hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

Data Scientists Targeted by Malicious Hugging Face ML Models with Silent Backdoor
https://jfrog.com/blog/data-scientists-targeted-by-malicious-hugging-face-ml-models-with-silent-backdoor

Читать полностью…

Hacker tricks

SCCM Hierarchy Takeover with High Availability
https://posts.specterops.io/sccm-hierarchy-takeover-with-high-availability-7dcbd3696b43

Читать полностью…

Hacker tricks

Open a link, and your Wi-Fi password is changed
deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095" rel="nofollow">https://medium.com/@deadoverflow/open-a-link-and-your-wi-fi-password-is-changed-7c47ccb4d095

Читать полностью…

Hacker tricks

Unveiling custom packers: A comprehensive guide
https://estr3llas.github.io/unveiling-custom-packers-a-comprehensive-guide

Читать полностью…

Hacker tricks

ADCSCoercePotato: Yet another technique for coercing machine authentication but specific for ADCS server
https://github.com/decoder-it/ADCSCoercePotato

Читать полностью…

Hacker tricks

This repository contains Resources for malware development using Rust
https://github.com/Whitecat18/Rust-for-Malware-Development

Читать полностью…

Hacker tricks

Hello Lucee! Let us hack Apple again?
https://blog.projectdiscovery.io/hello-lucee-let-us-hack-apple-again

Читать полностью…

Hacker tricks

CLRInjector: A PoC .NET-specific process injection tool
https://github.com/bananabr/CLRInjector

Читать полностью…

Hacker tricks

toxicache: Golang scanner to find web cache poisoning vulnerabilities in a list of URLs and test multiple injection techniques.
https://github.com/xhzeem/toxicache

Читать полностью…

Hacker tricks

TinyTurla-NG in-depth tooling and command and control analysis
https://blog.talosintelligence.com/tinyturla-ng-tooling-and-c2

Читать полностью…

Hacker tricks

muddy: is a static string obfuscation library, designed to provide an easy way of avoiding simple static binary analysis tools such as strings or YARA rules
https://github.com/orph3usLyre/muddy-waters

Читать полностью…

Hacker tricks

A modern dashboard exploit for the original Microsoft Xbox
https://github.com/XboxDev/endgame-exploit
A Proof of Concept to exploit an authentication bypass to add a new administrative user in ConnectWise ScreenConnect
https://github.com/watchtowrlabs/connectwise-screenconnect_auth-bypass-add-user-poc
Nuclei template and information about the PoC for CVE-2024-25600 The Bricks theme for WordPress is vulnerable to RCE
https://github.com/Christbowel/CVE-2024-25600_Nuclei-Template

Читать полностью…

Hacker tricks

AS-REP Roasting
https://pentestlab.blog/2024/02/20/as-rep-roasting

Читать полностью…

Hacker tricks

RustRedOps: is a repository dedicated to gathering and sharing advanced techniques and offensive malware for Red Team, with a specific focus on the Rust language
https://github.com/joaoviictorti/RustRedOps

Читать полностью…

Hacker tricks

FormThief: is a project designed for spoofing Windows desktop login applications using WinForms and WPF
https://github.com/mlcsec/FormThief

Читать полностью…

Hacker tricks

Unveiling UAC-0184: The Steganography Saga of the IDAT Loader Delivering Remcos RAT
https://blog.morphisec.com/unveiling-uac-0184-the-remcos-rat-steganography-saga

Читать полностью…

Hacker tricks

Bypass Rate Limits on authentication endpoints like a pro………!
a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0" rel="nofollow">https://medium.com/@a13h1/bypass-rate-limits-on-authentication-endpoints-like-a-pro-2054460a43c0

Читать полностью…

Hacker tricks

I took over 10 Million Accounts, Easy API Hacking
https://ravaan21.medium.com/i-took-over-10-million-accounts-easy-api-hacking-89a7092abe40

Читать полностью…

Hacker tricks

A handy tool to explore various string encoding
https://github.com/unixzii/StringExplorer

Читать полностью…

Hacker tricks

Chunking CobaltStrike Payloads + Jump Method
https://github.com/DamonMohammadbagher/NativePayload_LocalCreateThread7

Читать полностью…

Hacker tricks

LockBit Attempts to Stay Afloat With a New Version
https://www.trendmicro.com/en_us/research/24/b/lockbit-attempts-to-stay-afloat-with-a-new-version

Читать полностью…

Hacker tricks

EPSS (Exploit Prediction Scoring System) is a framework used to assess the likelihood of a vulnerability being exploited
https://github.com/KaanSK/go-epss

Читать полностью…

Hacker tricks

AI ChatBot <= 4.8.9 - Unauthenticated SQL Injection via qc_wpbo_search_response
https://github.com/RandomRobbieBF/CVE-2023-5204
TP-Link NCXXX Authentication Bypass
https://ssd-disclosure.com/ssd-advisory-tp-link-ncxxx-authentication-bypass

Читать полностью…

Hacker tricks

Shelter: is a completely weaponized sleep obfuscation technique that allows to fully encrypt your in-memory payload making an extensive use of ROP
https://github.com/Kudaes/Shelter

Читать полностью…

Hacker tricks

Following MITRE's footsteps in analyzing malware behavior
https://blog.virustotal.com/2024/02/following-in-mitres-footsteps-and.html

Читать полностью…

Hacker tricks

SpawnWith: An experimental Beacon Object File (BOF) that provides an alternative to the spawnas and inject commands
https://github.com/rasta-mouse/SpawnWith

Читать полностью…

Hacker tricks

Account Takeover [It Looked Secure at First]
https://cristivlad.medium.com/account-takeover-it-looked-secure-at-first-f14a31cb7f5c
How I Hacked the Dutch Government: Exploiting an Innocent Image for Remote Code Execution
mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a" rel="nofollow">https://medium.com/@mukundbhuva/how-i-hacked-the-dutch-government-exploiting-an-innocent-image-for-remote-code-execution-df1fa936e46a

Читать полностью…

Hacker tricks

CVE-2023-50387 KeyTrap in DNS
https://github.com/knqyf263/CVE-2023-50387

Читать полностью…

Hacker tricks

Embedder is a collection of sources in different languages to embed Python interpreter with minimal dependencies
https://github.com/naksyn/Embedder

Читать полностью…

Hacker tricks

Beyond Process And Object Callbacks: An Unconventional Method
https://revers.engineering/beyond-process-and-object-callbacks-an-unconventional-method

Читать полностью…
Подписаться на канал