hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

Nuclei templates for honeypots detection
https://github.com/UnaPibaGeek/honeypots-detection

Читать полностью…

Hacker tricks

Persistence – Windows Telemetry
https://pentestlab.blog/2023/11/06/persistence-windows-telemetry

Читать полностью…

Hacker tricks

LdrLibraryEx: A small x64 library to load dll's into memory
https://github.com/Cracked5pider/LdrLibraryEx

Читать полностью…

Hacker tricks

ladder: Alternative to 12ft•io. Bypass paywalls with a proxy ladder and remove CORS headers from any URL
https://github.com/kubero-dev/ladder

Читать полностью…

Hacker tricks

Use Wasm to Bypass Latest Chrome v8sbx Again
numencyberlabs/use-wasm-to-bypass-latest-chrome-v8sbx-again-639c4c05b157" rel="nofollow">https://medium.com/@numencyberlabs/use-wasm-to-bypass-latest-chrome-v8sbx-again-639c4c05b157

Читать полностью…

Hacker tricks

UAC Bypass FUD: The UAC Bypass program is designed to run files with elevated privileges on Windows without requesting user permission or displaying the UAC screen. It provides a way to bypass User Account Control (UAC) restrictions for specific tasks
https://github.com/justhyak/UAC-Bypass-FUD

Читать полностью…

Hacker tricks

DFIR Resources: A curated list of resources for DFIR through Microsoft Defender for Endpoint leveraging kusto queries, powershell scripts, tools such as KAPE and THOR Cloud and more
https://github.com/cyb3rmik3/MDE-DFIR-Resources

Читать полностью…

Hacker tricks

Bypassing an Admin Panel with SQL Injection
medz20876/blog-post-bypassing-an-admin-panel-with-sql-injection-20b844442711" rel="nofollow">https://medium.com/@medz20876/blog-post-bypassing-an-admin-panel-with-sql-injection-20b844442711

Читать полностью…

Hacker tricks

Social Media OSINT Tools Collection
https://github.com/osintambition/Social-Media-OSINT-Tools-Collection

Читать полностью…

Hacker tricks

autoNTDS is an automation script designed to simplify the process of dumping and cracking NTDS hashes using secretsdump .py and hashcat
https://github.com/hmaverickadams/autoNTDS

Читать полностью…

Hacker tricks

Extension functionality for the NightHawk operator client
https://github.com/xforcered/DayBird

Читать полностью…

Hacker tricks

Enumerate/Bruteforce/Attack All the Things!
Presenting Legba
https://www.evilsocket.net/2023/11/02/Enumerate-Bruteforce-Attack-All-The-Things-Presenting-Legba

Читать полностью…

Hacker tricks

OLE object are still dangerous today — Exploiting Microsoft Office
https://github.com/edwardzpeng/presentations/tree/main/POC%202023

Читать полностью…

Hacker tricks

LdrLockLiberator: is a collection of techniques for escaping or otherwise forgoing Loader Lock while executing your code from DllMain or anywhere else the lock may be present
https://github.com/ElliotKillick/LdrLockLiberator

Читать полностью…

Hacker tricks

LDAP authentication in Active Directory environments
https://offsec.almond.consulting/ldap-authentication-in-active-directory-environments

Читать полностью…

Hacker tricks

Bypassing Android 13 Restrictions with SecuriDropper
https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions

Читать полностью…

Hacker tricks

Fuzzer Development: The Soul of a New Machine
https://h0mbre.github.io/New_Fuzzer_Project
Source Code:
https://github.com/h0mbre/Lucid

Читать полностью…

Hacker tricks

No-Consolation: A BOF that runs unmanaged PEs inline
https://github.com/fortra/No-Consolation

Читать полностью…

Hacker tricks

Phishing With Dynamite
fakasler/phishing-with-dynamite-7d33d8fac038" rel="nofollow">https://medium.com/@fakasler/phishing-with-dynamite-7d33d8fac038

Читать полностью…

Hacker tricks

Breaking Barriers: Unmasking the Easy Password Validation Bypass in Security Key Registration | How a Dumb Frontend Led to 750 $ Bounty
https://thecyberneh.medium.com/breaking-barriers-unmasking-the-easy-password-validation-bypass-in-security-key-registration-4cb0d8103a93

Читать полностью…

Hacker tricks

Android Security Exploits YouTube Curriculum: A curated list of modern Android exploitation conference talks
https://github.com/actuator/Android-Security-Exploits-YouTube-Curriculum

Читать полностью…

Hacker tricks

Abusing Entra ID Misconfigurations to Bypass MFA
https://www.netspi.com/blog/technical/cloud-penetration-testing/abusing-entra-id-misconfigurations-to-bypass-mfa

Читать полностью…

Hacker tricks

Data-bouncing - New Exfil and C2 Technique
https://thecontractor.io/data-bouncing

Читать полностью…

Hacker tricks

C2_RedTeam_CheatSheets: Useful Cobalt Strike techniques learned from engagements
https://github.com/wsummerhill/C2_RedTeam_CheatSheets

Читать полностью…

Hacker tricks

HARpwn is a PowerShell module designed to streamline the extraction and sanitization of HARTokens from HTTP Archive (HAR) files
https://github.com/HCRitter/HARpwn

Читать полностью…

Hacker tricks

JS-Tap: Weaponizing JavaScript for Red Teams
https://trustedsec.com/blog/js-tap-weaponizing-javascript-for-red-teams

Читать полностью…

Hacker tricks

Exploit for CVE-2023-46747
https://github.com/W01fh4cker/CVE-2023-46747-RCE

Читать полностью…

Hacker tricks

abuseACL: A python script to automatically list vulnerable Windows ACEs/ACLs
https://github.com/AetherBlack/abuseACL

Читать полностью…

Hacker tricks

A Retrospective on AvosLocker
https://www.zscaler.com/blogs/security-research/retrospective-avoslocker

Читать полностью…

Hacker tricks

Magikarp: is a cryptographic command-line utility designed for secure file operations using Elliptic Curve Cryptography (ECC)
https://github.com/FuzzySecurity/Magikarp

Читать полностью…
Подписаться на канал