hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

Hide your files of any type inside a image of your choice 
https://github.com/JoshuaKasa/van-gonography

Читать полностью…

Hacker tricks

Obfusheader.h is a portable header file for C++14 and higher which implements multiple features for compile-time obfuscation for example string & decimal encryption, control flow, call hiding
https://github.com/ac3ss0r/obfusheader.h

Читать полностью…

Hacker tricks

RunWithDll: A utility that can be used to launch an executable with a DLL injected
https://github.com/TimMisiak/RunWithDll

Читать полностью…

Hacker tricks

NtlmThief: This is a C++ implementation of the Internal Monologue attack. It allows to get NetNTLM hashes of users using SSPI
https://github.com/MzHmO/NtlmThief

Читать полностью…

Hacker tricks

HavocExploit: A remote unauthenticated DOS POC exploit that targets the authentication implementation of Havoc
https://github.com/syncwithali/HavocExploit

Читать полностью…

Hacker tricks

Introducing the Best EDR Of The Market Project ⚔️​
A Little AV/EDR Bypassing Lab for Training & Leaning Purposes
https://xacone.github.io/BestEdrOfTheMarket
BestEDROfTheMarket: is a naive user-mode EDR project, designed to serve as a testing ground for understanding and bypassing EDR's user-mode detection methods that are frequently used by these security solutions.
These techniques are mainly based on a dynamic analysis of the target process state (memory, API calls, etc.),
https://github.com/Xacone/BestEdrOfTheMarket

Читать полностью…

Hacker tricks

Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
https://embee-research.ghost.io/combining-pivot-points-to-identify-malware-infrastructure-redline-smokeloader-and-cobalt-strike

Читать полностью…

Hacker tricks

PoC Exploit for CVE-2023-46214 Splunk RCE
https://github.com/nathan31337/Splunk-RCE-poc
PoC for CVE-2023-2598 Linux Kernel LPE: PoC of a vulnerability in the io_uring subsystem of the Linux Kernel
https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598

Читать полностью…

Hacker tricks

Evading Detection while using nmap
https://infosecwriteups.com/evading-detection-while-using-nmap-69633df091f3

Читать полностью…

Hacker tricks

AI Exploits: A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
https://github.com/protectai/ai-exploits

Читать полностью…

Hacker tricks

All the Small Things: Azure CLI Leakage and Problematic Usage Patterns
https://www.paloaltonetworks.com/blog/prisma-cloud/secrets-leakage-user-error-azure-cli

Читать полностью…

Hacker tricks

Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 2)
https://blog.hacktivesecurity.com/index.php/2023/11/15/inside-the-mind-of-a-cyber-attacker-from-malware-creation-to-data-exfiltration-part-2

Читать полностью…

Hacker tricks

HostingHunter Series: Change Way Technology CO. Limited
joshuapenny88/hostinghunter-series-chang-way-technologies-co-limited-a9ba4fce0f65" rel="nofollow">https://medium.com/@joshuapenny88/hostinghunter-series-chang-way-technologies-co-limited-a9ba4fce0f65

Читать полностью…

Hacker tricks

Reptar: an Intel Ice Lake CPU vulnerability
https://lock.cmpxchg8b.com/reptar.html

Читать полностью…

Hacker tricks

HackerGPT: is your indispensable digital companion in the world of hacking. Crafted with the unique needs of ethical hackers in mind, this AI-powered assistant stands at the forefront of hacking knowledge and assistance
https://github.com/Hacker-GPT/HackerGPT

Читать полностью…

Hacker tricks

CVE-2023-4357 Chrome XXE vulnerability EXP, allowing attackers to obtain local files of visitors
https://github.com/xcanwin/CVE-2023-4357-Chrome-XXE

Читать полностью…

Hacker tricks

matro7sh_loaders: this script adds the ability to encode shellcode (.bin) in XOR,chacha20, AES. You can choose between 2 loaders (Myph / 221b)
https://github.com/matro7sh/matro7sh_loaders

Читать полностью…

Hacker tricks

DotNET XorCryptor: This is a .NET executable packer with payload encryption
https://github.com/DosX-dev/DotNET_XorCryptor

Читать полностью…

Hacker tricks

Давно думал, публиковать свой софт или нет... Вот и решил для начала переписать Rubeus (не весь конечно) на C и перевести в COF файлы. В общем, из коробки работает с Cobalt Strike и Havoc😁😁

https://github.com/RalfHacker/Kerbeus-BOF

#bof #git #soft #redteam #pentest

Читать полностью…

Hacker tricks

AESCrypt implementation of Microsoft Cryptography API, encrypt/decrypt with AES-256 from a passphrase
https://github.com/hackerhouse-opensource/AESCrypt

Читать полностью…

Hacker tricks

Threat Intelligence Malware Analysis: SolarMarker — To Jupyter and Back - SolarMarker uses process injection to run the hVNC and data staging payload. The actors behind SolarMarker primarily utilize .NET for the majority of their payloads
https://www.esentire.com/blog/solarmarker-to-jupyter-and-back

Читать полностью…

Hacker tricks

Hijacking OAuth Code via Reverse Proxy for Account Takeover
https://blog.voorivex.team/hijacking-oauth-code-via-reverse-proxy-for-account-takeover

Читать полностью…

Hacker tricks

Hunting Sandworm Team’s TTPs
https://montysecurity.medium.com/hunting-sandworm-teams-ttps-57a6fb31dd4b

Читать полностью…

Hacker tricks

badgerDAPS: A Brute Ratel LDAP query-log sorting tool, for the aspiring anti-LDAP query/Windows powershell hacker
https://github.com/johnjhacking/badgerDAPS

Читать полностью…

Hacker tricks

ProcessStomping: A variation of ProcessOverwriting to execute shellcode on an executable's section
https://github.com/naksyn/ProcessStomping

Читать полностью…

Hacker tricks

Escaping the sandbox: A bug that speaks for itself
https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself

Читать полностью…

Hacker tricks

The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses
https://research.nccgroup.com/2023/11/15/the-spelling-police-searching-for-malicious-http-servers-by-identifying-typos-in-http-responses

Читать полностью…

Hacker tricks

IOKernelRW: Insecurity as an IOService
https://github.com/Siguza/IOKernelRW

Читать полностью…

Hacker tricks

Report and Exploit of CVE-2023-36427
Summary:
Kernel-mode code in the root partition can corrupt arbitrary physical pages irrespective of EPT permissions using the Hardware Feedback Interface processor feature
https://github.com/tandasat/CVE-2023-36427

Читать полностью…

Hacker tricks

GPT Crawler: Crawl a site to generate knowledge files to create your own custom GPT
https://github.com/BuilderIO/gpt-crawler

Читать полностью…
Подписаться на канал