Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”
See how one IBM X-Force researcher reverse engineered the patch for CVE-2022-34718, and unpack the affected protocols, how the bug was identified, and how it was reproduced.
FuzzySecurity | Windows Hacking Tutorials
null
Heap Overflow Exploitation on Windows 10 Explained | Rapid7 Blog
Heap corruption can be a scary topic. In this post, we go through a basic example of a heap overflow on Windows 10.
Smbleedingghost writeup chaining smbleed cve 2020 1206 with smbghost
CVE-2021-31985: Exploiting the Windows Defender AsProtect Heap Overflow Vulnerability
"I'll ask your body": SMBGhost pre-auth RCE abusing Direct Memory Access structs
Posted by hugeh0ge, Ricerca Security NOTE: We have decided to make our PoC exclusively available to our customers to avoid abuse by scr...
GitHub - mgeeky/Penetration-Testing-Tools: A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes. - GitHub - mgeeky/Penetrati...
Lord Of The Ring0 - Part 1 | Introduction - Ido Veltzman - Security Blog
IntroductionThis blog post series isn’t a thing I normally do, this will be more like a journey that I document during the development of my project Nidhogg....
GitHub - JohnTroony/php-webshells: Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server! - GitHub - JohnTroony/php-webshells: Common PHP webshells you...
GitHub - wader/fq: jq for binary formats
jq for binary formats. Contribute to wader/fq development by creating an account on GitHub.
What is Phar Deserialization
Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.
Attacking Active Directory: 0 to 0.9 | zer1t0
GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities. - GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, lib...
PHP Object Injection | OWASP Foundation
PHP Object Injection on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.
The Powerful Resource of PHP Stream Wrappers
Exploit with PHP Protocols / Wrappers - cdxy
GitHub - eeriedusk/knockles: eBPF Port Knocking Tool
eBPF Port Knocking Tool. Contribute to eeriedusk/knockles development by creating an account on GitHub.
GitHub - Markakd/DirtyCred
Contribute to Markakd/DirtyCred development by creating an account on GitHub.
How to Evade Application Whitelisting Using REGSVR32 - Black Hills Information Security
Joff Thyer // I was recently working on a Red Team for a customer that was very much up to date with their defenses. This customer had tight egress controls, […]
Hijack Libs
11 stakeholder strategies for red team success
These best practices will help ensure a successful red team exercise by getting all the stakeholders on the same page.
Hack.Learn.Share
This blog contains write-ups of the things that I researched, learned, and wanted to share to others.
pre.empt.dev: Connoisseurs of the finest OST
pre.empt.dev is a group of people working on making Windows fun.
Build your first LLVM Obfuscator
Welcome to a tutorial on building your first LLVM based obfuscator. In this post we will list the advantages of using LLVM tools, briefly…
Converting commands to Powershell compatible encoded strings for dummies // byt3bl33d3r // /dev/random blog.py
byt3bl33d3r, /dev/random blog.py
GitHub - miguelob/ICS-Hacking: This repository is focused on cybersecurity in the industrial world. Many industrial communication protocols and equipment is investigated and pentested
This repository is focused on cybersecurity in the industrial world. Many industrial communication protocols and equipment is investigated and pentested - GitHub - miguelob/ICS-Hacking: This reposi...
Exploiting Arbitrary Object Instantiations in PHP without Custom Classes
We discovered an application with "new $a($b)" and no user-defined classes. We turned it to RCE.
GitHub - hfiref0x/UACME: Defeating Windows User Account Control
Defeating Windows User Account Control. Contribute to hfiref0x/UACME development by creating an account on GitHub.
Yet another sdclt UAC bypass - Sevagas
Fileless UAC bypass via COM hijack using sdtlc.exe auto-elevated process.
Baron samedit heap based overflow sudo