RCE in Hubspot with EL injection in HubL
https://www.betterhacker.com/2018/12/rce-in-hubspot-with-el-injection-in-hubl.html
https://www.betterhacker.com/2018/12/rce-in-hubspot-with-el-injection-in-hubl.html
Betterhacker
RCE in Hubspot with EL injection in HubL
This is the story of how I was able to get remote code execution on Hubspot 's servers by exploiting a vulnerability in HubL expression la...
A collection of infrastructure related tests for use with #Pester & #PowerShell.
https://github.com/EvotecIT/PesterInfrastructureTests
https://github.com/EvotecIT/PesterInfrastructureTests
GitHub
EvotecIT/PesterInfrastructureTests
A collection of infrastructure related tests for use with Pester & PowerShell. - EvotecIT/PesterInfrastructureTests
Exploitation: XML External Entity (XXE) Injection
https://depthsecurity.com/blog/exploitation-xml-external-entity-xxe-injection
https://depthsecurity.com/blog/exploitation-xml-external-entity-xxe-injection
Blind Command Injection Testing with Burp Collaborator
https://hk.saowen.com/a/2d57cca70a0fc0b21138211a1cb83e8c51af27b3dff57c3dbb51343549a39626
https://hk.saowen.com/a/2d57cca70a0fc0b21138211a1cb83e8c51af27b3dff57c3dbb51343549a39626
Information Security
Photo
SwampThing
SwampThing lets you to spoof process command line args (x32/64). Essentially you create a process in a suspended state, rewrite the PEB, resume and finally revert the PEB. The end result is that logging infrastructure will record the fake command line args instead of the real ones. Think for example about launching a wmic xsl stylesheet for code execution but faking an innocuous wmic command.
https://github.com/FuzzySecurity/Sharp-Suite
SwampThing lets you to spoof process command line args (x32/64). Essentially you create a process in a suspended state, rewrite the PEB, resume and finally revert the PEB. The end result is that logging infrastructure will record the fake command line args instead of the real ones. Think for example about launching a wmic xsl stylesheet for code execution but faking an innocuous wmic command.
https://github.com/FuzzySecurity/Sharp-Suite
GitHub
GitHub - FuzzySecurity/Sharp-Suite: Also known by Microsoft as Knifecoat :hot_pepper:
Also known by Microsoft as Knifecoat :hot_pepper:. Contribute to FuzzySecurity/Sharp-Suite development by creating an account on GitHub.
Pwning computers using Telegram bot API
https://0x00-0x00.github.io/tools/2018/12/10/Pwning-Computers-using-Telegram-bot-API.html
https://0x00-0x00.github.io/tools/2018/12/10/Pwning-Computers-using-Telegram-bot-API.html
From blind XXE to root-level file read access
https://www.honoki.net/2018/12/from-blind-xxe-to-root-level-file-read-access/
https://www.honoki.net/2018/12/from-blind-xxe-to-root-level-file-read-access/
flare-emu
flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks.
https://github.com/fireeye/flare-emu
flare-emu marries IDA Pro’s binary analysis capabilities with Unicorn’s emulation framework to provide the user with an easy to use and flexible interface for scripting emulation tasks.
https://github.com/fireeye/flare-emu
Office VBA + AMSI: Parting the veil on malicious macros
https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/
https://cloudblogs.microsoft.com/microsoftsecure/2018/09/12/office-vba-amsi-parting-the-veil-on-malicious-macros/