Exploiting Windows Kernel Wild Copy With User Fault Handling (CVE-2023–28218)
https://blog.theori.io/exploiting-windows-kernel-wild-copy-with-user-fault-handling-cve-2023-28218-89f5189d0926
WhoamiAlternatives: Different methods to get current username without using whoami
https://github.com/ricardojoserf/WhoamiAlternatives
FalconHound, attack path management for blue teams
https://medium.com/falconforce/falconhound-attack-path-management-for-blue-teams-42adedc9cae5
Demystifying Cobalt Strike’s “make_token” Command
https://research.nccgroup.com/2023/11/10/demystifying-cobalt-strikes-make_token-command
On-Prem Software CVE-2023-47246 Vulnerability
https://www.sysaid.com/blog/service-desk/on-premise-software-security-vulnerability-notification
SharpLateral: is a tool that includes 4 different methods for performing lateral movement in the AD environment and is written in C#
https://github.com/mertdas/SharpLateral
CallstackSpoofingPOC: C++ self-Injecting dropper based on various EDR evasion techniques
https://github.com/pard0p/CallstackSpoofingPOC
teams_dump: PoC for dumping and decrypting cookies in the latest version of Microsoft Teams
https://github.com/byinarie/teams_dump
SharpVeeamDecryptor: Decrypt Veeam database passwords
https://github.com/S3cur3Th1sSh1t/SharpVeeamDecryptor
Nuclei templates for honeypots detection
https://github.com/UnaPibaGeek/honeypots-detection
Persistence – Windows Telemetry
https://pentestlab.blog/2023/11/06/persistence-windows-telemetry
LdrLibraryEx: A small x64 library to load dll's into memory
https://github.com/Cracked5pider/LdrLibraryEx
ladder: Alternative to 12ft•io. Bypass paywalls with a proxy ladder and remove CORS headers from any URL
https://github.com/kubero-dev/ladder
Use Wasm to Bypass Latest Chrome v8sbx Again
numencyberlabs/use-wasm-to-bypass-latest-chrome-v8sbx-again-639c4c05b157" rel="nofollow">https://medium.com/@numencyberlabs/use-wasm-to-bypass-latest-chrome-v8sbx-again-639c4c05b157
UAC Bypass FUD: The UAC Bypass program is designed to run files with elevated privileges on Windows without requesting user permission or displaying the UAC screen. It provides a way to bypass User Account Control (UAC) restrictions for specific tasks
https://github.com/justhyak/UAC-Bypass-FUD
Privilege escalation vulnerabilities in Ubuntu/Kali Linux (CVE-2023-2640 and CVE-2023-32629)
https://gist.github.com/win3zz/aa1ac16c4458aaaec6dd79343b8cd46f
High Traffic + High Vulnerability = an Attractive Target for Criminals: The Dangers of Viewing Clickbait Sites
https://unit42.paloaltonetworks.com/dangers-of-clickbait-sites
Malware Unpacking With Hardware Breakpoints - Cobalt Strike Shellcode Loader
https://embee-research.ghost.io/unpacking-malware-with-hardware-breakpoints-cobalt-strike
Abusing Microsoft Access "Linked Table" Feature to Perform NTLM Forced Authentication Attacks
https://research.checkpoint.com/2023/abusing-microsoft-access-linked-table-feature-to-perform-ntlm-forced-authentication-attacks
.NetConfigLoader: List of .Net application signed by Microsoft that can be used to load a dll via a .config file. Ideal for EDR/AV evasion and execution policy bypass
https://github.com/Mr-Un1k0d3r/.NetConfigLoader
Attacking an EDR - Part 3
https://riccardoancarani.github.io/2023-11-07-attacking-an-edr-part-3
DuckDuckC2: A proof-of-concept C2 channel through DuckDuckGo's image proxy service
https://github.com/nopcorn/DuckDuckC2
WolfPack: combines the capabilities of Terraform and Packer to streamline the deployment of red team redirectors on a large scale
https://github.com/RoseSecurity-Research/WolfPack
GhostMapper: Create a ghost driver
https://github.com/Oliver-1-1/GhostMapper
Bypassing Android 13 Restrictions with SecuriDropper
https://www.threatfabric.com/blogs/droppers-bypassing-android-13-restrictions
Fuzzer Development: The Soul of a New Machine
https://h0mbre.github.io/New_Fuzzer_Project
Source Code:
https://github.com/h0mbre/Lucid
No-Consolation: A BOF that runs unmanaged PEs inline
https://github.com/fortra/No-Consolation
Phishing With Dynamite
fakasler/phishing-with-dynamite-7d33d8fac038" rel="nofollow">https://medium.com/@fakasler/phishing-with-dynamite-7d33d8fac038
Breaking Barriers: Unmasking the Easy Password Validation Bypass in Security Key Registration | How a Dumb Frontend Led to 750 $ Bounty
https://thecyberneh.medium.com/breaking-barriers-unmasking-the-easy-password-validation-bypass-in-security-key-registration-4cb0d8103a93
Android Security Exploits YouTube Curriculum: A curated list of modern Android exploitation conference talks
https://github.com/actuator/Android-Security-Exploits-YouTube-Curriculum
