Unmanaged .NET Patching: A proof-of-concept for patching managed .NET function from unmanaged code
https://github.com/outflanknl/unmanaged-dotnet-patch
Exploiting Entra ID for Stealthier Persistence and Privilege Escalation using the Federated Authentication’s Secondary Token-signing Certificate
https://medium.com/tenable-techblog/stealthy-persistence-privesc-in-entra-id-by-using-the-federated-auth-secondary-token-signing-cert-876b21261106
XML External Entity injection with error-based data exfiltration
https://infosecwriteups.com/xml-external-entity-injection-with-error-based-data-exfiltration-985b063ec820
Jumpserver Preauth RCE Exploit Chain
https://sites.google.com/site/zhiniangpeng/blogs/Jumpserver
ThievingFox: is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities
https://github.com/Slowerzs/ThievingFox
A direct improvement to remote TLS Injection
https://github.com/Uri3n/Advanced-TLS-Injection
BOFHound: Session Integration
https://posts.specterops.io/bofhound-session-integration-7b88b6f18423
Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients
Write XLL Dropper in c++ , a red teams most used dropper , learn how to be like a red teams and APT groups by building your XLL Dropper
https://github.com/EvilGreys/XLL-DROPPER-
CsWhispers: Source generator to add D/Invoke and indirect syscall methods to a C# project
https://github.com/rasta-mouse/CsWhispers
Pwn2Own Automotive 2024 - Day Three Results
https://www.thezdi.com/blog/2024/1/25/pwn2own-automotive-2024-day-three-results
Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE
https://github.com/h4x0r-dz/CVE-2024-23897
SyscallMeMaybe: Implementation of Indirect Syscall technique to pop an innocent calc.exe
https://github.com/oldboy21/SyscallMeMaybe
Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver
https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl
ICS and OT threat predictions for 2024
https://securelist.com/ksb-ics-predictions-2024
Uncovering USB Malware's Hidden Depths
https://www.mandiant.com/resources/blog/unc4990-evolution-usb-malware
ApateWeb: An Evasive Large-Scale Scareware and PUP Delivery Campaign
https://unit42.paloaltonetworks.com/apateweb-scareware-pup-delivery-campaign
Unveiling the intricacies of DiceLoader
https://blog.sekoia.io/unveiling-the-intricacies-of-diceloader
Frog4Shell — FritzFrog Botnet Adds One-Days to Its Arsenal
https://www.akamai.com/blog/security-research/fritzfrog-botnet-new-capabilities-log4shell
Pawn Storm Uses Brute Force and Stealth Again
https://www.trendmicro.com/en_us/research/24/a/pawn-storm-uses-brute-force-and-stealth
Bypass NTLM Message Integrity Check - Drop the MIC
https://www.blackhillsinfosec.com/bypass-ntlm-message-integrity-check-drop-the-mic
Persistence – Disk Clean-up
https://pentestlab.blog/2024/01/29/persistence-disk-clean-up
Ultra-Sophisticated 0day APT SuperMalware Proxy EXE
https://gist.github.com/DanielGibson/f4ea4d46fc279d64a2d35a326e7a1a88
MyDumbEDR: This repo contains all the necessary files to run the MyDumbEDR and try to bypass
https://github.com/sensepost/mydumbedr
Proof-of-concept code for the Android APEX key reuse vulnerability described in https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys
Читать полностью…Automated Multi UAC bypass
for win10|win11|ws2019|ws2022
https://github.com/x0xr00t/Automated-MUlti-UAC-Bypass
Trigona Ransomware in 3 Hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours
Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
https://github.com/ProcessusT/EnumSSN
ExecIT: DLL Shellcode self-inyector/runner based on HWSyscalls, ideally thought to be executed with rundll32
https://github.com/florylsk/ExecIT
Top-GPTs: Run popular GPTs without the need for ChatGPT Plus subscription
https://github.com/Anil-matcha/Top-GPTs
SOAPHound: is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol.
SOAPHound is able to extract the same information without directly communicating to the LDAP server
https://github.com/FalconForceTeam/SOAPHound
ADCS Attack Paths in BloodHound — Part 1
https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-1-799f3d3b03cf
Rust for Cyber Security and Red Teaming
https://infosecwriteups.com/rust-for-cyber-security-and-red-teaming-275595d3fdec