An introduction to reverse engineering .NET AOT applications
https://harfanglab.io/en/insidethelab/reverse-engineering-ida-pro-aot-net/
https://harfanglab.io/en/insidethelab/reverse-engineering-ida-pro-aot-net/
🔥2
CVE-2024-0204: Authentication Bypass in GoAnywhere MFT
Script to create a new admin user in GoAnywhere MFT.
https://github.com/horizon3ai/CVE-2024-0204
https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-
Script to create a new admin user in GoAnywhere MFT.
https://github.com/horizon3ai/CVE-2024-0204
https://www.horizon3.ai/cve-2024-0204-fortra-goanywhere-mft-authentication-bypass-deep-
GitHub
GitHub - horizon3ai/CVE-2024-0204: Authentication Bypass in GoAnywhere MFT
Authentication Bypass in GoAnywhere MFT. Contribute to horizon3ai/CVE-2024-0204 development by creating an account on GitHub.
🔥2
Linux Kernel GSM Multiplexing Race Condition Local Privilege Escalation Vulnerability (CVE-2023-6546)
https://github.com/Nassim-Asrir/ZDI-24-020/
https://github.com/Nassim-Asrir/ZDI-24-020/
GitHub
GitHub - zerozenxlabs/ZDI-24-020
Contribute to zerozenxlabs/ZDI-24-020 development by creating an account on GitHub.
🔥2
Android-based PAX POS vulnerabilities (Part 1) - STM Cyber Blog
https://blog.stmcyber.com/pax-pos-cves-2023/
https://blog.stmcyber.com/pax-pos-cves-2023/
STM Cyber Blog
Android-based PAX POS vulnerabilities (Part 1) - STM Cyber Blog
In this article, we present details of 6 vulnerabilities on the Android POS devices made by the worldwide known company PAX Technology.
Windows CLFS Driver Privilege Escalation
This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.
Affects version:
— Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
— Windows 11 22H2;
— Windows 10 21H2;
— Windows 10 22H2;
— Windows Server 2022.
Research: https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability
Exploit: https://github.com/duck-sec/CVE-2023-28252-Compiled-exe
This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.
Affects version:
— Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
— Windows 11 22H2;
— Windows 10 21H2;
— Windows 10 22H2;
— Windows Server 2022.
Research: https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability
Exploit: https://github.com/duck-sec/CVE-2023-28252-Compiled-exe
Coresecurity
Analysis of CVE-2023-28252 CLFS Vulnerability | Core Security
The CVE-2023-28252 vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. This blog will provide a detailed analysis and proof of concept for…
👍1
How to detect android malware using Random Forest Classifier and explain it use linearsvc
https://github.com/liansecurityOS/android-malware-detection
https://github.com/liansecurityOS/android-malware-detection
GitHub
GitHub - liansecurityOS/android-malware-detection: This is a opensource repo about how to detect android malware using Random Forest…
This is a opensource repo about how to detect android malware using Random Forest Classifier and explain it use linearsvc. - liansecurityOS/android-malware-detection
🔥3
How to protect Evilginx using Cloudflare and HTML Obfuscation
https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation
https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation
Jack Button
How to protect Evilginx using Cloudflare and HTML Obfuscation
Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements. Anyone who has tried to run a Social…
🔥2
ThievingFox - Remotely retrieving credentials from password managers and Windows utilities
https://blog.slowerzs.net/posts/thievingfox/
https://github.com/Slowerzs/ThievingFox/
https://blog.slowerzs.net/posts/thievingfox/
https://github.com/Slowerzs/ThievingFox/
Slowerzs' blog
ThievingFox - Remotely retrieving credentials from password managers and Windows utilities
🔥3
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
https://github.com/EvilGreys/Disable-Windows-Defender-
https://github.com/EvilGreys/Disable-Windows-Defender-
🔥4❤🔥1👎1
Skrapa is a zero dependency and customizable Python library for scanning Windows and Linux process memory.
https://research.nccgroup.com/2024/01/25/memory-scanning-for-the-masses/
https://github.com/fox-it/skrapa
https://research.nccgroup.com/2024/01/25/memory-scanning-for-the-masses/
https://github.com/fox-it/skrapa
Send phishing messages and attachments to Microsoft Teams users
https://github.com/Octoberfest7/TeamsPhisher
https://github.com/Octoberfest7/TeamsPhisher
GitHub
GitHub - Octoberfest7/TeamsPhisher: Send phishing messages and attachments to Microsoft Teams users
Send phishing messages and attachments to Microsoft Teams users - Octoberfest7/TeamsPhisher
🔥2👍1
A Deep Dive Into Exploiting Windows Thread Pools
https://urien.gitbook.io/diago-lima/a-deep-dive-into-exploiting-windows-thread-pools
https://urien.gitbook.io/diago-lima/a-deep-dive-into-exploiting-windows-thread-pools
urien.gitbook.io
A Deep Dive Into Exploiting Windows Thread Pools | Diago Lima
🔥2
Active Directory Enumeration for Red Teams
https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/
https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/
MDSec
Active Directory Enumeration for Red Teams - MDSec
The Directory Service is the heart and soul of many organisations, and whether its Active Directory, OpenLDAP or something more exotic, as a source of much knowledge it often acts...
🔥2
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
https://github.com/wh0amitz/SharpADWS
https://github.com/wh0amitz/SharpADWS
GitHub
GitHub - wh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services…
Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS). - wh0amitz/SharpADWS
🔥2
This Proof-Of-Concept demonstrates the exploitation of CVE-2023-22098 against VirtualBox 7.0.10 r158379
https://github.com/google/security-research/tree/master/pocs/oracle/virtualbox/cve-2023-22098
https://github.com/google/security-research/tree/master/pocs/oracle/virtualbox/cve-2023-22098
GitHub
security-research/pocs/oracle/virtualbox/cve-2023-22098 at master · google/security-research
This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - google/security-research
🔥2