A hack in hand is worth two in the bush
https://securelist.com/a-hack-in-hand-is-worth-two-in-the-bush
Hacking ServiceNow Instances While Unauthenticated
https://www.enumerated.ie/servicenow-data-exposure
curlshell: reverse shell using curl
https://github.com/irsl/curlshell
fumo_loader: All in one kernel-based DLL injector
https://github.com/dumbasPL/fumo_loader
TBBRAT: This is power full BotNet
Remote Administrator Tool
https://github.com/TeamBlackBerry/TBBRAT
Offensive Security Notes (OSCP, OSWE, OSED)
OSCP Notes Active Directory 1:
https://drive.google.com/file/d/14jirVKvHwaFT9789nbQoLHNsmHRGysmH/view
OSCP Notes:
https://drive.google.com/file/d/1eYUaeaTiNB59urSp6z0Tf1VnXZ_ifwku/view
OSWE Notes:
https://drive.google.com/file/d/1KIc_qsRvlWbaUY04ug9_4zEXySx53yGv/view
OSED Notes:
https://drive.google.com/file/d/1_mPHr3b3oUhzdwcsC62J4vlX72QZYzzh/view
Xortigate_CVE-2023-27997: Exploit FortiGate
https://github.com/lexfo/xortigate-cve-2023-27997
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit
https://googleprojectzero.blogspot.com/2023/10/an-analysis-of-an-in-the-wild-ios-safari-sandbox-escape.html
OktaPostExToolkit: An Okta Agent tool which emulates an AD Agent, allows interception of authentication requests, and adding a skeleton key
https://github.com/xpn/OktaPostExToolkit
Microsoft Defender for Endpoint Internals 0x05 — Telemetry for sensitive actions
https://medium.com/falconforce/microsoft-defender-for-endpoint-internals-0x05-telemetry-for-sensitive-actions-1b90439f5c25
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts
https://labs.guard.io/etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16
EvilSln: A New Exploitation Technique for Visual Studio Projects
https://github.com/cjm00n/EvilSln
ObfuscateThis: Templated Obfuscation example in C++ for protecting/hiding values in memory
https://github.com/AlSch092/ObfuscateThis
Hadoken: A versatile Active Directory pentesting tool engineered to identify vulnerabilities and streamline security assessments
https://github.com/Edd13Mora/Hadoken
This workshop has been presented at the Defcon31 event:
Part 0 - Presentation
Part 1 - SimpleLoader
Part 2 - DLL Injection
Part 3 - Covering your tracks
https://github.com/OtterHacker/Conferences/tree/main/Defcon31
The Registry Hives you may be MSIX-ING: Registry Redirection with MS MSIX
https://www.zerofox.com/blog/the-registry-hives-you-may-be-msix-ing-registry-redirection-with-ms-msix
PoC exploit for CVE-2023-41993 vulnerability in Safari 17, iOS 16.7
https://github.com/po6ix/POC-for-CVE-2023-41993
Free 100+ Hacking / Infosec pdfs
https://drive.google.com/drive/mobile/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU
Disclosing the BLOODALCHEMY backdoor
BLOODALCHEMY: is a new, actively developed, backdoor that leverages a benign binary as an injection vehicle, and is a part of the REF5961 intrusion set.
https://www.elastic.co/security-labs/disclosing-the-bloodalchemy-backdoor
Hunting for Hidden Treasures: Unveiling the 403 Bypass Bug Bounty Adventure
https://infosecwriteups.com/hunting-for-hidden-treasures-unveiling-the-403-bypass-bug-bounty-adventure-c6d17a0282ac
Scanning for SMB Vulnerabilities with enum4linux
https://infosecwriteups.com/scanning-for-smb-vulnerabilities-with-enum4linux-896f76d0c078
Zero Effort Private Key Compromise: Abusing SSH-Agent For Lateral Movement
https://grahamhelton.com/blog/ssh_agent
Clean - Active Directory Hacking - Full Guide
https://afrohack.pro/index.php?threads/active-directory-hacking-full-guide.81
CrackMaster: x86/x64 Ring 0/-2 System Freezer/Debugger
https://github.com/behnamshamshirsaz/CrackMaster
Stompy: Timestomp Tool to flatten MAC times with a specific timestamp
https://github.com/ZephrFish/Stompy
maliciousCodeMatchingMFA: A small executable to trick a user to authenticate using code matching MFA
https://github.com/scriptchildie/maliciousCodeMatchingMFA
DocPlz: Documents Exfiltration project for fun and educational purposes
https://github.com/TheD1rkMtr/DocPlz
Windows MSKSSRV LPE exploit for CVE-2023-36802
https://github.com/chompie1337/Windows_MSKSSRV_LPE_CVE-2023-36802
Metabase Rce Tools CVE-2023-38646
https://github.com/Boogipop/MetabaseRceTools
PoC of CVE-2023-4911 "Looney Tunables"
1. https://github.com/leesh3288/CVE-2023-4911
2. https://github.com/RickdeJager/CVE-2023-4911
1. CVE-2023-22515: Confluence Broken Access Control Exploit
https://github.com/Chocapikk/CVE-2023-22515
2. Scanner for CVE-2023-22515 - Broken Access Control Vulnerability in Atlassian Confluence
https://github.com/ErikWynter/CVE-2023-22515-Scan
CVE-2023-36723 This is PoC for arbitrary directory creation bug in Container Manager service
https://github.com/Wh04m1001/CVE-2023-36723
PoC for CVE-2023-42820 JumpServer Password Reset Vulnerability
https://github.com/C1ph3rX13/CVE-2023-42820
Basic vulnerability scanning to see if web servers may be vulnerable to CVE-2023-44487
https://github.com/bcdannyboy/CVE-2023-44487
CVE-2023-44487 for DoS exploit HTTP/2 Rapid Reset
https://github.com/imabee101/CVE-2023-44487
