Frameless BITB: A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx
https://github.com/waelmas/frameless-bitb
EventLogCrasher: PoC for a bug, that allows any user to crash the Windows Event Log service of any other Windows 10/Windows Server 2022 machine on the same domain
https://github.com/floesen/EventLogCrasher
InjectKit: This repository contains modified versions of the Cobalt Strike Process Injection Kit
https://github.com/REDMED-X/InjectKit
ScarCruft | Attackers Gather Strategic Intelligence and Target Cybersecurity Professionals
https://www.sentinelone.com/labs/a-glimpse-into-future-scarcruft-campaigns-attackers-gather-strategic-intelligence-and-target-cybersecurity-professionals
How Threat Actors Leveraged HAR Files To Attack Okta’s Customers
https://www.rezonate.io/blog/har-files-attack-okta-customers
Atlassian Confluence - Remote Code Execution (CVE-2023-22527)
https://blog.projectdiscovery.io/atlassian-confluence-ssti-remote-code-execution
GraphStrike: is a suite of tools that enables Cobalt Strike's HTTPS Beacon to use Microsoft Graph API for C2 communications
https://github.com/RedSiege/GraphStrike
Writeup and exploit for CVE-2023-45777, bypass for Intent validation inside AccountManagerService on Android 13 despite "Lazy Bundle" mitigation
https://github.com/michalbednarski/TheLastBundleMismatch
Security Brief: TA866 Returns with a Large Email Campaign
https://www.proofpoint.com/us/blog/threat-insight/security-brief-ta866-returns-large-email-campaign
Parrot TDS: A Persistent and Evolving Malware Campaign
https://unit42.paloaltonetworks.com/parrot-tds-javascript-evolution-analysis
Rapidly evolving IoT malware EnemyBot now targeting Content Management System servers and Android devices
https://cybersecurity.att.com/blogs/labs-research/rapidly-evolving-iot-malware-enemybot-now-targeting-content-management-system-servers
Google Chrome V8 CVE-2024-0517 Out-of-Bounds Write Code Execution
https://blog.exodusintel.com/2024/01/19/google-chrome-v8-cve-2024-0517-out-of-bounds-write-code-execution
How I passed the Intigriti 0124 Challenge
rodriguezjorgex/how-i-passed-the-intigriti-0124-challenge-b6c2d1cd1b7b" rel="nofollow">https://medium.com/@rodriguezjorgex/how-i-passed-the-intigriti-0124-challenge-b6c2d1cd1b7b
LiesGate: The idea came from an interesting project called MutationGate
In summary, the LiesGate code demonstrates advanced techniques related to system function manipulation, memory permission alterations, and execution context manipulation in a Windows environment, applicable in scenarios like reverse engineering, debugging, security testing, or malware development
https://github.com/CyberSecurityUP/LiesGate
Evil-M5Core2: is an innovative tool developed for ethical testing and exploration of WiFi networks
https://github.com/7h30th3r0n3/Evil-M5Core2
Yet another C++ Cobalt Strike beacon dropper with Ntdll unhooking, PPID spoofing and custom Process hollowing
https://github.com/ProcessusT/Venoma
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
https://github.com/horizon3ai/CVE-2024-0204
CVE-2023-4863 Heap buffer overflow in Google libwebp (WebP)
https://github.com/LiveOverflow/webp-CVE-2023-4863
CVE-2023-22527 RCE using SSTI in Confluence
https://github.com/Vozec/CVE-2023-22527
1.6_C2: Using the Counter Strike 1.6 RCON protocol as a C2 Channel
https://github.com/eversinc33/1.6_C2
Building Windows Shellcode in Linux
https://github.com/defparam/win_shellcode_builder
Cracked software beats gold: new macOS backdoor stealing cryptowallets
https://securelist.com/new-macos-backdoor-crypto-stealer
the Google search bar enough to hack Belgian companies?
https://blog.nviso.eu/2024/01/22/is-the-google-search-bar-enough-to-hack-belgium-companies
Domain Escalation – Backup Operator
https://pentestlab.blog/2024/01/22/domain-escalation-backup-operator
Remote TLS Callback Injection:
Utilizing TLS callbacks to execute a payload without spawning any threads in a remote process
https://github.com/Maldev-Academy/RemoteTLSCallbackInjection
Bug Hunting Methodology
https://github.com/WadQamar10/My-Hunting-Methodology-
LOLSpoof: is a an interactive shell program that automatically spoof the command line arguments of the spawned process
https://github.com/itaymigdal/LOLSpoof
The Dangers of Lateral Movement & Website Cross Contamination
https://blog.sucuri.net/2024/01/dangers-of-lateral-movement-website-cross-contamination
This repository contains proof-of-concept scripts for CVE-2023-45866, CVE-2024-21306, and CVE-2024-0230 Bluetooth vulnerabilities in Android, Linux, macOS, iOS and Windows can be exploited to pair an emulated Bluetooth keyboard and inject keystrokes without user confirmation
https://github.com/marcnewlin/hi_my_name_is_keyboard
Calling Home, Get Your Callbacks Through RBI
https://posts.specterops.io/calling-home-get-your-callbacks-through-rbi-50633a233999
Outlook Vulnerability Discovery and New Ways to Leak NTLM Hashes
https://www.varonis.com/blog/outlook-vulnerability-new-ways-to-leak-ntlm-hashes
F31: is a bash script that hardens your Kali Linux and allows you to minimize noise in the air
https://github.com/wearecaster/F31
Cobalt Strike Profiles for EDR Evasion + SourcePoint is a C2 profile generator for Cobalt Strike
https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion
