LSA Whisperer is a set of tools for interacting with authentication packages using their individual message protocols. Support is currently provided for the cloudap, kerberos, msv1_0, negotiate, pku2u, and schannel packages and cloudap's AzureAD plugin.
https://github.com/EvanMcBroom/lsa-whisperer
https://github.com/EvanMcBroom/lsa-whisperer
GitHub
GitHub - EvanMcBroom/lsa-whisperer: Tools for interacting with authentication packages using their individual message protocols
Tools for interacting with authentication packages using their individual message protocols - EvanMcBroom/lsa-whisperer
π₯5π€¨1π1
CLI tool (python) for managing Cortex XDR
* changing rules
* restarting the XDR process
* disabling the local analysis engine
* inserting any python code to run
https://github.com/SafeBreach-Labs/CortexVortex
* changing rules
* restarting the XDR process
* disabling the local analysis engine
* inserting any python code to run
https://github.com/SafeBreach-Labs/CortexVortex
GitHub
GitHub - SafeBreach-Labs/CortexVortex
Contribute to SafeBreach-Labs/CortexVortex development by creating an account on GitHub.
π3π₯2β€1π1
DarkGPT is an OSINT assistant based on GPT-4-200K designed to perform queries on leaked databases, thus providing an artificial intelligence assistant that can be useful in your traditional OSINT processes.
https://github.com/luijait/DarkGPT
https://github.com/luijait/DarkGPT
π4π₯4
SilverPotato
https://decoder.cloud/2024/04/24/hello-im-your-domain-admin-and-i-want-to-authenticate-against-you/
https://decoder.cloud/2024/04/24/hello-im-your-domain-admin-and-i-want-to-authenticate-against-you/
Decoder's Blog
Hello: Iβm your Domain Admin and I want to authenticate against you
TL;DR (really?): Members of Distributed COM Users or Performance Log Users Groups can trigger from remote and relay the authentication of users connected on the target server, including Domain Contβ¦
π3β‘2π
1
BlackHat ASIA 2024 Slides
https://github.com/onhexgroup/Conferences/tree/main/BlackHat%20ASIA%202024-Slides
https://github.com/onhexgroup/Conferences/tree/main/BlackHat%20ASIA%202024-Slides
GitHub
Conferences/BlackHat ASIA 2024-Slides at main Β· onhexgroup/Conferences
Conference presentation slides. Contribute to onhexgroup/Conferences development by creating an account on GitHub.
π₯6
Fuzzing Android binaries using AFL++ Frida Mode
https://valsamaras.medium.com/fuzzing-android-binaries-using-afl-frida-mode-57a49cf2ca43
https://valsamaras.medium.com/fuzzing-android-binaries-using-afl-frida-mode-57a49cf2ca43
Medium
Fuzzing Android binaries using AFL++ Frida Mode
You might find this to be a fitting prologue to my earlier post on Creating and using JVM instances in Android C/C++ applicationsβ¦ and youβ¦
π₯4
Mobile Malware Analysis Part 1 β Leveraging Accessibility Features to Steal Crypto Wallet
https://8ksec.io/mobile-malware-analysis-part-1-crypto-wallet-stealer/
https://8ksec.io/mobile-malware-analysis-part-1-crypto-wallet-stealer/
8kSec - 8kSec is a cybersecurity research & training company. We provide high-quality training & consulting services.
Mobile Malware Analysis Part 1 β Leveraging Accessibility Features to Steal Crypto Wallet - 8kSec
Decrypting Mobile Malware! Part 1 of our blog series commences with how malicious apps use Android accessibility features to steal crypto wallet credentials.
π₯5π1
PowerView.py
PowerView.py is an alternative for the awesome original PowerView.ps1 script. Most of the modules used in PowerView are available here ( some of the flags are changed ). Main goal is to achieve interactive session without having to repeatedly authenticate to ldap.
https://github.com/aniqfakhrul/powerview.py
PowerView.py is an alternative for the awesome original PowerView.ps1 script. Most of the modules used in PowerView are available here ( some of the flags are changed ). Main goal is to achieve interactive session without having to repeatedly authenticate to ldap.
https://github.com/aniqfakhrul/powerview.py
GitHub
GitHub - aniqfakhrul/powerview.py: Just another Powerview alternative but on steroids
Just another Powerview alternative but on steroids - aniqfakhrul/powerview.py
π₯4β1
JS-Tap is a tool intended to help red teams attack web applications.
https://trustedsec.com/blog/js-tap-mark-ii-now-with-c2-shenanigans
https://trustedsec.com/blog/js-tap-mark-ii-now-with-c2-shenanigans
TrustedSec
JS-Tap Mark II: Now with C2 Shenanigans
π₯3π1
A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
https://github.com/hmgle/graftcp
https://github.com/hmgle/graftcp
GitHub
GitHub - hmgle/graftcp: A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy.
A flexible tool for redirecting a given program's TCP traffic to SOCKS5 or HTTP proxy. - hmgle/graftcp
π₯3
Operation Triangulation: Attacks On IPhones/iPads - Marco Preuss
https://www.youtube.com/watch?v=xt6z4zExFII
https://www.youtube.com/watch?v=xt6z4zExFII
YouTube
Operation Triangulation: Attacks On IPhones/iPads - Marco Preuss
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
Hijacking GitHub runners to compromise the organization
https://www.synacktiv.com/publications/hijacking-github-runners-to-compromise-the-organization
https://www.synacktiv.com/publications/hijacking-github-runners-to-compromise-the-organization
Synacktiv
Hijacking GitHub runners to compromise the organization
CVE-2024-21683-RCE-main.zip
2.4 KB
π₯3π1
CVE-2024-24919: Check Point arbitrary file read (as root)
https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/
https://labs.watchtowr.com/check-point-wrong-check-point-cve-2024-24919/
watchTowr Labs
Check Point - Wrong Check Point (CVE-2024-24919)
Gather round, gather round - itβs time for another blogpost tearing open an SSLVPN appliance and laying bare a recent in-the-wild exploited bug. This time, it is Check Point who is the focus of our penetrative gaze.
Check Point, for those unaware, is theβ¦
Check Point, for those unaware, is theβ¦
CCTV
Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in real-time for logistics or safety, redefining how we navigate our surroundings.
https://github.com/IvanGlinkin/CCTV
Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in real-time for logistics or safety, redefining how we navigate our surroundings.
https://github.com/IvanGlinkin/CCTV
GitHub
GitHub - IvanGlinkin/CCTV: Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegramβ¦
Close-Circuit Telegram Vision revolutionizes location tracking with its open-source design and Telegram API integration. Offering precise tracking within 50-100 meters, users can monitor others in ...
Dynamically hooking Golang programs
https://blog.quarkslab.com/lets-go-into-the-rabbit-hole-part-1-the-challenges-of-dynamically-hooking-golang-program.html
https://metalbear.co/blog/hooking-go-from-rust-hitchhikers-guide-to-the-go-laxy/
https://blog.quarkslab.com/lets-go-into-the-rabbit-hole-part-1-the-challenges-of-dynamically-hooking-golang-program.html
https://metalbear.co/blog/hooking-go-from-rust-hitchhikers-guide-to-the-go-laxy/
Quarkslab
Letβs Go into the rabbit hole (part 1) β the challenges of dynamically hooking Golang programs - Quarkslab's blog
Golang is the most used programming language for developing cloud technologies. Tools such as Kubernetes, Docker, Containerd and gVisor are written in Go. Despite the fact that the code of these programs is open source, there is no way to analyze and extendβ¦
Android greybox fuzzing with AFL++ Frida mode
https://blog.quarkslab.com/android-greybox-fuzzing-with-afl-frida-mode.html
https://blog.quarkslab.com/android-greybox-fuzzing-with-afl-frida-mode.html
Quarkslab
Android greybox fuzzing with AFL++ Frida mode - Quarkslab's blog
This article is about greybox fuzzing of userland targets that can be encountered in Android using AFL++ and its Frida mode. We also discuss how to target JNI functions, to test the native features invoked by Java code.
A Frida-focused GPT to help reverse engineers in writing Frida scripts and using Frida Python bindings.
https://chatgpt.com/g/g-KwZVA8dTp-fridagpt
https://chatgpt.com/g/g-KwZVA8dTp-fridagpt
ChatGPT
ChatGPT - FridaGPT
ChatGPT helps you get answers, find inspiration, and be more productive.
π₯3
CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again!
https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html
https://github.com/TAM-K592/CVE-2024-4577
https://blog.orange.tw/2024/06/cve-2024-4577-yet-another-php-rce.html
https://github.com/TAM-K592/CVE-2024-4577
Orange Tsai
CVE-2024-4577 - Yet Another PHP RCE: Make PHP-CGI Argument Injection Great Again!
π [ ηΉι«δΈζ | English ] This is a side story/extra bug while Iβm preparing for my Black Hat USA presentation. I believe most of the details have already been covered in the official advisory (sh
β2π1π
1π1