/research-articles.md
"A Systematic Study of Android Non-SDK (Hidden) Service API Security", 2022.
ServiceAudit tool - Android Service Helper bypass vulnerabilties detecting:
https://github.com/fripSide/ServiceAudit
Android static analysis repository:
https://github.com/krizzsk/HackersCave4StaticAndroidSec/blob/main/Android%20Research/research-articles.md
Jenkins Security Alert: New Security Flaws Could Allow Code Execution Attacks
https://thehackernews.com/2023/03/jenkins-security-alert-new-security.html
https://thehackernews.com/2023/03/jenkins-security-alert-new-security.html
CVE-2023-21768 Local Privilege Escalation POC
https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768
https://github.com/xforcered/Windows_LPE_AFD_CVE-2023-21768
GitHub
GitHub - xforcered/Windows_LPE_AFD_CVE-2023-21768: LPE exploit for CVE-2023-21768
LPE exploit for CVE-2023-21768. Contribute to xforcered/Windows_LPE_AFD_CVE-2023-21768 development by creating an account on GitHub.