Pentester – Telegram

Pentester

2.79K subscribers

116 photos

3 videos

163 files

2.76K links

- Offensive Security (Red Teaming / PenTesting)
- BlueTeam (OperationSec, TreatHunting, DFIR)
- Reverse Engineering / Malware Analisys
- Web Security

Download Telegram

About

Blog

Apps

Platform

2.79K subscribers

Windows CLFS Driver Privilege Escalation

This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.

Affects version:
— Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
— Windows 11 22H2;
— Windows 10 21H2;
— Windows 10 22H2;
— Windows Server 2022.

Research: https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability

Exploit: https://github.com/duck-sec/CVE-2023-28252-Compiled-exe

Analysis of CVE-2023-28252 CLFS Vulnerability | Core Security

The CVE-2023-28252 vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. This blog will provide a detailed analysis and proof of concept for…

👍1

1.14K views20:23

How to detect android malware using Random Forest Classifier and explain it use linearsvc

https://github.com/liansecurityOS/android-malware-detection

GitHub - liansecurityOS/android-malware-detection: This is a opensource repo about how to detect android malware using Random Forest…

This is a opensource repo about how to detect android malware using Random Forest Classifier and explain it use linearsvc. - liansecurityOS/android-malware-detection

🔥3

1.06K views07:55

How to protect Evilginx using Cloudflare and HTML Obfuscation
https://www.jackphilipbutton.com/post/how-to-protect-evilginx-using-cloudflare-and-html-obfuscation

How to protect Evilginx using Cloudflare and HTML Obfuscation

Using a combination of Cloudflare and HTML Obfuscation, it is possible to protect your Evilginx server from being flagged as deceptive and so increase your chances of success on Red Team and Social Engineering engagements. Anyone who has tried to run a Social…

🔥2

1.25K views15:50

ThievingFox - Remotely retrieving credentials from password managers and Windows utilities
https://blog.slowerzs.net/posts/thievingfox/

https://github.com/Slowerzs/ThievingFox/

ThievingFox - Remotely retrieving credentials from password managers and Windows utilities

🔥3

1.08K views15:08

Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)

https://github.com/EvilGreys/Disable-Windows-Defender-

🔥4❤‍🔥1👎1

1.17K views16:33

Skrapa is a zero dependency and customizable Python library for scanning Windows and Linux process memory.

https://research.nccgroup.com/2024/01/25/memory-scanning-for-the-masses/

https://github.com/fox-it/skrapa

989 views05:02

Send phishing messages and attachments to Microsoft Teams users

https://github.com/Octoberfest7/TeamsPhisher

GitHub - Octoberfest7/TeamsPhisher: Send phishing messages and attachments to Microsoft Teams users

Send phishing messages and attachments to Microsoft Teams users - Octoberfest7/TeamsPhisher

🔥2👍1

1.05K views09:25

A Deep Dive Into Exploiting Windows Thread Pools

https://urien.gitbook.io/diago-lima/a-deep-dive-into-exploiting-windows-thread-pools

urien.gitbook.io

A Deep Dive Into Exploiting Windows Thread Pools | Diago Lima

🔥2

1.05K views04:21

Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html

Bypassing EDRs With EDR-Preloading

Evading user mode EDR hooks by hijacking the AppVerifier layer

🔥2

892 views04:19

Active Directory Enumeration for Red Teams
https://www.mdsec.co.uk/2024/02/active-directory-enumeration-for-red-teams/

Active Directory Enumeration for Red Teams - MDSec

The Directory Service is the heart and soul of many organisations, and whether its Active Directory, OpenLDAP or something more exotic, as a source of much knowledge it often acts...

🔥2

881 views04:23

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS).
https://github.com/wh0amitz/SharpADWS

GitHub - wh0amitz/SharpADWS: Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services…

Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web Services (ADWS). - wh0amitz/SharpADWS

🔥2

1.14K views04:24

Automation for Juniper CVE:2023-36845
https://github.com/ak1t4/CVE-2023-36845

GitHub - ak1t4/CVE-2023-36845: CVES

CVES . Contribute to ak1t4/CVE-2023-36845 development by creating an account on GitHub.

👍3

1.21K views04:35

KernelGPT: Enhanced Kernel Fuzzing via Large Language Models

https://arxiv.org/pdf/2401.00563.pdf

1.18K views04:44

CVE-2024-21413: Microsoft Outlook Leak Hash

https://github.com/duy-31/CVE-2024-21413

GitHub - duy-31/CVE-2024-21413: Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC

Microsoft Outlook Information Disclosure Vulnerability (leak password hash) - Expect Script POC - duy-31/CVE-2024-21413

🔥1

1.26K views18:05

This Proof-Of-Concept demonstrates the exploitation of CVE-2023-22098 against VirtualBox 7.0.10 r158379

https://github.com/google/security-research/tree/master/pocs/oracle/virtualbox/cve-2023-22098

security-research/pocs/oracle/virtualbox/cve-2023-22098 at master · google/security-research

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code. - google/security-research

🔥2

1.29K views19:52

Pivoting from Microsoft Cloud to On-Premise Machines
https://whiteknightlabs.com/2024/02/21/pivoting-from-microsoft-cloud-to-on-premise-machines/

White Knight Labs

Pivoting from Microsoft Cloud to On-Premise Machines | White Knight Labs

This article will demonstrate one situation discovered during a recent cloud penetration test that allowed us to pivot from a Microsoft cloud

🔥2

1.15K views08:04

GitHub - xhzeem/toxicache: Go scanner to find web cache poisoning vulnerabilities in a list of URLs

https://github.com/xhzeem/toxicache

GitHub - xhzeem/toxicache: Go scanner to find web cache poisoning vulnerabilities in a list of URLs

Go scanner to find web cache poisoning vulnerabilities in a list of URLs - xhzeem/toxicache

🔥3👍1

1.25K views08:06

Windows Kernel Exploitation Tutorial Part 1: Setting up the Environment

https://rootkits.xyz/blog/2017/06/kernel-setting-up/

Windows Kernel Exploitation Tutorial Part 1: Setting up the Environment - rootkit

Intro Recently, I had the pleasure to attend the training on Windows Kernel Exploitation at nullcon by the HackSysTeam. The training was well executed, and I got the intro into the world of kernel. But, as you know, nobody could teach you internals about…

🔥4

1.15K views04:36

Kali Linux 2024.1 Release (Micro Mirror) | Kali Linux Blog

https://www.kali.org/blog/kali-linux-2024-1-release

Kali Linux 2024.1 Release (Micro Mirror)

Hello 2024! Today we are unveiling Kali Linux 2024.1. As this is our the first release of the year, it does include new visual elements! Along with this we also have some exciting new mirrors to talk about, and of course some package changes - both new tools…

🔥2❤1

993 views19:42

Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)

https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC

GitHub - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC: Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)

Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386) - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC

🔥3

1.03K views06:57

Nice blog about #Recon Automation using tools like #Subfinder, #Chaos, #Nuclei, #Httpx, Notify, and Anew to find bugs and vulnerabilities.

https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/

Recon with Me !!!

Security Through Intelligent Automation

👍2

976 views04:51