Invisi-Shell
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API.
https://github.com/OmerYa/Invisi-Shell
Hide your powershell script in plain sight! Invisi-Shell bypasses all of Powershell security features (ScriptBlock logging, Module logging, Transcription, AMSI) by hooking .Net assemblies. The hook is performed via CLR Profiler API.
https://github.com/OmerYa/Invisi-Shell
GitHub
GitHub - OmerYa/Invisi-Shell: Hide your Powershell script in plain sight. Bypass all Powershell security features
Hide your Powershell script in plain sight. Bypass all Powershell security features - OmerYa/Invisi-Shell
We disclosed two sets of vulnerabilities this week. Live Networks LIVE555 streaming media RTSPServer code execution: http://cs.co/6015D730W
Linksys E Series routers: http://cs.co/6019D730S
Linksys E Series routers: http://cs.co/6019D730S
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation
https://cxsecurity.com/issue/WLB-2018010018
https://cxsecurity.com/issue/WLB-2018010018
Cxsecurity
Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation - CXSecurity.com
Andrey Konovalov has realised a new security note Linux Kernel < 4.4.0-83 / < 4.8.0-58 (Ubuntu 14.04 and 16.04) Local Privilege Escalation
Forwarded from امنیت اطلاعات
Spiesexpose.pdf
1.3 MB
5 Practical Scenarios for XSS Attacks
https://pentest-tools.com/blog/xss-attacks-practical-scenarios/
https://pentest-tools.com/blog/xss-attacks-practical-scenarios/
WebExec - an authenticated RCE vulnerability in Cisco WebEx client
https://blog.skullsecurity.org/2018/technical-rundown-of-webexec
https://blog.skullsecurity.org/2018/technical-rundown-of-webexec
PE Sec Info – A Simple Tool to Manipulate ASLR and DEP Flags
https://osandamalith.com/2018/10/24/pe-sec-info-a-simple-tool-to-manipulate-aslr-and-dep-flags/
https://osandamalith.com/2018/10/24/pe-sec-info-a-simple-tool-to-manipulate-aslr-and-dep-flags/
🔐Blog of Osanda
PE Sec Info – A Simple Tool to Manipulate ASLR and DEP Flags | 🔐Blog of Osanda
Recently I was interested in exploring the PE headers and writing simple programs to manipulate different headers. There are thousands of applications and code to be found on this topic. I started …
This media is not supported in your browser
VIEW IN TELEGRAM
To see the future clearly, you have to look to the past. #MrRobot
Capturing NetNTLM Hashes with Office [DOT] XML Documents
https://bohops.com/2018/08/04/capturing-netntlm-hashes-with-office-dot-xml-documents/
https://bohops.com/2018/08/04/capturing-netntlm-hashes-with-office-dot-xml-documents/
bohops
Capturing NetNTLM Hashes with Office [DOT] XML Documents
TL;DR An Office XML (.xml) document can call a remote XSL stylesheet over SMB. If this occurs against an attacker controlled server, the net-NTLM authentication hash (challenge/response) of t…