Hacker tricks
2 991
مشترکین
+124 ساعت
+527 روز
+27530 روز
توزیع زمان ارسال
در حال بارگیری داده...
Find out who reads your channel
This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.
تجزیه و تحلیل انتشار
| پست ها | بازدید ها | به اشتراک گذاشته شده | ديناميک بازديد ها |
01 Nuking Weak Shellcode Hacker Hashes
https://karma-x.io/blog/post/30 | 102 | 1 | Loading... |
02 Offensive IoT for Red Team Implants (Part 3)
https://www.blackhillsinfosec.com/offensive-iot-for-red-team-implants-part-3 | 100 | 1 | Loading... |
03 Format String Exploitation: A Hands-On Exploration for Linux
https://blog.nviso.eu/2024/05/23/format-string-exploitation-a-hands-on-exploration-for-linux | 102 | 1 | Loading... |
04 Official writeups for Business CTF 2024: The Vault Of Hope
https://github.com/hackthebox/business-ctf-2024 | 104 | 1 | Loading... |
05 TrollAMSI: This new technique is called "Reflection with method swapping"
https://github.com/cybersectroll/TrollAMSI | 102 | 3 | Loading... |
06 2. PoC:
https://github.com/W01fh4cker/CVE-2024-21683-RCE | 102 | 1 | Loading... |
07 LetMeowIn – Analysis of a Credential Dumper
https://www.binarydefense.com/resources/blog/letmeowin-analysis-of-a-credential-dumper | 168 | 3 | Loading... |
08 Java (JSP) - Bring Your Own Jar
https://red.0xbad53c.com/red-team-operations/initial-access/webshells/java-jsp-bring-your-own-jar | 166 | 1 | Loading... |
09 ANSI Escape Injection Vulnerability in WinRAR
https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983 | 164 | 4 | Loading... |
10 Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323)
https://www.tenable.com/blog/linguistic-lumberjack-attacking-cloud-services-via-logging-endpoints-fluent-bit-cve-2024-4323 | 166 | 2 | Loading... |
11 CVE-2024-21683 RCE in Confluence Data Center and Server
https://github.com/absholi7ly/-CVE-2024-21683-RCE-in-Confluence-Data-Center-and-Server | 153 | 3 | Loading... |
12 DPRK-Research: Tools to analyze malware from APT groups associated with DPRK
https://github.com/errbody/DPRK-Research | 166 | 2 | Loading... |
13 no-defender: A slightly more fun way to disable windows defender. (through the WSC api)
https://github.com/es3n1n/no-defender | 164 | 7 | Loading... |
14 Bypassing Windows Defender
https://0xstarlight.github.io/posts/Bypassing-Windows-Defender | 268 | 6 | Loading... |
15 Mystique Self-Injection: represents an advancement over the Mockingjay Self-Injection method by eliminating the dependency on a trusted DLL with RWX sections
https://github.com/thiagopeixoto/mystique-self-injection | 265 | 4 | Loading... |
16 Abusing url handling in iTerm2 and Hyper for code execution
https://vin01.github.io/piptagole/escape-sequences/iterm2/hyper/url-handlers/code-execution/2024/05/21/arbitrary-url-schemes-terminal-emulators | 317 | 1 | Loading... |
17 Authentication Bypass due to Sensitive Data Exposure in Local Storage
https://medium.com/@kritikasingh06/authentication-bypass-due-to-sensitive-data-exposure-in-local-storage-8a706c798800 | 315 | 1 | Loading... |
18 JS-Tap Mark II: Now with C2 Shenanigans
https://trustedsec.com/blog/js-tap-mark-ii-now-with-c2-shenanigans | 152 | 0 | Loading... |
19 TrollUAC: UAC bypass for x64
https://github.com/cybersectroll/TrollUAC | 312 | 3 | Loading... |
20 Bypass authentication GitHub Enterprise Server CVE-2024-4985
https://github.com/absholi7ly/Bypass-authentication-GitHub-Enterprise-Server | 305 | 2 | Loading... |
21 How I Hacked NASA LDAP Server
https://medium.com/@maxcyber882/how-i-hacked-nasa-ldap-server-b7cbb8cd0eee | 341 | 5 | Loading... |
22 Microsoft Entra Connect: Connect Sync vs Cloud Sync
https://tierzerosecurity.co.nz/2024/05/21/ms-entra-connect-sync-mothods.html | 338 | 0 | Loading... |
23 awrbacs: AWACS for RBAC. Tool for auditing CRUD permissions in Kubernetes' RBAC.
https://github.com/lobuhi/awrbacs | 331 | 0 | Loading... |
24 CVE-2024-4367 arbitrary js execution in pdf js
https://github.com/s4vvysec/CVE-2024-4367-POC | 328 | 7 | Loading... |
25 100 Days in AI: From Beginner to Advanced
https://github.com/h9-tect/100days_AI | 1 | 0 | Loading... |
26 HTB Sherlock: Logjammer is a neat look at some Windows event log analysis
https://0xdf.gitlab.io/2024/05/16/htb-sherlock-logjammer | 64 | 0 | Loading... |
27 CVE-2023-34992: Fortinet FortiSIEM Command Injection Deep-Dive
https://www.horizon3.ai/attack-research/cve-2023-34992-fortinet-fortisiem-command-injection-deep-dive | 387 | 4 | Loading... |
28 ADFSDump-PS: PowerShell Implementation of ADFSDump to assist with GoldenSAML
https://github.com/ZephrFish/ADFSDump-PS | 397 | 7 | Loading... |
29 CVE-2024-22120 Time Based SQL Injection
in Zabbix Server Audit Log --> RCE
https://github.com/W01fh4cker/CVE-2024-22120-RCE | 391 | 3 | Loading... |
30 Analyzing JavaScript Files To Find Bugs
https://rajput623929.medium.com/analyzing-javascript-files-to-find-bugs-2b7d67a52c4e | 441 | 7 | Loading... |
31 JNDI Injection — The Complete Story
https://infosecwriteups.com/jndi-injection-the-complete-story-4c5bfbb3f6e1 | 431 | 5 | Loading... |
32 IP-Hunter:
Hunt for C2 servers and phishing web sites using VirusTotal API , you can modify code to kill the malicious process
https://github.com/SaadAhla/IP-Hunter | 409 | 5 | Loading... |
33 Everything and anything related to password spraying
https://github.com/puzzlepeaches/awesome-password-spraying | 461 | 10 | Loading... |
34 PoC for CVE-2024-32002 Git submodules RCE
https://github.com/safebuffer/CVE-2024-32002 | 443 | 5 | Loading... |
35 Chrome bug chain on Viz & v8 (May 2024)
https://zerodayengineering.com/insights/chrome-viz-v8-wasm | 484 | 4 | Loading... |
36 Understanding Malware Patching: Resources
https://medium.com/phrozen/understanding-malware-patching-resources-81650bb6190d | 470 | 7 | Loading... |
37 Extract information, finding People in Dark Web and Surfaceweb
https://github.com/CyberSecurityUP/HermitPurple-Maltegoce | 450 | 4 | Loading... |
38 Freeway: WiFi Penetration Testing & Auditing Tool
https://github.com/FLOCK4H/Freeway | 445 | 11 | Loading... |
39 Payload Trends in Malicious OneNote Samples
https://unit42.paloaltonetworks.com/payloads-in-malicious-onenote-samples | 489 | 6 | Loading... |
40 Muraider - Automating the detection & Exploitation of CVE-2024-32640 \ SQLi in Mura/Masa CMS
https://github.com/Stuub/CVE-2024-32640-SQLI-MuraCMS
PoC for LPE bug in xbox gaming service
https://github.com/Wh04m1001/GamingServiceEoP5
PoC for CVE-2024-29895 Cacti RCE
https://github.com/Stuub/CVE-2024-29895-CactiRCE-PoC
PoC for CVE-2024-27130 QNAP RCE
https://github.com/watchtowrlabs/CVE-2024-27130
Apache-OFBiz-Directory-Traversal-exploit
https://github.com/absholi7ly/Apache-OFBiz-Directory-Traversal-exploit | 487 | 7 | Loading... |
Offensive IoT for Red Team Implants (Part 3)
https://www.blackhillsinfosec.com/offensive-iot-for-red-team-implants-part-3
Format String Exploitation: A Hands-On Exploration for Linux
https://blog.nviso.eu/2024/05/23/format-string-exploitation-a-hands-on-exploration-for-linux
Official writeups for Business CTF 2024: The Vault Of Hope
https://github.com/hackthebox/business-ctf-2024
TrollAMSI: This new technique is called "Reflection with method swapping"
https://github.com/cybersectroll/TrollAMSI
LetMeowIn – Analysis of a Credential Dumper
https://www.binarydefense.com/resources/blog/letmeowin-analysis-of-a-credential-dumper
Java (JSP) - Bring Your Own Jar
https://red.0xbad53c.com/red-team-operations/initial-access/webshells/java-jsp-bring-your-own-jar
ANSI Escape Injection Vulnerability in WinRAR
https://sdushantha.medium.com/ansi-escape-injection-vulnerability-in-winrar-a2cbfac4b983
Linguistic Lumberjack: Attacking Cloud Services via Logging Endpoints (Fluent Bit - CVE-2024-4323)
https://www.tenable.com/blog/linguistic-lumberjack-attacking-cloud-services-via-logging-endpoints-fluent-bit-cve-2024-4323