Hacking

We explain how mainframes work, potential attack vectors, and what to focus on when pentesting such systems.

A list of online news & info sources in the InfoSec/Cybersecurity space - foorilla/allinfosecnews_sources

Introduction This is the first post of a series which regards development of malicious software. In this series we will explore and try to implement multiple techniques used by malicious applications to execute code, hide from defenses and persist. Let’s create a C++ application that will run malicious shellcode while trying to not be caught by AV software. Why C++ and not C# or PowerShell script? Because it’s much more difficult to analyze compiled binary when compared to managed code or script. For the purpose of this and following articles we will use MS Visual Studio 2017 or 2019 on Windows 10.

A stealthy process stomping method compatible with UNIX-like systems with anti-forensic enhancements for Linux.

Process Injection without Process Injection. Exploring cross-session activation mechanisms to steal someone else’s session using COM

At Emproof, our mission is to enhance the security and integrity of embedded systems through innovative binary rewriting techniques. We are committed to providing advanced […]

grimresource.msc · GitHub

Reflective DLL to privesc from NT Service to SYSTEM using SeImpersonateToken privilege - sokaRepo/CoercedPotatoRDLL

In your red teaming or pentesting activities escalating to  SYSTEM on a Windows box is always the desired objective. The SYSTEM user is a special operating system user with the highest privilege, m…

Introduction In this blogpost, we take a closer look at our research regarding CVE-2022-47758: a critical vulnerability impacting a very large number of Internet of Things smart devices. We could leverage this vulnerability in the lamp's firmware for unauthenticated remote code execution on the entire device with the highest privileges

Packer/Protector for x86-64 ELF binaries on Linux.

PoC for using MS Windows printers for persistence / command and control via Internet Printing - Diverto/IPPrintC2

Abstract Once threat actors gain a foothold on a system, they must implement techniques to maintain that access, even in the event of restarts, updates in credentials or any other type of change...

Simulate the behavior of AV/EDR for malware development training. - Helixo32/CrimsonEDR

Macro-header for compile-time C obfuscation (tcc, win x86/x64) - DosX-dev/obfus.h

The swiss army knife of LSASS dumping. Contribute to fortra/nanodump development by creating an account on GitHub.

Universal local privilege escalation Proof-of-Concept exploit for CVE-2024-1086, working on most Linux kernels between v5.14 and v6.6, including Debian, Ubuntu, and KernelCTF. The success rate is 9...

A fast TCP/UDP tunnel over HTTP. Contribute to jpillora/chisel development by creating an account on GitHub.

A small program written in C that is designed to load 32/64-bit shellcode and allow for execution or debugging. Can also output PE files from shellcode. - jstrosch/sclauncher

A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. Feel free to modiy and DM if you find s...

MultiDump is a post-exploitation tool for dumping and extracting LSASS memory discreetly. - GitHub - Xre0uS/MultiDump: MultiDump is a post-exploitation tool for dumping and extracting LSASS memory ...

An automation to monitor if backdoors/default settings are still active on the compromised machines over time. - GitHub - Drakiat/RedTeam-Checker: An automation to monitor if backdoors/default set...

A Pentest Collaboration and Reporting Tool. Contribute to PeCoReT/pecoret development by creating an account on GitHub.

Pen Test Report Generation and Assessment Collaboration

An modern 64-bit position independent implant template

A set of fully-undetectable process injection techniques abusing Windows Thread Pools - GitHub - SafeBreach-Labs/PoolParty: A set of fully-undetectable process injection techniques abusing Windows ...