hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

naively bypassing new memory scanning POCs
https://sillywa.re/posts/flower-da-flowin-shc

Читать полностью…

Hacker tricks

Process Hypnosis: Debugger assisted control flow hijack
https://github.com/CarlosG13/Process-Hypnosis-Debugger-assisted-control-flow-hijack

Читать полностью…

Hacker tricks

PoC Anti-Rootkit to uncover Windows Drivers/Rootkits mapped to Kernel Memory
https://github.com/eversinc33/unKover

Читать полностью…

Hacker tricks

Project that generates Malicious Office Macro Enabled Dropper for DLL SideLoading and Embed it in Lnk file to bypass MOTW
https://github.com/SaadAhla/dropper

Читать полностью…

Hacker tricks

Fake-SMS: How Deep Does the Rabbit Hole Really Go?
aleksamajkic/fake-sms-how-deep-does-the-rabbit-hole-really-go-17e25c42f986" rel="nofollow">https://medium.com/@aleksamajkic/fake-sms-how-deep-does-the-rabbit-hole-really-go-17e25c42f986

Читать полностью…

Hacker tricks

Windows Kernel Pool (clfs.sys) Corruption Privilege Escalation (CVE-2023-36424)
https://github.com/Nassim-Asrir/CVE-2023-36424
Fortinet FortiClient EMS SQL Injection
https://github.com/horizon3ai/CVE-2023-48788

Читать полностью…

Hacker tricks

nimvoke: Indirect syscalls + DInvoke made simple
https://github.com/nbaertsch/nimvoke

Читать полностью…

Hacker tricks

Pwn2Own Vancouver 2024 - Day One Results
https://www.zerodayinitiative.com/blog/2024/3/20/pwn2own-vancouver-2024-day-one-results

Читать полностью…

Hacker tricks

Making desync attacks easy with TRACE
https://portswigger.net/research/trace-desync-attack

Читать полностью…

Hacker tricks

Aggressive scanning in bug bounty (and how to avoid it)
https://blog.intigriti.com/2024/03/18/aggressive-scanning-in-bug-bounty-and-how-to-avoid-it

Читать полностью…

Hacker tricks

Human 1 - sqlmap 0 :
defeating automation through manual exploitation
https://hackcommander.github.io/posts/2024/03/19/human-1-sqlmap-0-defeating-automation-through-manual-exploitation

Читать полностью…

Hacker tricks

asploit: One line command and control backdoors for APIs and web applications
https://github.com/Geeoon/asploit

Читать полностью…

Hacker tricks

Finding pastures new: An alternate approach for implant design
sapientflow/finding-pastures-new-an-alternate-approach-for-implant-design-644611c526ca" rel="nofollow">https://medium.com/@sapientflow/finding-pastures-new-an-alternate-approach-for-implant-design-644611c526ca

Читать полностью…

Hacker tricks

Achieving DLL Side-Loading in the Original Process
https://www.okiok.com/achieving-dll-side-loading-in-the-original-process

Читать полностью…

Hacker tricks

CloudInject: This is a simple tool which can be used to inject a DLL into third-party AD connectors to harvest credentials
https://github.com/xpn/CloudInject

Читать полностью…

Hacker tricks

This script Crawls the website and finds the URLs that contain html forms
https://github.com/dirtycoder0124/formcrawler

Читать полностью…

Hacker tricks

Proof of Concept script to exploit the authenticated SSTI+RCE in Grav CMS (CVE-2024-28116)
https://github.com/akabe1/Graver

Читать полностью…

Hacker tricks

Shellcode Loader is a common technique used to load malicious code into the target system's memory and execute them, often as part of malware
https://github.com/Cherno-x/MyShellcodeLoader

Читать полностью…

Hacker tricks

Perfect DLL Proxying using forwards with absolute paths
https://github.com/mrexodia/perfect-dll-proxy

Читать полностью…

Hacker tricks

Hacking Anything LLM via Reversing CVE’s(Duplicates)
https://basu-banakar.medium.com/hacking-anything-llm-via-reversing-cves-duplicates-4fbfde67463f

Читать полностью…

Hacker tricks

AzurEnum: Enumerate Microsoft Entra ID (Azure AD) fast
https://github.com/SySS-Research/azurenum

Читать полностью…

Hacker tricks

ADPT: Another Dll Proxying Tool is exactly what it sounds like, another tool that allows you to automate the exploitation of dll hijack/sideloading opportunities
https://github.com/Kudaes/ADPT

Читать полностью…

Hacker tricks

Pwned by the Mail Carrier
https://posts.specterops.io/pwned-by-the-mail-carrier-0750edfad43b

Читать полностью…

Hacker tricks

Abusing the DHCP Administrators Group to Escalate Privileges in Windows Domains
https://www.akamai.com/blog/security-research/abusing-dhcp-administrators-group-for-privilege-escalation-in-windows-domains

Читать полностью…

Hacker tricks

Android Jetpack Navigation: Deep Links Handling Exploitation
https://swarm.ptsecurity.com/android-jetpack-navigation-deep-links-handling-exploitation

Читать полностью…

Hacker tricks

HttpRemotingObjRefLeak: Additional resources for leaking and exploiting ObjRefs via HTTP .NET Remoting
https://github.com/codewhitesec/HttpRemotingObjRefLeak

Читать полностью…

Hacker tricks

SO-CON 2024 Presentation Archive
https://github.com/SpecterOps/presentations/tree/master/SO-CON%202024

Читать полностью…

Hacker tricks

Leveraging the Direct Pointer A Stealthy Maneuver in Evasion Tactics
https://lsecqt.github.io/Red-Teaming-Army/malware-development/leveraging-the-direct-pointer---a-stealthy-maneuver-in-evasion-tactics

Читать полностью…

Hacker tricks

AI Powered Terminal Based Ethical Hacking Assistant
https://github.com/berylliumsec/neutron

Читать полностью…

Hacker tricks

DLL proxy load example using the Windows thread pool API, I/O completion callback with named pipes, and C++/assembly
https://github.com/fin3ss3g0d/IoDllProxyLoad

Читать полностью…
Подписаться на канал