Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)

https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC

Nice blog about #Recon Automation using tools like #Subfinder, #Chaos, #Nuclei, #Httpx, Notify, and Anew to find bugs and vulnerabilities.

https://dhiyaneshgeek.github.io/bug/bounty/2020/02/06/recon-with-me/

framework for penetration testing

https://github.com/INotGreen/XiebroC2

Static Analysis Automation for Hunting Vulnerable Kernel Drivers

https://speakerdeck.com/takahiro_haruyama/static-analysis-automation-for-hunting-vulnerable-kernel-drivers

Code injection on Android without ptrace
https://erfur.github.io/blog/dev/code-injection-without-ptrace

APKDeepLens - tool to scan Android applications for security vulnerabilities
https://github.com/d78ui98/APKDeepLens

Source Code Disclosure in IIS 10.0! Almost.

There is a method to reveal the source code of some .NET apps. Here's how it works.

https://swarm.ptsecurity.com/source-code-disclosure-in-asp-net-apps/

Experimental Windows x64 Kernel Rootkit.

https://github.com/eversinc33/Banshee

FuncAddressPro
A stealthy, assembly-based tool for secure function address resolution, offering a robust alternative to GetProcAddress.
https://github.com/WKL-Sec/FuncAddressPro

WORKSHOP ⧸⧸ Reversing with Ghidra

https://www.youtube.com/watch?v=CO70I0813Gk

Two Bytes is Plenty: FortiGate RCE with CVE-2024-21762

https://www.assetnote.io/resources/research/two-bytes-is-plenty-fortigate-rce-with-cve-2024-21762

Exploit Development: No Code Execution? No Problem! Living The Age of VBS, HVCI, and Kernel CFG

https://connormcgarr.github.io/hvci/

Java deserialization tricks

https://www.synacktiv.com/publications/java-deserialization-tricks

Grok open release
https://github.com/xai-org/grok-1

UAC Bypass
https://medium.com/tenable-techblog/uac-bypass-by-mocking-trusted-directories-24a96675f6e

Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation. (CVE-2023-36424)

https://github.com/Nassim-Asrir/CVE-2023-36424

VM Escape Exploit for Parallels Desktop Hypervisor (Pwn2Own 2021) source code + video walkthrough

https://zerodayengineering.com/research/pwn2own-2021-vm-escape.html

A virtual machine escape exploit will typically require kernel privileges in the guest OS. In this exploit it off-loading the reverse-engineered toolgate protocol implementation to a Python module, while keeping low-level kernel code minimal, just enough to implement the attack interface - a nod to the principle of least privilege in systematic software engineering, which is missed a lot in non-trivial exploit development.
ⓒ Alisa Shevchenko

Attacking AWS
https://rezaduty-1685945445294.hashnode.dev/attacking-aws

Tycoon 2FA: an in-depth analysis of the latest version of the AiTM phishing kit
https://blog.sekoia.io/tycoon-2fa-an-in-depth-analysis-of-the-latest-version-of-the-aitm-phishing-kit/

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 99.4% in KernelCTF images.
https://github.com/notselwyn/cve-2024-1086