RedTeamPentesting/resocks: mTLS-Encrypted Back-Connect SOCKS5 Proxy
mTLS-Encrypted Back-Connect SOCKS5 Proxy. Contribute to RedTeamPentesting/resocks development by creating an account on GitHub.
Hacking
fatedier/frp: A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet.
A fast reverse proxy to help you expose a local server behind a NAT or firewall to the internet. - GitHub - fatedier/frp: A fast reverse proxy to help you expose a local server behind a NAT or fire...
Building a Budget Red Team Implant
Why Do I Need an Implant?
center-for-threat-informed-defense/adversary_emulation_library: An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs.
An open library of adversary emulation plans designed to empower organizations to test their defenses based on real-world TTPs. - GitHub - center-for-threat-informed-defense/adversary_emulation_li...
trickest/cve
Gather and update all available and newest CVEs with their PoC.
LOLDrivers
LOLBins but Drivers
GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact
RDP monster-in-the-middle (mitm) and library for Python with the ability to watch connections live or after the fact - GitHub - GoSecure/pyrdp: RDP monster-in-the-middle (mitm) and library for Pyth...
Rpc toolkit fantastic interfaces how to find
Nightmare: One Byte to ROP // Deep Dive Edition - HackMD
# Nightmare: One Byte to ROP // Deep Dive Edition ## Introduction In this write-up, we'll discuss ho
Windows 10 Update Archive
null
GitHub - SafeBreach-Labs/Back2TheFuture: Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns.
Find patterns of vulnerabilities on Windows in order to find 0-day and write exploits of 1-days. We use Microsoft security updates in order to find the patterns. - GitHub - SafeBreach-Labs/Back2The...
Winbindex - The Windows Binaries Index
An index of Windows binaries, including download links for executables such as exe, dll and sys files
GitHub - optiv/Ivy: Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environmen...
GitHub - D1rkMtr/RecyclePersist: implementation of Persistence via Recycle Bin by adding "open\command" subkey to the "HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell" key and changing its value to the implant path
implementation of Persistence via Recycle Bin by adding "open\command" subkey to the "HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell" key and changing i...
GitHub - Aetsu/OffensivePipeline: OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises.
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises. - GitHub - Aetsu/OffensivePipeline: OfensivePipe...
All of the Best Links and Resources on Cyber Security.
null
The toddler’s introduction to Heap exploitation (Part 1)
In my introductory post I had been talking about dynamic memory allocation and I referenced various solutions that are used to tackle this…
Dissecting and Exploiting TCP/IP RCE Vulnerability “EvilESP”
See how one IBM X-Force researcher reverse engineered the patch for CVE-2022-34718, and unpack the affected protocols, how the bug was identified, and how it was reproduced.
FuzzySecurity | Windows Hacking Tutorials
null
Heap Overflow Exploitation on Windows 10 Explained | Rapid7 Blog
Heap corruption can be a scary topic. In this post, we go through a basic example of a heap overflow on Windows 10.
Smbleedingghost writeup chaining smbleed cve 2020 1206 with smbghost
CVE-2021-31985: Exploiting the Windows Defender AsProtect Heap Overflow Vulnerability
"I'll ask your body": SMBGhost pre-auth RCE abusing Direct Memory Access structs
Posted by hugeh0ge, Ricerca Security NOTE: We have decided to make our PoC exclusively available to our customers to avoid abuse by scr...
GitHub - mgeeky/Penetration-Testing-Tools: A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes.
A collection of more than 170+ tools, scripts, cheatsheets and other loots that I've developed over years for Red Teaming/Pentesting/IT Security audits purposes. - GitHub - mgeeky/Penetrati...
Lord Of The Ring0 - Part 1 | Introduction - Ido Veltzman - Security Blog
IntroductionThis blog post series isn’t a thing I normally do, this will be more like a journey that I document during the development of my project Nidhogg....
GitHub - JohnTroony/php-webshells: Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server!
Common PHP webshells you might need for your Penetration Testing assignments or CTF challenges. Do not host the file(s) on your server! - GitHub - JohnTroony/php-webshells: Common PHP webshells you...
GitHub - wader/fq: jq for binary formats
jq for binary formats. Contribute to wader/fq development by creating an account on GitHub.
What is Phar Deserialization
Last week a new exploitation technique for PHP applications was announced at the BlackHat USA conference. Find out everything you need to know in this blog post.
Attacking Active Directory: 0 to 0.9 | zer1t0
GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.
A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities. - GitHub - h3xduck/TripleCross: A Linux eBPF rootkit with a backdoor, C2, lib...