hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

How I Prevented a Mass Data Breach - $15,000 bounty
https://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d

Читать полностью…

Hacker tricks

Exploiting n-day in Home Security Camera
https://0xbigshaq.github.io/2024/01/05/tp-link-tapo-c100

Читать полностью…

Hacker tricks

SSHniffer: A post-compromise agent to be deployed on rooted linux machines designed to quietly listen for SSH connections. When a domain user/service connects to the linux device with a password, the agent will log the sshd process data by using strace
https://github.com/JitBox/SSHniffer

Читать полностью…

Hacker tricks

Checkmate: payload Execution by Fake Windows SmartScreen with requires Administrator privileges & Turn off real SmartScreen Filter
https://github.com/S3N4T0R-0X0/Checkmate

Читать полностью…

Hacker tricks

pendulum: Sleep obfuscation for Linux
https://github.com/kyleavery/pendulum

Читать полностью…

Hacker tricks

Stinger: CIA UAC bypass implementation of Stinger that obtains the token from an auto-elevated process, modifies it, and reuses it to execute as Administrator
https://github.com/hackerhouse-opensource/Stinger

Читать полностью…

Hacker tricks

rp-bf: A library to bruteforce ROP gadgets by emulating a Windows user-mode crash-dump
https://github.com/0vercl0k/rp-bf.rs

Читать полностью…

Hacker tricks

GodPotato Aggressor Script
https://github.com/weaselsec/GodPotato-Aggressor-Script

Читать полностью…

Hacker tricks

MITMonster: A monster cheatsheet on MITM attacks
https://github.com/wearecaster/MITMonster

Читать полностью…

Hacker tricks

Unmasking RedLine Stealer
https://www.infostealers.com/article/unmasking-redline-stealer

Читать полностью…

Hacker tricks

Artillery: CIA UAC bypass implementation that utilizes elevated COM object to write to System32 and an auto-elevated process to execute as administrator
https://github.com/hackerhouse-opensource/Artillery

Читать полностью…

Hacker tricks

Active Directory Pentesting from Linux
https://tbhaxor.com/active-directory-pentesting-from-linux

Читать полностью…

Hacker tricks

This PoC creates multiple processes, where each process performs a specific task as part of the injection operation
https://github.com/Maldev-Academy/Christmas

Читать полностью…

Hacker tricks

Infostealer Exploit and the Enigma of Cookie Restoration
https://www.infostealers.com/article/breaking-through-the-infostealer-exploit-and-the-enigma-of-cookie-restoration

Читать полностью…

Hacker tricks

SignToolEx: uses Microsoft Detours hooking library to hijack "signtool.exe" and modify expired code-signing certificates to appear valid, allowing to codesign without changing system clock
https://github.com/hackerhouse-opensource/SignToolEx

Читать полностью…

Hacker tricks

(Im)perfectProject(or) - Hacking a small WiFi connected projector for fun and to learn hard lessons
https://axelp.io/ImperfectProjector

Читать полностью…

Hacker tricks

MobSF Remote code execution (via CVE-2024-21633)
https://github.com/0x33c0unt/CVE-2024-21633

Читать полностью…

Hacker tricks

SSH-Snake: is a self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery
https://github.com/MegaManSec/SSH-Snake

Читать полностью…

Hacker tricks

SharpGhostTask: A C# port from Invoke-GhostTask
https://github.com/dmcxblue/SharpGhostTask

Читать полностью…

Hacker tricks

Collection of Bash scripts designed for comprehensive security audits and network mapping of Active Directory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam
https://github.com/emrekybs/AD-AssessmentKit

Читать полностью…

Hacker tricks

havoc-bloodhound: A GUI wrapper inside of Havoc to interact with bloodhound CE
https://github.com/p4p1/havoc-bloodhound

Читать полностью…

Hacker tricks

The Mac Malware of 2023 👾
https://objective-see.org/blog/blog_0x77

Читать полностью…

Hacker tricks

Initial Access – search-ms URI Handler
https://pentestlab.blog/2024/01/02/initial-access-search-ms-uri-handler

Читать полностью…

Hacker tricks

Hide and Seek in Windows' Closet: Unmasking the WinSxS Hijacking Hideout
https://www.securityjoes.com/post/hide-and-seek-in-windows-closet-unmasking-the-winsxs-hijacking-hideout

Читать полностью…

Hacker tricks

Compression using RDP API
https://gist.github.com/odzhan/56eb105a611dcdebd1d3a084c7312190

Читать полностью…

Hacker tricks

December 2023 BattlEye shellcode dump
https://github.com/SamuelTulach/be_shellcode_dump

Читать полностью…

Hacker tricks

The CIA's Marble Framework is designed to allow for flexible and easy-to-use obfuscation when developing tools
https://github.com/hackerhouse-opensource/Marble
A CIA tradecraft technique to asynchronously detect when a process is created using WMI
https://github.com/hackerhouse-opensource/WMIProcessWatcher

Читать полностью…

Hacker tricks

A small program written in C that is designed to load 32-bit shellcode and allow for execution or debugging
https://github.com/jstrosch/sclauncher

Читать полностью…

Hacker tricks

40,000+ Nuclei templates for security scanning and detection across diverse web applications and services
https://github.com/linuxadi/40k-nuclei-templates

Читать полностью…

Hacker tricks

Keres: a is Powershell rev-shell backdoor with persistence
https://github.com/ELMERIKH/Keres

Читать полностью…
Подписаться на канал