Hacking

Hacking

26 bookmarks
Custom sorting
GitHub - kris-nova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
GitHub - kris-nova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin. - GitHub - kris-nova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE,...
·github.com·
GitHub - kris-nova/boopkit: Linux eBPF backdoor over TCP. Spawn reverse shells, RCE, on prior privileged access. Less Honkin, More Tonkin.
GitHub - sysdream/chashell: Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
GitHub - sysdream/chashell: Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks. - GitHub - sysdream/chashell: Chashell is a Go reverse shell that commu...
·github.com·
GitHub - sysdream/chashell: Chashell is a Go reverse shell that communicates over DNS. It can be used to bypass firewalls or tightly restricted networks.
GitHub - arget13/DDexec: A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process.
GitHub - arget13/DDexec: A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process.
A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process. - GitHub - arget13/DDexec: A technique to run binaries filelessly and stealthily o...
·github.com·
GitHub - arget13/DDexec: A technique to run binaries filelessly and stealthily on Linux using dd to replace the shell with another process.
Cronjob Backdoors
Cronjob Backdoors
Attackers commonly rely on backdoors to easily gain reentry and maintain control over a website. They also use PHP functions to further deepen the level of their backdoors. A good example of this is the shell_exec
·blog.sucuri.net·
Cronjob Backdoors
Finding 0day in Apache APISIX During CTF (CVE-2022-24112)
Finding 0day in Apache APISIX During CTF (CVE-2022-24112)
In this video we perform a code audit of Api6 and discover a default configuration that can be escalated to remote code execution. CVE-2022-24112: https://seclists.org/oss-sec/2022/q1/133 GitLab: https://liveoverflow.com/gitlab-11-4-7-remote-code-execution-real-world-ctf-2018/ Challenge files: https://github.com/chaitin/Real-World-CTF-4th-Challenge-Attachments/tree/master/API6 Chapters: 00:00 - Intro 01:09 - Initial Application Overview 02:15 - Discussing Approaches 03:56 - Reading Documentation 04:57 - Initial Attack Idea 06:15 - Identifying Attack Surface 08:46 - Discovering Batch Requests 09:18 - Bypassing X-Real-IP Header 10:15 - Testing the Exploit 11:11 - Reporting the Issue 12:16 - Outro -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ 🐕 Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Instagram: https://instagram.com/LiveOverflow/ → Blog: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/
·youtube.com·
Finding 0day in Apache APISIX During CTF (CVE-2022-24112)
HackTricks
HackTricks
Welcome to the page where you will find each hacking trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
·book.hacktricks.xyz·
HackTricks
10 real-world stories of how we’ve compromised CI/CD pipelines
10 real-world stories of how we’ve compromised CI/CD pipelines
Mainstream appreciation for cyberattacks targeting continuous integration and continuous delivery/continuous deployment (CI/CD) pipelines has been gaining momentum. Attackers and defenders increasingly understand that build pipelines are highly-privileged targets with a substantial attack surface. But what are the potential weak points in a CI/CD pipeline? What does this type of attack look like in practice? NCC Group has found many attack paths through different security assessments that could have led to a compromised CI/CD pipeline in enterprises large and small. In this post, we will share some of our war stories about what we have observed and been able to demonstrate on CI/CD pipeline security assessments, clearly showing why there is the saying, “they are execution engines"
·research.nccgroup.com·
10 real-world stories of how we’ve compromised CI/CD pipelines
outflanknl/RedELK: Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
outflanknl/RedELK: Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations. - outflanknl/RedELK: Red Team's S...
·github.com·
outflanknl/RedELK: Red Team's SIEM - tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability in long term operations.
kgretzky/pwndrop: Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
kgretzky/pwndrop: Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.
Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV. - kgretzky/pwndrop: Self-deployable file hosting service for red teamers, al...
·github.com·
kgretzky/pwndrop: Self-deployable file hosting service for red teamers, allowing to easily upload and share payloads over HTTP and WebDAV.