Hacker tricks
3 038
Подписчики
Нет данных24 часа
+167 дней
+5430 дней
Время активного постинга
Загрузка данных...
Find out who reads your channel
This graph will show you who besides your subscribers reads your channel and learn about other sources of traffic.Анализ публикаций
Посты | Просмотры | Поделились | Динамика просмотров |
01 Active Directory Methodology in Pentesting: A Comprehensive Guide
https://medium.com/@verylazytech/active-directory-methodology-in-pentesting-a-comprehensive-guide-fa7e8e5ff9d3 | 204 | 6 | Loading... |
02 Off-path TCP hijacking in NAT-enabled Wi-Fi networks
https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks | 201 | 1 | Loading... |
03 Progressive Web Apps (PWA) on Windows - forensics and detection of use
https://www.boredhackerblog.info/2024/06/progressive-web-apps-pwa-on-windows.html | 197 | 0 | Loading... |
04 Preauth RCE on NVIDIA Triton Server
https://sites.google.com/site/zhiniangpeng/blogs/Triton-RCE | 197 | 1 | Loading... |
05 VOIDGATE: A technique that can be used to bypass AV/EDR memory scanners
https://github.com/vxCrypt0r/Voidgate
EDR-XDR-AV-Killer: Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
https://github.com/EvilBytecode/EDR-XDR-AV-Killer | 198 | 4 | Loading... |
06 Python tool to check rootkits in Windows kernel
https://github.com/ExaTrack/Kdrill | 188 | 2 | Loading... |
07 Section-based payload obfuscation technique for x64
https://github.com/pygrum/gimmick | 184 | 4 | Loading... |
08 From Clipboard to Compromise: A PowerShell Self-Pwn
https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn | 284 | 5 | Loading... |
09 Analysis of user password strength
https://securelist.com/passworde-brute-force-time | 274 | 2 | Loading... |
10 Attack Paths Into VMs in the Cloud
https://unit42.paloaltonetworks.com/cloud-virtual-machine-attack-vectors | 274 | 2 | Loading... |
11 Analysis of user password strength
https://securelist.com/passworde-brute-force-time | 1 | 0 | Loading... |
12 Feeding the Phishes
https://posts.specterops.io/feeding-the-phishes-276c3579bba7 | 274 | 3 | Loading... |
13 Exploit for CVE-2024-23692
Unauthenticated RCE Flaw in Rejetto HTTP File Server
https://github.com/0x20c/CVE-2024-23692-EXP | 275 | 1 | Loading... |
14 Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability
https://github.com/scs-labrat/android_autorooter | 268 | 1 | Loading... |
15 Go keylogger for Windows, logging keyboard input to a file using Windows API functions, and it is released under the Unlicense
https://github.com/EvilBytecode/Keylogger | 263 | 4 | Loading... |
16 Spoofing PowerShell Security Logs and Bypassing AMSI Without Reflection or Patching
https://bc-security.org/scriptblock-smuggling
ScriptBlock-Smuggling:
https://github.com/BC-SECURITY/ScriptBlock-Smuggling | 325 | 4 | Loading... |
17 Exfiltrate sensitive user data from apps on Android 12 and 13 using CVE-2024-0044 vulnerability
https://www.mobile-hacker.com/2024/06/17/exfiltrate-sensitive-user-data-from-apps-on-android-12-and-13-using-cve-2024-0044-vulnerability | 320 | 3 | Loading... |
18 Malware Development
Part 5: DLL injection into the process
Part 6: DLL hijacking
Part 7: Advanced Code Injection | 346 | 5 | Loading... |
19 Bloxstrap-Persistance: modifies Bloxstrap's settings (Settings.json) to add persistent integrations, showcasing how applications can be exploited
https://github.com/EvilBytecode/Bloxstrap-Persistance | 327 | 2 | Loading... |
20 Iconv, set the charset to RCE:
Exploiting the glibc to hack the PHP engine (part 2)
https://www.ambionics.io/blog/iconv-cve-2024-2961-p2 | 331 | 0 | Loading... |
21 CVE-2024-20693: Windows cached code signature manipulation
https://sector7.computest.nl/post/2024-06-cve-2024-20693-windows-cached-code-signature-manipulation | 318 | 1 | Loading... |
22 Abusing title reporting and tmux integration in iTerm2 for code execution
https://vin01.github.io/piptagole/escape-sequences/iterm2/rce/2024/06/16/iterm2-rce-window-title-tmux-integration.html | 313 | 0 | Loading... |
23 DLL Jmping: Old Hollow Trampolines in Windows DLL Land
https://www.blackhillsinfosec.com/dll-jmping | 306 | 1 | Loading... |
24 VBA: having fun with macros, overwritten pointers & R/W/X memory
https://adepts.of0x.cc/vba-hijack-pointers-rwa | 341 | 3 | Loading... |
25 Simple analyze about CVE-2024-30080 MSMQ RCE
https://whereisk0shl.top/post/simple-analyze-about-cve-2024-30080 | 325 | 0 | Loading... |
26 Recon2024 Demo: Provides commands to read from and write to arbitrary kernel-mode memory for users with the Administrator privilege. HVCI compatible
https://github.com/tandasat/recon2024_demo | 327 | 2 | Loading... |
27 A simple commandline application to automatically decrypt strings from Obfuscator protected binaries
https://github.com/cod3nym/Deobfuscar | 326 | 4 | Loading... |
28 Hunting APT41 TTPs
https://montysecurity.medium.com/hunting-apt41-ttps-f47e9dd9a7d5 | 368 | 4 | Loading... |
29 CVE-2024-4577 Argument injection vulnerability in PHP
https://github.com/gotr00t0day/CVE-2024-4577
CVE-2024-24590 ClearML RCE & CMD PoC
https://github.com/diegogarciayala/CVE-2024-24590-ClearML-RCE-CMD-POC | 369 | 4 | Loading... |
30 CVE-2024-30078 Windows Wi-Fi Driver RCE
Detection and Command Execution Script
https://github.com/alperenugurlu/CVE-2024-30078- | 370 | 5 | Loading... |
31 A simple crossplatform heuristic PE-analyzer
https://github.com/DosX-dev/PE-LiteScan | 40 | 0 | Loading... |
32 Exploiting File Read Vulnerabilities in Gradio to Steal Secrets from Hugging Face Spaces
https://www.horizon3.ai/attack-research/disclosures/exploiting-file-read-vulnerabilities-in-gradio-to-steal-secrets-from-hugging-face-spaces | 405 | 1 | Loading... |
33 This repository was created in conjunction with a Packer Development Workshop held at x33fcon 2024 by S3cur3Th1sSh1t and eversinc33.
It contains the Slides of the presentation plus code snippets in different programming languages for offensive Packer Development
https://github.com/rtecCyberSec/Packer_Development | 405 | 3 | Loading... |
34 string encryption in Nim
https://github.com/S3cur3Th1sSh1t/nim-strenc | 168 | 0 | Loading... |
35 Search & Spoof: Abuse of Windows Search to Redirect to Malware
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/search-spoof-abuse-of-windows-search-to-redirect-to-malware | 422 | 3 | Loading... |
36 Mapping Snowflake’s Access Landscape
https://posts.specterops.io/mapping-snowflakes-access-landscape-3bf232251945 | 390 | 0 | Loading... |
37 RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP
https://github.com/0xEr3bus/RdpStrike | 395 | 6 | Loading... |
38 RdpStrike: Mapping Snowflake’s Access Landscape
https://posts.specterops.io/mapping-snowflakes-access-landscape-3bf232251945 | 1 | 0 | Loading... |
39 RdpStrike: Positional Independent Code to extract clear text password from mstsc.exe using API Hooking via HWBP
https://github.com/0xEr3bus/RdpStrike | 1 | 0 | Loading... |
40 Exploiting ML models with pickle file attacks
Part 1 ○● Part 2 | 428 | 2 | Loading... |
Active Directory Methodology in Pentesting: A Comprehensive Guide
https://medium.com/@verylazytech/active-directory-methodology-in-pentesting-a-comprehensive-guide-fa7e8e5ff9d3
Off-path TCP hijacking in NAT-enabled Wi-Fi networks
https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks
Progressive Web Apps (PWA) on Windows - forensics and detection of use
https://www.boredhackerblog.info/2024/06/progressive-web-apps-pwa-on-windows.html
Preauth RCE on NVIDIA Triton Server
https://sites.google.com/site/zhiniangpeng/blogs/Triton-RCE
VOIDGATE: A technique that can be used to bypass AV/EDR memory scanners
https://github.com/vxCrypt0r/Voidgate
EDR-XDR-AV-Killer: Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
https://github.com/EvilBytecode/EDR-XDR-AV-Killer
Python tool to check rootkits in Windows kernel
https://github.com/ExaTrack/Kdrill
Section-based payload obfuscation technique for x64
https://github.com/pygrum/gimmick
From Clipboard to Compromise: A PowerShell Self-Pwn
https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn
Analysis of user password strength
https://securelist.com/passworde-brute-force-time
Attack Paths Into VMs in the Cloud
https://unit42.paloaltonetworks.com/cloud-virtual-machine-attack-vectors
Войдите и получите доступ к детальной информации
Мы откроем вам доступ после авторизации. Мы обещаем, это быстро!