Proxy-DLL-Loads: A proof of concept demonstrating the DLL-load proxying using undocumented Syscalls
https://github.com/kleiton0x00/Proxy-DLL-Loads
Snapshot fuzzing direct composition with WTF
https://blog.talosintelligence.com/snapshot-fuzzing-direct-composition-with-wtf
The single-packet attack: making remote race-conditions 'local'
https://portswigger.net/research/the-single-packet-attack-making-remote-race-conditions-local
POC for a DLL spoofer to determine DLL Hijacking
https://github.com/MitchHS/DLL-Spoofer
ServiceNow: Widget Simple List Misconfiguration Scanner
https://github.com/bsysop/servicenow
Request Encoding to Bypass Web Application Firewalls
https://soroush.me/downloadable/request-encoding-to-bypass-web-application-firewalls.pdf
macOS Malware 2023 | A Deep Dive into Emerging Trends and Evolving Techniques
https://www.sentinelone.com/blog/macos-malware-2023-a-deep-dive-into-emerging-trends-and-evolving-techniques
Blocking Dedicated Attacking Hosts Is Not Enough: In-Depth Analysis of a Worldwide Linux XorDDoS Campaign
https://unit42.paloaltonetworks.com/new-linux-xorddos-trojan-campaign-delivers-malware
The Registry Hives you may be MSIX-ING: Registry Redirection with MS MSIX
https://www.zerofox.com/blog/the-registry-hives-you-may-be-msix-ing-registry-redirection-with-ms-msix
PoC exploit for CVE-2023-41993 vulnerability in Safari 17, iOS 16.7
https://github.com/po6ix/POC-for-CVE-2023-41993
Free 100+ Hacking / Infosec pdfs
https://drive.google.com/drive/mobile/folders/12Mvq6kE2HJDwN2CZhEGWizyWt87YunkU
Disclosing the BLOODALCHEMY backdoor
BLOODALCHEMY: is a new, actively developed, backdoor that leverages a benign binary as an injection vehicle, and is a part of the REF5961 intrusion set.
https://www.elastic.co/security-labs/disclosing-the-bloodalchemy-backdoor
Hunting for Hidden Treasures: Unveiling the 403 Bypass Bug Bounty Adventure
https://infosecwriteups.com/hunting-for-hidden-treasures-unveiling-the-403-bypass-bug-bounty-adventure-c6d17a0282ac
Scanning for SMB Vulnerabilities with enum4linux
https://infosecwriteups.com/scanning-for-smb-vulnerabilities-with-enum4linux-896f76d0c078
Zero Effort Private Key Compromise: Abusing SSH-Agent For Lateral Movement
https://grahamhelton.com/blog/ssh_agent
Clean - Active Directory Hacking - Full Guide
https://afrohack.pro/index.php?threads/active-directory-hacking-full-guide.81
CrackMaster: x86/x64 Ring 0/-2 System Freezer/Debugger
https://github.com/behnamshamshirsaz/CrackMaster
Stompy: Timestomp Tool to flatten MAC times with a specific timestamp
https://github.com/ZephrFish/Stompy
maliciousCodeMatchingMFA: A small executable to trick a user to authenticate using code matching MFA
https://github.com/scriptchildie/maliciousCodeMatchingMFA
DocPlz: Documents Exfiltration project for fun and educational purposes
https://github.com/TheD1rkMtr/DocPlz
A Modern Approach to Adaptive Threat Hunting Methodologies
https://www.sentinelone.com/blog/a-modern-approach-to-adaptive-threat-hunting-methodologies
CVE-2023-26369: Adobe Acrobat PDF Reader RCE when processing TTF fonts
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2023/CVE-2023-26369.html
InjectHook: A lightweight C++ library designed for function interception within injected DLLs, providing a streamlined approach to modifying application behavior at runtime. Ideal for educational purposes, debugging, and dynamic software analysis
https://github.com/bgarciaoliveira/InjectHook
Shellcode_Hastur: Shellcode Reductio Entropy Tools
https://github.com/Haunted-Banshee/Shellcode-Hastur
Cisco IOS XE CVE-2023-20198 & 0Day Implant Scanner
https://github.com/ZephrFish/Cisco-IOS-XE-Scanner
CVE-2023-38545 SOCKS5 heap buffer overflow
https://github.com/d0rb/CVE-2023-38545
Uncovering SSRF via XSS in PDF Generators
https://docs.google.com/presentation/d/1JdIjHHPsFSgLbaJcHmMkE904jmwPM4xdhEuwhy2ebvo/mobilepresent
A hack in hand is worth two in the bush
https://securelist.com/a-hack-in-hand-is-worth-two-in-the-bush
Hacking ServiceNow Instances While Unauthenticated
https://www.enumerated.ie/servicenow-data-exposure
curlshell: reverse shell using curl
https://github.com/irsl/curlshell
fumo_loader: All in one kernel-based DLL injector
https://github.com/dumbasPL/fumo_loader
TBBRAT: This is power full BotNet
Remote Administrator Tool
https://github.com/TeamBlackBerry/TBBRAT
Offensive Security Notes (OSCP, OSWE, OSED)
OSCP Notes Active Directory 1:
https://drive.google.com/file/d/14jirVKvHwaFT9789nbQoLHNsmHRGysmH/view
OSCP Notes:
https://drive.google.com/file/d/1eYUaeaTiNB59urSp6z0Tf1VnXZ_ifwku/view
OSWE Notes:
https://drive.google.com/file/d/1KIc_qsRvlWbaUY04ug9_4zEXySx53yGv/view
OSED Notes:
https://drive.google.com/file/d/1_mPHr3b3oUhzdwcsC62J4vlX72QZYzzh/view
Xortigate_CVE-2023-27997: Exploit FortiGate
https://github.com/lexfo/xortigate-cve-2023-27997
An analysis of an in-the-wild iOS Safari WebContent to GPU Process exploit
https://googleprojectzero.blogspot.com/2023/10/an-analysis-of-an-in-the-wild-ios-safari-sandbox-escape.html
OktaPostExToolkit: An Okta Agent tool which emulates an AD Agent, allows interception of authentication requests, and adding a skeleton key
https://github.com/xpn/OktaPostExToolkit
Microsoft Defender for Endpoint Internals 0x05 — Telemetry for sensitive actions
https://medium.com/falconforce/microsoft-defender-for-endpoint-internals-0x05-telemetry-for-sensitive-actions-1b90439f5c25
“EtherHiding” — Hiding Web2 Malicious Code in Web3 Smart Contracts
https://labs.guard.io/etherhiding-hiding-web2-malicious-code-in-web3-smart-contracts-65ea78efad16
EvilSln: A New Exploitation Technique for Visual Studio Projects
https://github.com/cjm00n/EvilSln
ObfuscateThis: Templated Obfuscation example in C++ for protecting/hiding values in memory
https://github.com/AlSch092/ObfuscateThis
Hadoken: A versatile Active Directory pentesting tool engineered to identify vulnerabilities and streamline security assessments
https://github.com/Edd13Mora/Hadoken
This workshop has been presented at the Defcon31 event:
Part 0 - Presentation
Part 1 - SimpleLoader
Part 2 - DLL Injection
Part 3 - Covering your tracks
https://github.com/OtterHacker/Conferences/tree/main/Defcon31