Hashcatch: A script to capture handshakes of nearby wifi networks as you walk
down the street.
https://github.com/staz0t/hashcatch
down the street.
https://github.com/staz0t/hashcatch
GitHub
GitHub - staz0t/hashcatch: Capture handshakes of nearby WiFi networks automatically
Capture handshakes of nearby WiFi networks automatically - staz0t/hashcatch
WMImplant is a PowerShell based tool that leverages WMI to both perform actions against targeted machines, but also as the C2 channel for issuing commands and receiving results. WMImplant will likely require local administrator permissions on the targeted machine.
https://github.com/FortyNorthSecurity/WMImplant
https://github.com/FortyNorthSecurity/WMImplant
GitHub
GitHub - RedSiege/WMImplant: This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell…
This is a PowerShell based tool that is designed to act like a RAT. Its interface is that of a shell where any command that is supported is translated into a WMI-equivalent for use on a network/rem...
Escalating privileges with ACLs in Active Directory
https://blog.fox-it.com/2018/04/26/escalating-privileges-with-acls-in-active-directory/
https://blog.fox-it.com/2018/04/26/escalating-privileges-with-acls-in-active-directory/
Fox-IT International blog
Escalating privileges with ACLs in Active Directory
Researched and written by Rindert Kramer and Dirk-jan Mollema Introduction During internal penetration tests, it happens quite often that we manage to obtain Domain Administrative access within a f…
Testing Race Conditions in Web Applications
https://securingtomorrow.mcafee.com/business/testing-race-conditions-web-applications/
https://securingtomorrow.mcafee.com/business/testing-race-conditions-web-applications/
Datajack Proxy
Datajack Proxy a tool to intercept non-HTTP traffic between a native application and a server.
https://github.com/nccgroup/DatajackProxy
Datajack Proxy a tool to intercept non-HTTP traffic between a native application and a server.
https://github.com/nccgroup/DatajackProxy
GitHub
GitHub - nccgroup/DatajackProxy: Datajack Proxy allows you to intercept TLS traffic in native x86 applications across platforms
Datajack Proxy allows you to intercept TLS traffic in native x86 applications across platforms - GitHub - nccgroup/DatajackProxy: Datajack Proxy allows you to intercept TLS traffic in native x86 ap...
https://defuse.ca/race-conditions-in-web-applications.htm
https://medium.com/@ciph3r7r0ll/race-condition-bug-in-web-app-a-use-case-21fd4df71f0e
https://github.com/aaronhnatiw/race-the-web
https://medium.com/@ciph3r7r0ll/race-condition-bug-in-web-app-a-use-case-21fd4df71f0e
https://github.com/aaronhnatiw/race-the-web
defuse.ca
Practical Race Condition (TOCTTOU) Vulnerabilities in Web Applications - Defuse Security
Query-level race conditions can lead to serious but hard to find vulnerabilities in web applications.
Extracting Certificates From the Windows Registry
https://blog.nviso.be/2019/08/28/extracting-certificates-from-the-windows-registry/
https://blog.nviso.be/2019/08/28/extracting-certificates-from-the-windows-registry/
NVISO Labs
Extracting Certificates From the Windows Registry
I helped a colleague with a forensic analysis by extracting certificates from the Windows registry. In this blog post, we explain how to do this. The Windows registry contains binary blobs, contain…
Cisco UCS Director unauthenticated RCE as root (advisory + exploits)
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-ucs-rce.txt
https://raw.githubusercontent.com/pedrib/PoC/master/advisories/cisco-ucs-rce.txt
Updated TikiLateral to use .NET WMI stuff instead of wmic on the command line
https://rastamouse.me/2019/06/the-return-of-aggressor/
https://rastamouse.me/2019/06/the-return-of-aggressor/