SleuthQL Description
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables were identified.
https://github.com/RhinoSecurityLabs/SleuthQL
https://youtu.be/Sp3FevOAmCs
SleuthQL is a python3 script to identify parameters and values that contain SQL-like syntax. Once identified, SleuthQL will then insert SQLMap identifiers (*) into each parameter where the SQL-esque variables were identified.
https://github.com/RhinoSecurityLabs/SleuthQL
https://youtu.be/Sp3FevOAmCs
GitHub
GitHub - RhinoSecurityLabs/SleuthQL: Python3 Burp History parsing tool to discover potential SQL injection points. To be used in…
Python3 Burp History parsing tool to discover potential SQL injection points. To be used in tandem with SQLmap. - RhinoSecurityLabs/SleuthQL
RID HIJACKING: Maintaining Access on Windows Machines #DerbyCon
https://github.com/r4wd3r/RID-Hijacking/blob/master/slides/derbycon-8.0/RID_HIJACKING_DERBYCON_2018.pdf
https://github.com/r4wd3r/RID-Hijacking/blob/master/slides/derbycon-8.0/RID_HIJACKING_DERBYCON_2018.pdf
GitHub
r4wd3r/RID-Hijacking
Windows RID Hijacking persistence technique. Contribute to r4wd3r/RID-Hijacking development by creating an account on GitHub.
Building Your Own Dedicated IPSEC VPN in Less Than 10 Minutes
https://danielmiessler.com/blog/building-your-own-dedicated-ipsec-vpn-in-less-than-10-minutes/
https://danielmiessler.com/blog/building-your-own-dedicated-ipsec-vpn-in-less-than-10-minutes/
How to bypass AMSI and execute ANY malicious Powershell code
https://0x00-0x00.github.io/research/2018/10/28/How-to-bypass-AMSI-and-Execute-ANY-malicious-powershell-code.html
https://0x00-0x00.github.io/research/2018/10/28/How-to-bypass-AMSI-and-Execute-ANY-malicious-powershell-code.html
zc00l blog
How to bypass AMSI and execute ANY malicious Powershell code
Hello again. In my previous posts I detailed how to manually get SYSTEM shell from Local Administrators users. That’s interesting but very late game during a penetration assessment as it is presumed that you already owned the target machine.
Lateral Movement using WSHController/WSHRemote objects (IWSHController and IWSHRemote interfaces)
http://www.hexacorn.com/blog/2018/08/18/lateral-movement-using-wshcontroller-wshremote-objects-iwshcontroller-and-iwshremote-interfaces/
http://www.hexacorn.com/blog/2018/08/18/lateral-movement-using-wshcontroller-wshremote-objects-iwshcontroller-and-iwshremote-interfaces/
A website that helps to understand even the wildest C/C++ declarations :) https://cdecl.org
hashcat-brain - A Docker container for running a hashcat brain server
https://hub.docker.com/r/singelet/hashcat-brain/
https://hub.docker.com/r/singelet/hashcat-brain/
We just updated our fork of MSF to the latest version. Meterpreter with DNS tunnel transport. Still not integrated into main branch of Rapid7.... so only fork
https://github.com/defcon-russia/metasploit-framework
https://github.com/defcon-russia/metasploit-payloads
https://asintsov.blogspot.com/2017/12/data-exfiltration-in-metasploit.html
https://github.com/defcon-russia/metasploit-framework
https://github.com/defcon-russia/metasploit-payloads
https://asintsov.blogspot.com/2017/12/data-exfiltration-in-metasploit.html
GitHub
GitHub - defcon-russia/metasploit-framework: Metasploit Framework
Metasploit Framework. Contribute to defcon-russia/metasploit-framework development by creating an account on GitHub.
a Constrained Language Mode implementation of Base64 that can be used in WMI Implant.
https://github.com/FortyNorthSecurity/CLM-Base64/blob/master/CLM-Base64.ps1
https://github.com/FortyNorthSecurity/CLM-Base64/blob/master/CLM-Base64.ps1
GitHub
CLM-Base64/CLM-Base64.ps1 at master · FortyNorthSecurity/CLM-Base64
This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode - CLM-Base64/CLM-Base64.ps1 at master · FortyNorthSecurity/CLM-Base64