cookie

Мы используем файлы cookie для улучшения сервиса. Нажав кнопку «Принять все», вы соглашаетесь с использованием cookies.

avatar

Hacker tricks

CVEs🔰 Tools🛠 RedTeam📕

Больше
Рекламные посты
3 038
Подписчики
Нет данных24 часа
+167 дней
+5430 дней
Время активного постинга

Загрузка данных...

Find out who reads your channel

This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.
Views Sources
Анализ публикаций
ПостыПросмотры
Поделились
Динамика просмотров
01
Active Directory Methodology in Pentesting: A Comprehensive Guide https://medium.com/@verylazytech/active-directory-methodology-in-pentesting-a-comprehensive-guide-fa7e8e5ff9d3
2046Loading...
02
Off-path TCP hijacking in NAT-enabled Wi-Fi networks https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks
2011Loading...
03
Progressive Web Apps (PWA) on Windows - forensics and detection of use https://www.boredhackerblog.info/2024/06/progressive-web-apps-pwa-on-windows.html
1970Loading...
04
Preauth RCE on NVIDIA Triton Server https://sites.google.com/site/zhiniangpeng/blogs/Triton-RCE
1971Loading...
05
VOIDGATE: A technique that can be used to bypass AV/EDR memory scanners https://github.com/vxCrypt0r/Voidgate EDR-XDR-AV-Killer: Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver https://github.com/EvilBytecode/EDR-XDR-AV-Killer
1984Loading...
06
Python tool to check rootkits in Windows kernel https://github.com/ExaTrack/Kdrill
1882Loading...
07
Section-based payload obfuscation technique for x64 https://github.com/pygrum/gimmick
1844Loading...
08
From Clipboard to Compromise: A PowerShell Self-Pwn https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn
2845Loading...
09
Analysis of user password strength https://securelist.com/passworde-brute-force-time
2742Loading...
10
Attack Paths Into VMs in the Cloud https://unit42.paloaltonetworks.com/cloud-virtual-machine-attack-vectors
2742Loading...
11
Analysis of user password strength https://securelist.com/passworde-brute-force-time
10Loading...
12
Feeding the Phishes https://posts.specterops.io/feeding-the-phishes-276c3579bba7
2743Loading...
13
Exploit for CVE-2024-23692 Unauthenticated RCE Flaw in Rejetto HTTP File Server https://github.com/0x20c/CVE-2024-23692-EXP
2751Loading...
14
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability https://github.com/scs-labrat/android_autorooter
2681Loading...
15
Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense https://github.com/EvilBytecode/Keylogger
2634Loading...
16
Spoofing PowerShell Security Logs and Bypassing AMSI Without Reflection or Patching https://bc-security.org/scriptblock-smuggling ScriptBlock-Smuggling: https://github.com/BC-SECURITY/ScriptBlock-Smuggling
3254Loading...
17
Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability
3203Loading...
18
Malware Development Part 5: DLL injection into the process Part 6: DLL hijacking Part 7: Advanced Code Injection
3465Loading...
19
Bloxstrap-Persistance: modifies Bloxstrap's settings (Settings.json) to add persistent integrations, showcasing how applications can be exploited https://github.com/EvilBytecode/Bloxstrap-Persistance
3272Loading...
20
Iconv, set the charset to RCE: Exploiting the glibc to hack the PHP engine (part 2) https://www.ambionics.io/blog/iconv-cve-2024-2961-p2
3310Loading...
21
CVE-2024-20693: Windows cached code signature manipulation https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation
3181Loading...
22
Abusing title reporting and tmux integration in iTerm2 for code execution https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html
3130Loading...
23
DLL Jmping: Old Hollow Trampolines in Windows DLL Land https://www.blackhillsinfosec.com/dll-jmping
3061Loading...
24
VBA: having fun with macros, overwritten pointers & R/W/X memory https://adepts.of0x.cc/vba-hijack-pointers-rwa
3413Loading...
25
Simple analyze about CVE-2024-30080 MSMQ RCE https://whereisk0shl.top/post/simple-analyze-about-cve-2024-30080
3250Loading...
26
Recon2024 Demo: Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible https://github.com/tandasat/recon2024_demo
3272Loading...
27
A simple commandline application to automatically decrypt strings from Obfuscator protected binaries https://github.com/cod3nym/Deobfuscar
3264Loading...
28
Hunting APT41 TTPs https://montysecurity.medium.com/hunting-apt41-ttps-f47e9dd9a7d5
3684Loading...
29
CVE-2024-4577 Argument injection vulnerability in PHP https://github.com/gotr00t0day/CVE-2024-4577 CVE-2024-24590 ClearML RCE & CMD PoC https://github.com/diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC
3694Loading...
30
CVE-2024-30078 Windows Wi-Fi Driver RCE Detection and Command Execution Script https://github.com/alperenugurlu/CVE-2024-30078-
3705Loading...
31
A simple crossplatform heuristic PE-analyzer https://github.com/DosX-dev/PE-LiteScan
400Loading...
32
Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces
4051Loading...
33
This repository was created in conjunction with a Packer Development Workshop held at x33fcon 2024 by S3cur3Th1sSh1t and eversinc33. It contains the Slides of the presentation plus code snippets in different programming languages for offensive Packer Development https://github.com/rtecCyberSec/Packer_Development
4053Loading...
34
string encryption in Nim https://github.com/S3cur3Th1sSh1t/nim-strenc
1680Loading...
35
Search & Spoof: Abuse of Windows Search to Redirect to Malware https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/search-spoof-abuse-of-windows-search-to-redirect-to-malware
4223Loading...
36
Mapping Snowflake’s Access Landscape https://posts.specterops.io/mapping-snowflakes-access-landscape-3bf232251945
3900Loading...
37
RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP https://github.com/0xEr3bus/RdpStrike
3956Loading...
38
RdpStrike: Mapping Snowflake’s Access Landscape https://posts.specterops.io/mapping-snowflakes-access-landscape-3bf232251945
10Loading...
39
RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP https://github.com/0xEr3bus/RdpStrike
10Loading...
40
Exploiting ML models with pickle file attacks Part 1 ○● Part 2
4282Loading...
Показать все...
Показать все...
Progressive Web Apps (PWA) on Windows - forensics and detection of use https://www.boredhackerblog.info/2024/06/progressive-web-apps-pwa-on-windows.html
Показать все...
Показать все...
VOIDGATE: A technique that can be used to bypass AV/EDR memory scanners https://github.com/vxCrypt0r/Voidgate EDR-XDR-AV-Killer: Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver https://github.com/EvilBytecode/EDR-XDR-AV-Killer
Показать все...
Python tool to check rootkits in Windows kernel https://github.com/ExaTrack/Kdrill
Показать все...
Section-based payload obfuscation technique for x64 https://github.com/pygrum/gimmick
Показать все...
Показать все...
Analysis of user password strength https://securelist.com/passworde-brute-force-time
Показать все...
Показать все...
Войдите и получите доступ к детальной информации

Мы откроем вам доступ после авторизации. Мы обещаем, это быстро!