hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

Finding pastures new: An alternate approach for implant design
sapientflow/finding-pastures-new-an-alternate-approach-for-implant-design-644611c526ca" rel="nofollow">https://medium.com/@sapientflow/finding-pastures-new-an-alternate-approach-for-implant-design-644611c526ca

Читать полностью…

Hacker tricks

Achieving DLL Side-Loading in the Original Process
https://www.okiok.com/achieving-dll-side-loading-in-the-original-process

Читать полностью…

Hacker tricks

CloudInject: This is a simple tool which can be used to inject a DLL into third-party AD connectors to harvest credentials
https://github.com/xpn/CloudInject

Читать полностью…

Hacker tricks

Subdomain Fuzzing worth 35k bounty!
HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc" rel="nofollow">https://medium.com/@HX007/subdomain-fuzzing-worth-35k-bounty-daebcb56d9bc
Insecure Authentication - Deep Dive
https://cyberbull.medium.com/insecure-authentication-deep-dive-aa3530fff3e1

Читать полностью…

Hacker tricks

Weaponizing Windows Thread Pool APIs: Proxying DLL Loads Using I/O Completion Callbacks
https://fin3ss3g0d.net/index.php/2024/03/18/weaponizing-windows-thread-pool-apis-proxying-dll-loads

Читать полностью…

Hacker tricks

How to Emulate a Ransomware Attack
https://practicalsecurityanalytics.com/how-to-emulate-a-ransomware-attack

Читать полностью…

Hacker tricks

Overview of GLIBC heap exploitation techniques
https://0x434b.dev/overview-of-glibc-heap-exploitation-techniques

Читать полностью…

Hacker tricks

CobaltStrike post-penetration automation chain based on OPSEC
https://github.com/lintstar/CS-AutoPostChain

Читать полностью…

Hacker tricks

jsmug: A PoC code for JSON Smuggling technique to smuggle arbitrary files through JSON
https://github.com/xscorp/jsmug

Читать полностью…

Hacker tricks

SymProcSleuth: A pure C version of SymProcAddress
https://github.com/a7t0fwa7/SymProcSleuth

Читать полностью…

Hacker tricks

From LDAP injection till System Privileges
ippll/from-ldap-injection-till-system-privileges-f0a25fa41b97" rel="nofollow">https://medium.com/@ippll/from-ldap-injection-till-system-privileges-f0a25fa41b97

Читать полностью…

Hacker tricks

mindgraph: proof of concept prototype for generating and querying against a large knowledge graph with ai
https://github.com/yoheinakajima/mindgraph

Читать полностью…

Hacker tricks

Unveiling the depths of Residential Proxies providers
https://blog.sekoia.io/unveiling-the-depths-of-residential-proxies-providers

Читать полностью…

Hacker tricks

CVE-2024-2432 Palo Alto GlobalProtect EoP
https://github.com/Hagrid29/CVE-2024-2432-PaloAlto-GlobalProtect-EoP

Читать полностью…

Hacker tricks

Infected text editors load backdoor into macOS
https://securelist.com/trojanized-text-editor-apps
CVE-2024-21412: DarkGate Operators Exploit Microsoft Windows SmartScreen Bypass in Zero-Day Campaign
https://www.trendmicro.com/en_us/research/24/c/cve-2024-21412--darkgate-operators-exploit-microsoft-windows-sma

Читать полностью…

Hacker tricks

Leveraging the Direct Pointer A Stealthy Maneuver in Evasion Tactics
https://lsecqt.github.io/Red-Teaming-Army/malware-development/leveraging-the-direct-pointer---a-stealthy-maneuver-in-evasion-tactics

Читать полностью…

Hacker tricks

AI Powered Terminal Based Ethical Hacking Assistant
https://github.com/berylliumsec/neutron

Читать полностью…

Hacker tricks

DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
https://github.com/fin3ss3g0d/IoDllProxyLoad

Читать полностью…

Hacker tricks

Hook, Line and Sinker: Phishing Windows Hello for Business
yudasm/bypassing-windows-hello-for-business-for-phishing-181f2271dc02" rel="nofollow">https://medium.com/@yudasm/bypassing-windows-hello-for-business-for-phishing-181f2271dc02

Читать полностью…

Hacker tricks

From Error to Entry: Cracking the Code of Password-Spraying Tools
https://trustedsec.com/blog/from-error-to-entry-cracking-the-code-of-password-spraying-tools

Читать полностью…

Hacker tricks

Poisoned Pipeline Execution Attacks: A Look at CI-CD Environments
https://bishopfox.com/blog/poisoned-pipeline-attack-execution-a-look-at-ci-cd-environments

Читать полностью…

Hacker tricks

Identity Providers for RedTeamers
https://blog.xpnsec.com/identity-providers-redteamers

Читать полностью…

Hacker tricks

Various resources to enhance Cobalt Strike's functionality and its ability to evade antivirus/EDR detection
https://github.com/RedefiningReality/Cobalt-Strike

Читать полностью…

Hacker tricks

Todesstern: A simple mutator engine which focuses on finding unknown classes of injection vulnerabilities
https://github.com/kleiton0x00/Todesstern

Читать полностью…

Hacker tricks

Mastering Cyber Threat Intelligence with Obsidian
https://bank-security.medium.com/mastering-cyber-threat-intelligence-with-obsidian-cef6052a0d02

Читать полностью…

Hacker tricks

CVE-2024-21407 PoC: Windows Hyper-V RCE
https://github.com/swagcrafte/CVE-2024-21407-POC
A PoC exploit for CVE-2023-43208 - Mirth Connect RCE
https://github.com/K3ysTr0K3R/CVE-2023-43208-EXPLOIT

Читать полностью…

Hacker tricks

Program to Inject a DLL into a process from memory
https://github.com/BlackHat-Ashura/Reflective_DLL_Injection

Читать полностью…

Hacker tricks

SANS Offensive CTF — JavaScript☕::001–004
https://infosecwriteups.com/sans-offensive-ctf-javascript-001-004-8737ad95c617

Читать полностью…

Hacker tricks

NoArgs: is a tool designed to dynamically spoof and conceal process arguments while staying undetected. It achieves this by hooking into Windows APIs to dynamically manipulate the Windows internals on the go
https://github.com/oh-az/NoArgs

Читать полностью…

Hacker tricks

A patched Windows attack surface is still exploitable
https://securelist.com/windows-vulnerabilities

Читать полностью…
Подписаться на канал