hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
https://github.com/amlweems/xzbot

Читать полностью…

Hacker tricks

This project aims to provide a fully functional, from-scratch alternative to the Cobalt Strike Beacon, providing transparency and flexibility to security professionals and enthusiasts.This project is not a reverse-engineered version of the Cobalt Strike Beacon, but a complete open source implementation. The "settings.h" file contains macros for the C2 configuration file and the user should complete it to their liking. Once you have your "settings.h" template ready, feel free to share and contribute
https://github.com/kyxiaxiang/Beacon_Source

Читать полностью…

Hacker tricks

TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability
https://github.com/Mr-xn/CVE-2023-43482

Читать полностью…

Hacker tricks

FAQ on the xz-utils backdoor
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27

Читать полностью…

Hacker tricks

assist in bug bounty and web application enumeration tasks
https://github.com/HernanRodriguez1/EnumParameter

Читать полностью…

Hacker tricks

Everything I Know About the Xz Backdoor
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
backdoor in upstream xz/liblzma leading to ssh server compromise
https://www.openwall.com/lists/oss-security/2024/03/29/4

Читать полностью…

Hacker tricks

LPE exploit for CVE-2024-0582 (io_uring)
https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582
In-the-Wild Windows LPE 0-days: Insights & Detection Strategies
https://www.elastic.co/security-labs/category/security-operations

Читать полностью…

Hacker tricks

Collection of notes, useful resources, list of tools and scripts related to Threat Detection & Incident Response
https://github.com/Jean-Francois-C/Threat-Detection-and-Incident-Response

Читать полностью…

Hacker tricks

ChaiLdr: AV Evasive Payload Loader
AV bypass while you sip your Chai!
https://github.com/Cipher7/ChaiLdr

Читать полностью…

Hacker tricks

1500$: CR/LF Injection
a13h1/1500-cr-lf-injection-0d2a75f02ef3" rel="nofollow">https://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3

Читать полностью…

Hacker tricks

Library of BOFs to interact with SQL servers
https://github.com/Tw1sm/SQL-BOF

Читать полностью…

Hacker tricks

Abusing MiniFilter Altitude to blind EDR
https://tierzerosecurity.co.nz/2024/03/27/blind-edr.html

Читать полностью…

Hacker tricks

CspReconGo: is a command-line tool designed for cybersecurity analysts, web developers, and IT professionals
https://github.com/jhaddix/CSPReconGO

Читать полностью…

Hacker tricks

ShadowRay: First Known Attack Campaign Targeting AI Workloads Actively Exploited In The Wild
https://www.oligo.security/blog/shadowray-attack-ai-workloads-actively-exploited-in-the-wild

Читать полностью…

Hacker tricks

Hacking the Giant: How I Discovered Google’s Vulnerability and Hall of Fame Recognition
hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a" rel="nofollow">https://medium.com/@hncaga/hacking-the-giant-how-i-discovered-googles-vulnerability-and-hall-of-fame-recognition-694a9c18684a

Читать полностью…

Hacker tricks

SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access
https://redsiege.com/blog/2024/04/sshishing-abusing-shortcut-files-and-the-windows-ssh-client-for-initial-access

Читать полностью…

Hacker tricks

Beyond Detection SMB Staging for Antivirus Evasion
https://lsecqt.github.io/Red-Teaming-Army/malware-development/beyond-detection-smb-staging-for-antivirus-evasion

Читать полностью…

Hacker tricks

K8S and Docker Vulnerability Check for CVE-2024-3094
https://github.com/teyhouse/CVE-2024-3094
identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability
https://github.com/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer

Читать полностью…

Hacker tricks

An ssh honeypot with the XZ backdoor CVE-2024-3094
https://github.com/lockness-Ko/xz-vulnerable-honeypot

Читать полностью…

Hacker tricks

A list of useful tools for Malware Analysis
https://github.com/ashemery/malware-tools

Читать полностью…

Hacker tricks

64-bit Linux Assembly and Shellcoding
https://www.hackingarticles.in/64-bit-linux-assembly-and-shellcoding
SeeSeeYouExec: Windows Session Hijacking via CcmExec
https://cloud.google.com/blog/topics/threat-intelligence/windows-session-hijacking-via-ccmexec

Читать полностью…

Hacker tricks

Custom scan profiles for use with Burp Suite Pro
https://github.com/TheGetch/Burp-Suite-Pro-Scan-Profiles
how to look for Leaked Credentials
https://github.com/h4x0r-dz/Leaked-Credentials

Читать полностью…

Hacker tricks

A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
https://github.com/realoriginal/grimreaper

Читать полностью…

Hacker tricks

Bash Injection Without Alphabets | picoCTF 2024 Writeup
https://me-ankeet.medium.com/bash-injection-without-alphabets-picoctf-2024-writeup-sansalpha-be70a37ce6eb

Читать полностью…

Hacker tricks

Kerberos II - Credential Access
part1: https://labs.lares.com/fear-kerberos-pt1
part2: https://labs.lares.com/fear-kerberos-pt2

Читать полностью…

Hacker tricks

Leak NTLM via Website tab in teams via MS Office
https://github.com/soufianetahiri/TeamsNTLMLeak

Читать полностью…

Hacker tricks

CVE-2024-1086 Linux kernel LPE
https://github.com/notselwyn/cve-2024-1086
SharePoint not so 0day
https://github.com/testanull/SharePoint-not-so-0day

Читать полностью…

Hacker tricks

Atexec-pro: Fileless atexec, no more need for port 445
https://github.com/Ridter/atexec-pro

Читать полностью…

Hacker tricks

Analyse, hunt and classify malware using .NET metadata
https://bartblaze.blogspot.com/2024/03/analyse-hunt-and-classify-malware-using.html

Читать полностью…

Hacker tricks

flower: a modified CONTEXT based ropchain to circumvent CFG-FindHiddenShellcode and EtwTi-FluctuationMonitor
https://github.com/xrombar/flower

Читать полностью…
Подписаться на канал