hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

Spamming Microsoft 365 Like It’s 1995
https://www.blackhillsinfosec.com/spamming-microsoft-365-like-its-1995

Читать полностью…

Hacker tricks

Bluetooth Security Assessment Methodology
https://github.com/TarlogicSecurity/BSAM

Читать полностью…

Hacker tricks

FuncIn Unprotect Evasion Technique Demo: This demonstration showcases the utilization of FuncIn evasion technique for spawning a remote shell
https://github.com/Unprotect-Project/FuncInEvasionTechniqueDemo

Читать полностью…

Hacker tricks

CloakQuest3r: is a powerful Python tool meticulously crafted to uncover the true IP address of websites safeguarded by Cloudflare, a widely adopted web security and performance enhancement service
https://github.com/spyboy-productions/CloakQuest3r

Читать полностью…

Hacker tricks

UnlinkDLL: DLL Unlinking from InLoadOrderModuleList, InMemoryOrderModuleList, InInitializationOrderModuleList, and LdrpHashTable
https://github.com/frkngksl/UnlinkDLL

Читать полностью…

Hacker tricks

Lazarus targets organizations worldwide using novel Telegram-based malware written in DLang
https://blog.talosintelligence.com/lazarus_new_rats_dlang_and_telegram

Читать полностью…

Hacker tricks

Scaling your threat hunting operations with CrowdStrike and PSFalcon
https://blog.nviso.eu/2023/12/13/scaling-your-threat-hunting-operations-with-crowdstrike-and-psfalcon

Читать полностью…

Hacker tricks

HiddenDesktop: Create and enumerate hidden desktops
https://github.com/MalwareTech/HiddenDesktop

Читать полностью…

Hacker tricks

TPMSpoofer: Simple proof of concept kernel mode driver hooking tpm.sys dispatch to randomize any public key reads
https://github.com/SamuelTulach/tpm-spoofer

Читать полностью…

Hacker tricks

Story of the year: the impact of AI on cybersecurity
https://securelist.com/story-of-the-year-2023-ai-impact-on-cybersecurity

Читать полностью…

Hacker tricks

Try Hack me — Advent Of Cyber 2023 Day 9 Write Up — She sells C# shells by the C2shore
https://infosecwriteups.com/try-hack-me-advent-of-cyber-2023-day-8-write-up-she-sells-c-shells-by-the-c2shore-080ba26f4011

Читать полностью…

Hacker tricks

htb-authority: Exploiting authority from @hackthebox_eu involves cracking Ansible vault, messing with PWM, and two really neat twists on the ESC1 ADCS attack, where I'll generate and use a fake computer, and use Pass-The-Cert
https://0xdf.gitlab.io/2023/12/09/htb-authority

Читать полностью…

Hacker tricks

New payload to exploit Error-based SQL injection - Oracle database
https://www.mannulinux.org/2023/12/New-payload-to-exploit-Error-based-SQL-injection-Oracle-database.html

Читать полностью…

Hacker tricks

Useful resources for iOS hacking
https://github.com/Siguza/ios-resources

Читать полностью…

Hacker tricks

Cookie Monster BOF: Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the Cookies and Login Data files, copy the handle(s) and then filelessly download the target
https://github.com/KingOfTheNOPs/cookie-monster

Читать полностью…

Hacker tricks

Abusing Liftoff assembly and efficiently escaping from sbx
https://retr0.zip/blog/abusing-Liftoff-assembly-and-efficiently-escaping-from-sbx.html

Читать полностью…

Hacker tricks

CVE-2023-50164 Apache Struts RCE
https://github.com/jakabakos/CVE-2023-50164-Apache-Struts-RCE
CVE-2023-6553 Exploit V2: Backup Migration <= 1.3.7 - Unauthenticated Remote Code Execution
https://github.com/Chocapikk/CVE-2023-6553

Читать полностью…

Hacker tricks

Security Researcher Note: Cover various security approaches to attack techniques and also provides new discoveries about security breaches
https://github.com/LearningKijo/SecurityResearcher-Note

Читать полностью…

Hacker tricks

Monarch: is a C2 Framework designed to give implant developers the convenience of integrating with an existing backend, so that more time can be spent creating cutting-edge features and enhancing overall efficiency
https://github.com/pygrum/monarch

Читать полностью…

Hacker tricks

Twitter subdomain XSS + CSRF vulnerability
Clicking a crafted link or going to some crafted web pages would allow attackers to take over your account (posting, liking, updating your profile, deleting your account, etc.)
https://twitter.com/shoucccc/status/1734802168723734764

Читать полностью…

Hacker tricks

Process Argument Spoofing
https://unprotect.it/technique/process-argument-spoofing

Читать полностью…

Hacker tricks

Abuse the CLR memory un(safety)
https://ipslav.github.io/2023-12-12-let-me-manage-your-appdomain
DirtyCLR: An App Domain Manager Injection DLL PoC on steroids with a clean Thread Call Stack and no direct WinAPI calls
https://github.com/ipSlav/DirtyCLR

Читать полностью…

Hacker tricks

Side-by-side comparison of the Windows and Linux (GNU dl) Loaders
https://github.com/ElliotKillick/windows-vs-linux-loader-architecture

Читать полностью…

Hacker tricks

PoolParty BOF: A beacon object file implementation of PoolParty Process Injection Technique
https://github.com/0xEr3bus/PoolPartyBof

Читать полностью…

Hacker tricks

Unmasking the Shadows: The Art of Threat Hunting in Defender for Identity
https://cyberdom.blog/2023/12/09/unmasking-the-shadows-the-art-of-threat-hunting-in-defender-for-identity

Читать полностью…

Hacker tricks

Hunting Volt Typhoon TTPs
https://montysecurity.medium.com/hunting-volt-typhoon-ttps-00329f3daae2

Читать полностью…

Hacker tricks

myph: AV/EDR bypass payload creation tool
https://github.com/matro7sh/myph

Читать полностью…

Hacker tricks

Proof of Concept (PoC) of 5G NR Attacks against commercial smartphones, CPE routers, USB Modems, etc
https://github.com/asset-group/5ghoul-5g-nr-attacks

Читать полностью…

Hacker tricks

Black Hat Europe 2023 slides
https://github.com/onhexgroup/Conferences/tree/main/Black%20Hat%20Europe%202023%20slides

Читать полностью…

Hacker tricks

Defender Exclusions Creator BOF
https://github.com/EspressoCake/Defender-Exclusions-Creator-BOF

Читать полностью…
Подписаться на канал