Writing a Sliver C2 Powershell Stager with Shellcode Compression and AES Encryption
https://medium.com/@youcef.s.kelouaz/writing-a-sliver-c2-powershell-stager-with-shellcode-compression-and-aes-encryption-9725c0201ea8
https://medium.com/@youcef.s.kelouaz/writing-a-sliver-c2-powershell-stager-with-shellcode-compression-and-aes-encryption-9725c0201ea8
Medium
Writing a Sliver C2 Powershell Stager with Shellcode Compression and AES Encryption
Edit :
PEASS-ng - Privilege Escalation Awesome Scripts Suite
https://github.com/carlospolop/PEASS-ng
https://github.com/carlospolop/PEASS-ng
GitHub
GitHub - peass-ng/PEASS-ng: PEASS - Privilege Escalation Awesome Scripts SUITE (with colors)
PEASS - Privilege Escalation Awesome Scripts SUITE (with colors) - peass-ng/PEASS-ng
👍1
CVE-2023-26818 - Bypass TCC with Telegram in macOS
https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/
https://danrevah.github.io/2023/05/15/CVE-2023-26818-Bypass-TCC-with-Telegram/
Dan Revah’s Blog
CVE-2023-26818 - Bypassing TCC with Telegram in macOS
Preface
❤2
Exploiting Windows’ vulnerabilities with Hyper-V: A Hacker’s swiss army knife
https://reversing.info/posts/hyperdeceit/
https://github.com/Xyrem/HyperDeceit
https://reversing.info/posts/hyperdeceit/
https://github.com/Xyrem/HyperDeceit
Xyrem Engineering
Exploiting Windows' vulnerabilities with Hyper-V: A Hacker's swiss army knife
In this blog, we explore how to leverage the implementation of the Hyper-V virtualization technology to exploit and attack Windows systems and learn what measures should be taken to mitigate this vulnerability. Join us as we explore the world of Windows hacking…
#Avast Anti-Virus privileged arbitrary file create on virus restore (CVE-2023-1586)
https://the-deniss.github.io/posts/avast-privileged-arbitrary-file-create-on-restore/
https://the-deniss.github.io/posts/avast-privileged-arbitrary-file-create-on-restore/
the-deniss.github.io
Avast Anti-Virus privileged arbitrary file create on virus restore (CVE-2023-1586)
And today I’m sharing the report describing the vulnerability (CVE-2023-1586) in Avast file restore functionality and exploitation of this vulnerability to execute arbitrary code in the “NT AUTHORITY\SYSTEM” context
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App (CVE-2023-28153, CVE-2023-29078, CVE-2023-29079)
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
1) Login and registration returns password as MD5 hash
2) Stored XSS via device name in parent Dashboard
3) Possible CSRF attacks in parent Dashboard
4) Arbitrary File Upload to AWS S3 bucket
5) Disable Child App Restriction without Parent's notice
https://sec-consult.com/vulnerability-lab/advisory/multiple-vulnerabilities-in-kiddoware-kids-place-parental-control-android-app/
SEC Consult
Multiple Vulnerabilities in Kiddoware Kids Place Parental Control Android App
Multiple vulnerabilities have been identified in the Kiddoware Kids Place Parental Control Android App. Users of the parent's web dashboard can be attacked via cross site scripting or cross site request forgery vulnerabilities, or attackers may upload arbitrary…
👍1
A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities
https://github.com/teixeira0xfffff/KoodousFinder
https://github.com/teixeira0xfffff/KoodousFinder
GitHub
GitHub - HuntDownProject/KoodousFinder: A simple tool to allows users to search for and analyze android apps for potential security…
A simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities - HuntDownProject/KoodousFinder
In this repository you will find sample code files for each day of the course "Python for OSINT. A 21-day course for beginners".
https://github.com/cipher387/python-for-OSINT-21-days
https://github.com/cipher387/python-for-OSINT-21-days
GitHub
GitHub - cipher387/python-for-OSINT-21-days: In this repository you will find sample code files for each day of the course "Python…
In this repository you will find sample code files for each day of the course "Python for OSINT. A 21-day course for beginners". - cipher387/python-for-OSINT-21-days
👍2
Mini.WebVM: Your own Linux box from Dockerfile, virtualized in the browser via WebAssembly
https://leaningtech.com/mini-webvm-your-linux-box-from-dockerfile-via-wasm/
https://leaningtech.com/mini-webvm-your-linux-box-from-dockerfile-via-wasm/
Leaning Technologies Developer Hub
Mini.WebVM: Your own Linux box from Dockerfile, virtualized in the browser via WebAssembly
WebVM is a Linux-like virtual machine running fully client-side in the browser. It is based on CheerpX: a x86 execution engine in WebAssembly by Leaning Technologies. With today’s update, you can deploy your own version of WebVM by simply forking the repository…
👍2
Cymulate - framework to help red team construct fully customizable/automated APT attacks
https://github.com/opabravo/cymulate-framework
https://github.com/opabravo/cymulate-framework
Kali Linux 2023.2 Release (Hyper-V & PipeWire)
https://www.kali.org/blog/kali-linux-2023-2-release/
https://www.kali.org/blog/kali-linux-2023-2-release/
Kali Linux
Kali Linux 2023.2 Release (Hyper-V & PipeWire) | Kali Linux Blog
Quick off the mark from previous 10 year anniversary, Kali Linux 2023.2 is now here. It is ready for immediate download or upgrading if you have an existing Kali Linux installation.
The changelog highlights over the last few weeks since March’s release of…
The changelog highlights over the last few weeks since March’s release of…
AceCryptor Technical analysis
https://www.welivesecurity.com/2023/05/25/shedding-light-acecryptor-operation
https://www.welivesecurity.com/2023/05/25/shedding-light-acecryptor-operation
WeLiveSecurity
Shedding light on AceCryptor and its operation
ESET researchers reveal details about a prevalent cryptor that operates as a cryptor-as-a-service and is used by tens of malware families.
LightsOut - Generate an obfuscated DLL that will disable AMSI & ETW
https://github.com/icyguider/LightsOut
https://github.com/icyguider/LightsOut
GitHub
GitHub - icyguider/LightsOut: Generate an obfuscated DLL that will disable AMSI & ETW
Generate an obfuscated DLL that will disable AMSI & ETW - icyguider/LightsOut
❤1
Operation Triangulation: iOS devices targeted with previously unknown malware
https://securelist.com/operation-triangulation/109842/
https://securelist.com/operation-triangulation/109842/
Securelist
Operation Triangulation: iOS devices targeted with previously unknown malware
While monitoring the traffic of our own corporate Wi-Fi network, we noticed suspicious activity that originated from several iOS-based phones. Since it is impossible to inspect modern iOS devices from the inside, we created offline backups of the devices…
❤2
Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)
https://github.com/0xkol/badspin
https://github.com/0xkol/badspin
GitHub
GitHub - 0xkol/badspin: Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421)
Bad Spin: Android Binder Privilege Escalation Exploit (CVE-2022-20421) - 0xkol/badspin