“Those who rule data will rule the entire world.” - 孫正義

A tool that detects the privilege escalation vulnerabilities caused by misconfigurations and missing updates in the Windows operating systems. - hlldz/dazzleUP

PoC for CVE-2020-6287 The PoC in python for add user only, no administrator permission set. Inspired by @zeroSteiner from metasploit. Original Metasploit PR module: https://github.com/rapid7/metas...

A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks - GitHub - ra1nb0rn/avain: A Modular Framework for the Automated Vulnerability Analysis in IP-based Networks

Bug hunting through fuzzer/*-sanitizer/etc... Contribute to hardenedlinux/harbian-qa development by creating an account on GitHub.

Capture NamedPipe traffic using #Wireshark #ETW and the fabulous file sytem filter driver from @kobyk ! #Windows #Internal github.com/airbus-cert/Wi…

Here is POC of CVE-2020-3452, unauthenticated file read in Cisco ASA & Cisco Firepower. For example to read "/+CSCOE+/portal_inc.lua" file. https://<domain>/+CSCOT+/translation-table?type=mst&textdomain=/%2bCSCOE%2b/portal_inc.lua&default-language&lang=../…

SAML Pentest and Implementaion demonstrates how insecure configurations combine to form a phishing attack that can give attackers access.

Task Scheduler service loads a non-existing DLL enabling persistence as `NT AUTHORITY\SYSTEM`.

Collection of pentesting scripts. Contribute to redcode-labs/Citadel development by creating an account on GitHub.

Estimated Reading Time: 9 minutes During the previous week, I was doing some research about win32 APIs and how we can use them during weaponizing our attack, I already did some work related to process injection in the past, but I was looking for something…

Getting Genymotion & Burpsuite setup for Android Mobile App Analysis - 1d8/Android-Analysis

A beginner-friendly writeup on TryHackMe’s Overpass challenge

Reverse Engineering Starling Bank (Part I): Obfuscation Techniques 2020-07-30

CSRF token is not always enough

Have you ever dreamed of creating exe files out of your PowerShell scripts? If yes, read on. In this post I will show you how you can create exe files with a small and simple program called ps2exe.

Best practices, including concrete “dos and don’ts,” that can help you prevent security misconfigurations on Google Compute Engine.