UAC-0184 Abuses Python in DLL Sideloading for XWORM Distribution
https://cyble.com/blog/uac-0184-abuses-python-in-dll-sideloading-for-xworm-distribution/
Next.js and cache poisoning: a quest for the black hole
https://zhero-web-sec.github.io/research-and-things/nextjs-and-cache-poisoning-a-quest-for-the-black-hole
ThunderKitty: Open source stealer written in Go, all logs will be sent to Telegram bot
https://github.com/EvilBytecode/ThunderKitty
CVE-2024-30088 Windows Kernel Elevation of Privilege
https://github.com/tykawaii98/CVE-2024-30088
This repo contains all types of pdf exploits
https://github.com/coffinxp/pdFExploits
ExCobalt: GoRed, the hidden-tunnel technique
https://www.ptsecurity.com/ww-en/analytics/pt-esc-threat-intelligence/excobalt-gored-the-hidden-tunnel-technique
Lifetime-Amsi-EtwPatch: Two in one, patch lifetime powershell console, no more etw and amsi
https://github.com/EvilBytecode/Lifetime-Amsi-EtwPatch
SCCM Exploitation: Evading Defenses and Moving Laterally with SCCM Application Deployment
https://www.guidepointsecurity.com/blog/sccm-exploitation-evading-defenses-and-moving-laterally-with-sccm-application-deployment
Lifetime AMSI bypass
https://github.com/EvilBytecode/Lifetime-AmsiBypass
Powershell-Persistance (PoC)
https://github.com/EvilBytecode/Powershell-Persistance
Evil-Go: A malicous Golang Package
https://github.com/EvilBytecode/Evil-Go
Active Directory Methodology in Pentesting: A Comprehensive Guide
verylazytech/active-directory-methodology-in-pentesting-a-comprehensive-guide-fa7e8e5ff9d3" rel="nofollow">https://medium.com/@verylazytech/active-directory-methodology-in-pentesting-a-comprehensive-guide-fa7e8e5ff9d3
Progressive Web Apps (PWA) on Windows - forensics and detection of use
https://www.boredhackerblog.info/2024/06/progressive-web-apps-pwa-on-windows.html
VOIDGATE: A technique that can be used to bypass AV/EDR memory scanners
https://github.com/vxCrypt0r/Voidgate
EDR-XDR-AV-Killer: Reproducing Spyboy technique, which involves terminating all EDR/XDR/AVs processes by abusing the zam64.sys driver
https://github.com/EvilBytecode/EDR-XDR-AV-Killer
Section-based payload obfuscation technique for x64
https://github.com/pygrum/gimmick
Analysis of user password strength
https://securelist.com/passworde-brute-force-time
Feeding the Phishes
https://posts.specterops.io/feeding-the-phishes-276c3579bba7
Cybersecurity in the SMB space — a growing threat
https://securelist.com/smb-threat-report-2024
RemoteKrbRelay: Remote Kerberos Relay made easy! Advanced Kerberos Relay Framework
https://github.com/CICADA8-Research/RemoteKrbRelay
IOCTL Code Decoder
https://github.com/idkhidden/ioctl-decoder
This is a simple proof-of-concept project demonstrating how you can hide memory regions of your process from other processes
https://github.com/SamuelTulach/MemoryGuard
Part 8: Reverse Shell Via Dll Hijacking
https://sid4hack.medium.com/malware-development-part-8-reverse-shell-via-dll-hijacking-ce48f5ebbafe
QRucible: Python utility that generates "imageless" QR codes in various formats
https://github.com/Flangvik/QRucible
Mobile OAuth Attacks
iOS URL Scheme Hijacking Revamped
https://evanconnelly.github.io/post/ios-oauth
CVE-2024-30078 Exploit
basic concept for the latest windows wifi driver CVE
https://github.com/blkph0x/CVE_2024_30078_POC_WIFI
CVE-2024-0044: a "run-as any app" high-severity vulnerability affecting Android versions 12 and 13
https://github.com/pl4int3xt/cve_2024_0044
DOSVisor: x86 Real-Mode MS-DOS Emulator using Windows Hypervisor Platform
https://github.com/x86matthew/DOSVisor
Off-path TCP hijacking in NAT-enabled Wi-Fi networks
https://blog.apnic.net/2024/06/18/off-path-tcp-hijacking-in-nat-enabled-wi-fi-networks
Preauth RCE on NVIDIA Triton Server
https://sites.google.com/site/zhiniangpeng/blogs/Triton-RCE
Python tool to check rootkits in Windows kernel
https://github.com/ExaTrack/Kdrill
From Clipboard to Compromise: A PowerShell Self-Pwn
https://www.proofpoint.com/us/blog/threat-insight/clipboard-compromise-powershell-self-pwn
Attack Paths Into VMs in the Cloud
https://unit42.paloaltonetworks.com/cloud-virtual-machine-attack-vectors
Exploit for CVE-2024-23692
Unauthenticated RCE Flaw in Rejetto HTTP File Server
https://github.com/0x20c/CVE-2024-23692-EXP
