Bypassing DOMPurify with good old XML
https://flatt.tech/research/posts/bypassing-dompurify-with-good-old-xml
Tapping into the potential of Memory Dump Emulation
https://blahcat.github.io/posts/2024/01/27/tapping-into-the-potential-of-memory-dump-emulation
NetScout: OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL
https://github.com/caio-ishikawa/netscout
SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access
https://redsiege.com/blog/2024/04/sshishing-abusing-shortcut-files-and-the-windows-ssh-client-for-initial-access
Beyond Detection SMB Staging for Antivirus Evasion
https://lsecqt.github.io/Red-Teaming-Army/malware-development/beyond-detection-smb-staging-for-antivirus-evasion
K8S and Docker Vulnerability Check for CVE-2024-3094
https://github.com/teyhouse/CVE-2024-3094
identify and fix installations of xz-utils affected by the CVE-2024-3094 vulnerability
https://github.com/alokemajumder/CVE-2024-3094-Vulnerability-Checker-Fixer
An ssh honeypot with the XZ backdoor CVE-2024-3094
https://github.com/lockness-Ko/xz-vulnerable-honeypot
A list of useful tools for Malware Analysis
https://github.com/ashemery/malware-tools
64-bit Linux Assembly and Shellcoding
https://www.hackingarticles.in/64-bit-linux-assembly-and-shellcoding
SeeSeeYouExec: Windows Session Hijacking via CcmExec
https://cloud.google.com/blog/topics/threat-intelligence/windows-session-hijacking-via-ccmexec
Custom scan profiles for use with Burp Suite Pro
https://github.com/TheGetch/Burp-Suite-Pro-Scan-Profiles
how to look for Leaked Credentials
https://github.com/h4x0r-dz/Leaked-Credentials
A improved memory obfuscation primitive using a combination of special and 'normal' Asynchronous Procedural Calls
https://github.com/realoriginal/grimreaper
Bash Injection Without Alphabets | picoCTF 2024 Writeup
https://me-ankeet.medium.com/bash-injection-without-alphabets-picoctf-2024-writeup-sansalpha-be70a37ce6eb
Kerberos II - Credential Access
part1: https://labs.lares.com/fear-kerberos-pt1
part2: https://labs.lares.com/fear-kerberos-pt2
Leak NTLM via Website tab in teams via MS Office
https://github.com/soufianetahiri/TeamsNTLMLeak
CVE-2024-1086 Linux kernel LPE
https://github.com/notselwyn/cve-2024-1086
SharePoint not so 0day
https://github.com/testanull/SharePoint-not-so-0day
Chaining N-days to Compromise All: Part 2 — Windows Kernel LPE (a.k.a Chrome Sandbox Escape)
https://blog.theori.io/chaining-n-days-to-compromise-all-part-2-windows-kernel-lpe-a-k-a-chrome-sandbox-escape-44cb49d7a4f8
SharpConflux is a .NET application built to facilitate Confluence exploration
https://github.com/nettitude/SharpConflux
xzbot: notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094)
https://github.com/amlweems/xzbot
This project aims to provide a fully functional, from-scratch alternative to the Cobalt Strike Beacon, providing transparency and flexibility to security professionals and enthusiasts.This project is not a reverse-engineered version of the Cobalt Strike Beacon, but a complete open source implementation. The "settings.h" file contains macros for the C2 configuration file and the user should complete it to their liking. Once you have your "settings.h" template ready, feel free to share and contribute
https://github.com/kyxiaxiang/Beacon_Source
TP-Link ER7206 Omada Gigabit VPN Router uhttpd freeStrategy Command injection Vulnerability
https://github.com/Mr-xn/CVE-2023-43482
FAQ on the xz-utils backdoor
https://gist.github.com/thesamesam/223949d5a074ebc3dce9ee78baad9e27
assist in bug bounty and web application enumeration tasks
https://github.com/HernanRodriguez1/EnumParameter
Everything I Know About the Xz Backdoor
https://boehs.org/node/everything-i-know-about-the-xz-backdoor
backdoor in upstream xz/liblzma leading to ssh server compromise
https://www.openwall.com/lists/oss-security/2024/03/29/4
LPE exploit for CVE-2024-0582 (io_uring)
https://github.com/ysanatomic/io_uring_LPE-CVE-2024-0582
In-the-Wild Windows LPE 0-days: Insights & Detection Strategies
https://www.elastic.co/security-labs/category/security-operations
Collection of notes, useful resources, list of tools and scripts related to Threat Detection & Incident Response
https://github.com/Jean-Francois-C/Threat-Detection-and-Incident-Response
ChaiLdr: AV Evasive Payload Loader
AV bypass while you sip your Chai!
https://github.com/Cipher7/ChaiLdr
1500$: CR/LF Injection
a13h1/1500-cr-lf-injection-0d2a75f02ef3" rel="nofollow">https://medium.com/@a13h1/1500-cr-lf-injection-0d2a75f02ef3
Abusing MiniFilter Altitude to blind EDR
https://tierzerosecurity.co.nz/2024/03/27/blind-edr.html
CspReconGo: is a command-line tool designed for cybersecurity analysts, web developers, and IT professionals
https://github.com/jhaddix/CSPReconGO