A website that helps to understand even the wildest C/C++ declarations :) https://cdecl.org
hashcat-brain - A Docker container for running a hashcat brain server
https://hub.docker.com/r/singelet/hashcat-brain/
https://hub.docker.com/r/singelet/hashcat-brain/
We just updated our fork of MSF to the latest version. Meterpreter with DNS tunnel transport. Still not integrated into main branch of Rapid7.... so only fork
https://github.com/defcon-russia/metasploit-framework
https://github.com/defcon-russia/metasploit-payloads
https://asintsov.blogspot.com/2017/12/data-exfiltration-in-metasploit.html
https://github.com/defcon-russia/metasploit-framework
https://github.com/defcon-russia/metasploit-payloads
https://asintsov.blogspot.com/2017/12/data-exfiltration-in-metasploit.html
GitHub
GitHub - defcon-russia/metasploit-framework: Metasploit Framework
Metasploit Framework. Contribute to defcon-russia/metasploit-framework development by creating an account on GitHub.
a Constrained Language Mode implementation of Base64 that can be used in WMI Implant.
https://github.com/FortyNorthSecurity/CLM-Base64/blob/master/CLM-Base64.ps1
https://github.com/FortyNorthSecurity/CLM-Base64/blob/master/CLM-Base64.ps1
GitHub
CLM-Base64/CLM-Base64.ps1 at master · FortyNorthSecurity/CLM-Base64
This project provides Base64 encoding and decoding functionality to PowerShell within Constrained Language Mode - CLM-Base64/CLM-Base64.ps1 at master · FortyNorthSecurity/CLM-Base64
This media is not supported in your browser
VIEW IN TELEGRAM
Firefox RCE - Clickjacking feed reader alongside weird Windows file picker behavior.
PoC: https://pastebin.com/raw/hhx1CEm3
PoC: https://pastebin.com/raw/hhx1CEm3
Need an in-memory option for the Rotten Potato exploit? Created "Reflective Potato", simple port for use as a reflective DLL and run entirely in memory! Included Cobalt Strike script and Metasploit module
https://github.com/realoriginal/reflectivepotato
https://github.com/realoriginal/reflectivepotato
Introduction to Cryptography with Coding Theory : https://isidore.co/calibre/get/pdf/4971 (pdf / 591 pages)
Reset AD user password with Linux
https://malicious.link/post/2017/reset-ad-user-password-with-linux/
https://malicious.link/post/2017/reset-ad-user-password-with-linux/
Abusing #PowerShell Desired State Configuration for Lateral Movement
https://posts.specterops.io/abusing-powershell-desired-state-configuration-for-lateral-movement-ca42ddbe6f06
https://posts.specterops.io/abusing-powershell-desired-state-configuration-for-lateral-movement-ca42ddbe6f06
Medium
Abusing PowerShell Desired State Configuration for Lateral Movement
Lateral Movement Technique Description
Pentesting and .hta (bypass PowerShell Constrained Language Mode)
https://medium.com/tsscyber/pentesting-and-hta-bypassing-powershell-constrained-language-mode-53a42856c997
https://medium.com/tsscyber/pentesting-and-hta-bypassing-powershell-constrained-language-mode-53a42856c997
Medium
Pentesting and .hta (bypassing PowerShell Constrained Language Mode)
When I’m on an engagement and I’m given a SOE and a domain account, I usually want to use a tool like PowerShell Empire to remotely…
MemITM (Mem In The Middle) tool has been developped in order to easily intercept "messages" in Windows processes memory: https://github.com/AMOSSYS/MemITM #dfir #reverseengineering
GitHub
GitHub - AMOSSYS/MemITM: Tool to make in memory man in the middle
Tool to make in memory man in the middle. Contribute to AMOSSYS/MemITM development by creating an account on GitHub.
invoke-Confusion .NET attacker of Powershell Remotely
https://homjxi0e.wordpress.com/2018/10/02/invoke-confusion-attack-of-powershell/
https://homjxi0e.wordpress.com/2018/10/02/invoke-confusion-attack-of-powershell/
matthomjxi0e
invoke-Confusion .NET attacker of Powershell Remotely
Introduction extremely a splendid Invoke-Confusion is collections of modules Powershell inclusive some researches the modern between them .NET Reflection. Assembly, however, It contains aspects of …