hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

PoC for CVE-2024-21413 | Microsoft Outlook RCE
https://github.com/xaitax/CVE-2024-21413-Microsoft-Outlook-Remote-Code-Execution-Vulnerability

Читать полностью…

Hacker tricks

The Most Dangerous Entra Role You’ve (Probably) Never Heard Of
https://posts.specterops.io/the-most-dangerous-entra-role-youve-probably-never-heard-of-e00ea08b8661

Читать полностью…

Hacker tricks

Hunting M365 Invaders: Navigating the Shadows of Midnight Blizzard
https://www.splunk.com/en_us/blog/security/hunting-m365-invaders-navigating-the-shadows-of-midnight-blizzard

Читать полностью…

Hacker tricks

CrimsonEDR: Simulate the behavior of AV/EDR for malware development training
https://github.com/Helixo32/CrimsonEDR

Читать полностью…

Hacker tricks

Offensive Lab Environments (Without the Suck)
https://trustedsec.com/blog/offensive-lab-environments-without-the-suck

Читать полностью…

Hacker tricks

CVE-2024-23724:  Ghost CMS Stored XSS Leading to Owner Takeover
https://rhinosecuritylabs.com/research/cve-2024-23724-ghost-cms-stored-xss

Читать полностью…

Hacker tricks

MDE-Tester: is designed to help testing various features in Microsoft Defender for Endpoint
https://github.com/LearningKijo/MDEtester

Читать полностью…

Hacker tricks

Reflective DLL got Indirect Syscall skills
https://oldboy21.github.io/posts/2024/02/reflective-dll-got-indirect-syscall-skills

Читать полностью…

Hacker tricks

Remote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box
https://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e

Читать полностью…

Hacker tricks

APT29’s Attack on Microsoft: Tracking Cozy Bear’s Footprints
https://www.cyberark.com/resources/blog/apt29s-attack-on-microsoft-tracking-cozy-bears-footprints

Читать полностью…

Hacker tricks

WERPersistence: This repository showcases a method that ingeniously exploits Windows Error Reporting (WER) for the purpose of stealthy data persistence and evasion. By embedding malicious payloads within WER reports
https://github.com/0xHossam/WERPersistence

Читать полностью…

Hacker tricks

Collection of notes, useful resources, list of tools and scripts related to Threat Detection & Incident Response
https://github.com/Jean-Francois-C/Threat-Detection-and-Incident-Response

Читать полностью…

Hacker tricks

GoCheck: a blazingly fast alternative to Matterpreter's DefenderCheck which identifies the exact bytes that Windows Defender AV by feeding byte slices to MpCmdRun.exe
https://github.com/gatariee/gocheck

Читать полностью…

Hacker tricks

HijackLoader Expands Techniques to Improve Defense Evasion
https://www.crowdstrike.com/blog/hijackloader-expands-techniques

Читать полностью…

Hacker tricks

Tumblr Subdomain Takeover
https://infosecwriteups.com/tumblr-subdomain-takeover-55f9cb494d65
JSON Smuggling: A far-fetched intrusion detection evasion technique
https://grimminck.medium.com/json-smuggling-a-far-fetched-intrusion-detection-evasion-technique-51ed8f5ee05f

Читать полностью…

Hacker tricks

InflativeLoading: Dynamically convert a native EXE to PIC shellcode by appending a shellcode stub
https://github.com/senzee1984/InflativeLoading

Читать полностью…

Hacker tricks

MacOS CI/CD with Tart
https://medium.com/snowflake/macos-ci-cd-with-tart-d3c0e511f3c9

Читать полностью…

Hacker tricks

RCE PoC for Empire C2 framework <5.9.3
https://github.com/ACE-Responder/Empire-C2-RCE-PoC
CVE-2024-21413 Microsoft Outlook Information Disclosure Vulnerability (leak password hash) Expect Script PoC
https://github.com/duy-31/CVE-2024-21413

Читать полностью…

Hacker tricks

Collection of UAC Bypass Techniques Weaponized as BOFs
https://github.com/icyguider/UAC-BOF-Bonanza

Читать полностью…

Hacker tricks

NetHunter Hacker XIII: Overall guide to MITM framework
https://www.mobile-hacker.com/2024/02/13/nethunter-hacker-xiii-overall-guide-to-mitm-framework

Читать полностью…

Hacker tricks

Dump cookies directly from Chrome process memory
https://github.com/Meckazin/ChromeKatz

Читать полностью…

Hacker tricks

EDR-Preloader: An EDR bypass that prevents EDRs from hooking or loading DLLs into our process by hijacking the AppVerifier layer
https://github.com/MalwareTech/EDR-Preloader

Читать полностью…

Hacker tricks

Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload

Читать полностью…

Hacker tricks

Leveraging Windows Error Reporting (WER) for Stealthy Data Persistence & Evasion
https://github.com/Mmo23/WERPersistence

Читать полностью…

Hacker tricks

A Beginner’s Guide to Tracking Malware Infrastructure
https://censys.com/a-beginners-guide-to-tracking-malware-infrastructure

Читать полностью…

Hacker tricks

NidhoggScript: is a tool to generate "script" file that allows execution of multiple commands for Nidhogg
https://github.com/Idov31/NidhoggScript

Читать полностью…

Hacker tricks

lolcerts: A repository of code signing certificates known to have been leaked or stolen, then abused by threat actors
https://github.com/WithSecureLabs/lolcerts

Читать полностью…

Hacker tricks

BadExclusionsNWBO: is an evolution from BadExclusions to identify folder custom or undocumented exclusions on AV/EDR
https://github.com/iamagarre/BadExclusionsNWBO

Читать полностью…

Hacker tricks

Puckungfu 2: Another NETGEAR WAN Command Injection
https://research.nccgroup.com/2024/02/09/puckungfu-2-another-netgear-wan-command-injection

Читать полностью…

Hacker tricks

NativeThreadpool: Worker and timer callback example using solely Native Windows APIs
https://github.com/fin3ss3g0d/NativeThreadpool

Читать полностью…
Подписаться на канал