hacker_trick | Неотсортированное

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Подписаться на канал

Hacker tricks

How we escalated a DOM XSS to a sophisticated 1-click Account Takeover for $8000
Part: 1      ○●        Part: 2

Читать полностью…

Hacker tricks

AutoGeaconC2:
One-click reading of Profile and automatic generation of geacon to enable cross-platform launch of CobaltStrike
https://github.com/TryGOTry/AutoGeaconC2

Читать полностью…

Hacker tricks

interceptor: Sample Rust Hooking Engine
https://github.com/Kharos102/interceptor

Читать полностью…

Hacker tricks

Malware Development with C - Establishing Persistence
https://lsecqt.github.io/Red-Teaming-Army/malware-development/malware-development-with-c---basic-persistence

Читать полностью…

Hacker tricks

CVE-2024-30851: Jasmin ransomware web panel path traversal PoC
https://github.com/chebuya/CVE-2024-30851-jasmin-ransomware-path-traversal-poc

Читать полностью…

Hacker tricks

Don’t Trust the Cache: Exposing Web Cache Poisoning and Deception vulnerabilities
https://anasbetis023.medium.com/dont-trust-the-cache-exposing-web-cache-poisoning-and-deception-vulnerabilities-3a829f221f52

Читать полностью…

Hacker tricks

WIFI Credential Dumping
https://www.r-tec.net/r-tec-blog-wifi-credential-dumping.html

Читать полностью…

Hacker tricks

memhv: Minimalistic hypervisor with memory introspection capabilities
https://github.com/SamuelTulach/memhv

Читать полностью…

Hacker tricks

Dump lsass using only Native APIs by hand-crafting Minidump files (without MinidumpWriteDump!)
https://github.com/ricardojoserf/NativeDump

Читать полностью…

Hacker tricks

Rev-Shell: Basic script to generate reverse shell payloads, generally most used in ctf
https://github.com/washingtonP1974/Rev-Shell

Читать полностью…

Hacker tricks

From OneNote to RansomNote: An Ice Cold Intrusion
https://thedfirreport.com/2024/04/01/from-onenote-to-ransomnote-an-ice-cold-intrusion

Читать полностью…

Hacker tricks

Lord Of The Ring0 - Part 6 | Conclusion
https://idov31.github.io/posts/lord-of-the-ring0-p6

Читать полностью…

Hacker tricks

ImageIO, the infamous iOS Zero Click Attack Vector
https://r00tkitsmm.github.io/fuzzing/2024/03/29/iOSImageIO

Читать полностью…

Hacker tricks

Chaining N-days to Compromise All: Part 2 — Windows Kernel LPE (a.k.a Chrome Sandbox Escape)
https://blog.theori.io/chaining-n-days-to-compromise-all-part-2-windows-kernel-lpe-a-k-a-chrome-sandbox-escape-44cb49d7a4f8

Читать полностью…

Hacker tricks

SharpConflux is a .NET application built to facilitate Confluence exploration
https://github.com/nettitude/SharpConflux

Читать полностью…

Hacker tricks

D-Link NAS CVE-2024-3273 Exploit Tool
https://github.com/Chocapikk/CVE-2024-3273

Читать полностью…

Hacker tricks

c2-talk: Detecting Command and Control frameworks via Sysmon and Windows Event Logging
https://github.com/eric-conrad/c2-talk

Читать полностью…

Hacker tricks

AI Researcher: is an AI agent that utilizes Claude 3 and SERPAPI to perform comprehensive research on a given topic
https://github.com/mshumer/ai-researcher
FreeAskInternet: is a completely free, private and locally running search aggregator & answer generate using LLM, without GPU needed. The user can ask a question and the system will make a multi engine search and combine the search result to the ChatGPT3.5 LLM and generate the answer based on search results
https://github.com/nashsu/FreeAskInternet

Читать полностью…

Hacker tricks

script to enumerate users in a domain without known credentials using rid cycling and null session with rpcclient
https://gist.github.com/naksyn/8204c76cda2541e72668fa065ba94c09

Читать полностью…

Hacker tricks

The Human Element in Cybersecurity: Understanding Trust and Social Engineering
https://www.blackhillsinfosec.com/understanding-trust-and-social-engineering

Читать полностью…

Hacker tricks

Ivanti Connect Secure VPN Post-Exploitation Lateral Movement Case Studies
https://cloud.google.com/blog/topics/threat-intelligence/ivanti-post-exploitation-lateral-movement

Читать полностью…

Hacker tricks

GraphSpy: The Swiss Army Knife for Attacking M365 & Entra
https://insights.spotit.be/2024/04/05/graphspy-the-swiss-army-knife-for-attacking-m365-entra

Читать полностью…

Hacker tricks

RCE through Unsafe .Net Deserialization in Windows Event Viewer which leads to UAC bypass
https://github.com/CsEnox/EventViewer-UACBypass

Читать полностью…

Hacker tricks

Persistence – DLL Proxy Loading
https://pentestlab.blog/2024/04/03/persistence-dll-proxy-loading

Читать полностью…

Hacker tricks

PassTester: is a tool for finding user passwords that are most vulnerable to dictionary attacks
https://github.com/Elymaro/PassTester

Читать полностью…

Hacker tricks

Earth Freybug Uses UNAPIMON for Unhooking Critical APIs
https://www.trendmicro.com/en_us/research/24/d/earth-freybug

Читать полностью…

Hacker tricks

Apple CPU encryption hack
https://www.kaspersky.com/blog/apple-cpu-encryption-vulnerability

Читать полностью…

Hacker tricks

Bypassing DOMPurify with good old XML
https://flatt.tech/research/posts/bypassing-dompurify-with-good-old-xml

Читать полностью…

Hacker tricks

Tapping into the potential of Memory Dump Emulation
https://blahcat.github.io/posts/2024/01/27/tapping-into-the-potential-of-memory-dump-emulation

Читать полностью…

Hacker tricks

NetScout: OSINT tool that finds domains, subdomains, directories, endpoints and files for a given seed URL
https://github.com/caio-ishikawa/netscout

Читать полностью…
Подписаться на канал