Exploit with PHP Protocols / Wrappers - cdxy
![Hacking](https://rdl.ink/render?url=https%3A%2F%2Fup.raindrop.io%2Fcollection%2Fthumbs%2F224%2F268%2F21%2Fbe316481af1d22f69d1e60c4bfe915e9.png&mode=crop&width=32&height=32&dpr=2)
Hacking
GitHub - eeriedusk/knockles: eBPF Port Knocking Tool
eBPF Port Knocking Tool. Contribute to eeriedusk/knockles development by creating an account on GitHub.
GitHub - Markakd/DirtyCred
Contribute to Markakd/DirtyCred development by creating an account on GitHub.
How to Evade Application Whitelisting Using REGSVR32 - Black Hills Information Security
Joff Thyer // I was recently working on a Red Team for a customer that was very much up to date with their defenses. This customer had tight egress controls, […]
Hijack Libs
11 stakeholder strategies for red team success
These best practices will help ensure a successful red team exercise by getting all the stakeholders on the same page.
Hack.Learn.Share
This blog contains write-ups of the things that I researched, learned, and wanted to share to others.
pre.empt.dev: Connoisseurs of the finest OST
pre.empt.dev is a group of people working on making Windows fun.
Build your first LLVM Obfuscator
Welcome to a tutorial on building your first LLVM based obfuscator. In this post we will list the advantages of using LLVM tools, briefly…
Converting commands to Powershell compatible encoded strings for dummies // byt3bl33d3r // /dev/random blog.py
byt3bl33d3r, /dev/random blog.py
GitHub - miguelob/ICS-Hacking: This repository is focused on cybersecurity in the industrial world. Many industrial communication protocols and equipment is investigated and pentested
This repository is focused on cybersecurity in the industrial world. Many industrial communication protocols and equipment is investigated and pentested - GitHub - miguelob/ICS-Hacking: This reposi...
Exploiting Arbitrary Object Instantiations in PHP without Custom Classes
We discovered an application with "new $a($b)" and no user-defined classes. We turned it to RCE.
GitHub - hfiref0x/UACME: Defeating Windows User Account Control
Defeating Windows User Account Control. Contribute to hfiref0x/UACME development by creating an account on GitHub.
Yet another sdclt UAC bypass - Sevagas
Fileless UAC bypass via COM hijack using sdtlc.exe auto-elevated process.
Baron samedit heap based overflow sudo
GitHub - leonjza/log4jpwn: log4j rce test environment and poc
log4j rce test environment and poc. Contribute to leonjza/log4jpwn development by creating an account on GitHub.
pkexec: local privilege escalation (CVE-2021-4034) (a2bf5c9c) · Commits · polkit / polkit · GitLab
Commit for pwnkit fix
Pwnkit
GitHub - mandiant/ADFSpoof
Contribute to mandiant/ADFSpoof development by creating an account on GitHub.
GitHub - helpsystems/nanodump: A crappy LSASS dumper with no ASCII art
A crappy LSASS dumper with no ASCII art. Contribute to helpsystems/nanodump development by creating an account on GitHub.
GitHub - S1ckB0y1337/TokenPlayer: Manipulating and Abusing Windows Access Tokens.
Manipulating and Abusing Windows Access Tokens. Contribute to S1ckB0y1337/TokenPlayer development by creating an account on GitHub.
Yours Truly, Signed AV Driver: Weaponizing an Antivirus Driver | Aon
As we head into 2022, ransomware groups continue to plague our digital environment with new and interesting techniques to bypass Antivirus (AV) and Endpoint Detection and Response (EDR) solutions and ensuring the successful execution of their ransomware payloads. In December 2021, Stroz Friedberg’s Incident Response Services team engaged in a Digital Forensics and Incident […]
MSDT DLL Hijack UAC bypass - Sevagas
UAC Bypass via DLL hijacking of Microsoft Support Diagnostic Tool (MSDT). The UAC bypass method described here is based on DLL hijacking which happens when loading the Bluetooth diagnostic package.
Offensive Lateral Movement
Lateral movement is the process of moving from one compromised host to another. Penetration testers and red teamers alike commonly used to…
Penetration Testing Explained, Part IV: Making the Lateral Move
You can think about the post-exploitation part of penetration testing as an army or rebel force living off the land. You’re scrounging around the victim’s website using what’s available —...
:: bettercap
GitHub - liamg/traitor: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock
:arrow_up: :skull_and_crossbones: :fire: Automatic Linux privesc via exploitation of low-hanging fruit e.g. gtfobins, pwnkit, dirty pipe, +w docker.sock - GitHub - liamg/traitor: Automatic Linux pr...
GitHub - firmadyne/firmadyne: Platform for emulation and dynamic analysis of Linux-based firmware
Platform for emulation and dynamic analysis of Linux-based firmware - GitHub - firmadyne/firmadyne: Platform for emulation and dynamic analysis of Linux-based firmware
GitHub - nishitm/wotop: Web on top of any protocol
Web on top of any protocol. Contribute to nishitm/wotop development by creating an account on GitHub.
Container whitepaper