Combining Pivot Points to Identify Malware Infrastructure - Redline, Smokeloader and Cobalt Strike
https://embee-research.ghost.io/combining-pivot-points-to-identify-malware-infrastructure-redline-smokeloader-and-cobalt-strike
PoC Exploit for CVE-2023-46214 Splunk RCE
https://github.com/nathan31337/Splunk-RCE-poc
PoC for CVE-2023-2598 Linux Kernel LPE: PoC of a vulnerability in the io_uring subsystem of the Linux Kernel
https://github.com/ysanatomic/io_uring_LPE-CVE-2023-2598
Evading Detection while using nmap
https://infosecwriteups.com/evading-detection-while-using-nmap-69633df091f3
AI Exploits: A collection of real world AI/ML exploits for responsibly disclosed vulnerabilities
https://github.com/protectai/ai-exploits
All the Small Things: Azure CLI Leakage and Problematic Usage Patterns
https://www.paloaltonetworks.com/blog/prisma-cloud/secrets-leakage-user-error-azure-cli
Inside the Mind of a Cyber Attacker: from Malware creation to Data Exfiltration (Part 2)
https://blog.hacktivesecurity.com/index.php/2023/11/15/inside-the-mind-of-a-cyber-attacker-from-malware-creation-to-data-exfiltration-part-2
HostingHunter Series: Change Way Technology CO. Limited
joshuapenny88/hostinghunter-series-chang-way-technologies-co-limited-a9ba4fce0f65" rel="nofollow">https://medium.com/@joshuapenny88/hostinghunter-series-chang-way-technologies-co-limited-a9ba4fce0f65
Reptar: an Intel Ice Lake CPU vulnerability
https://lock.cmpxchg8b.com/reptar.html
HackerGPT: is your indispensable digital companion in the world of hacking. Crafted with the unique needs of ethical hackers in mind, this AI-powered assistant stands at the forefront of hacking knowledge and assistance
https://github.com/Hacker-GPT/HackerGPT
Top ranked OpenAI GPTs
https://github.com/AgentOps-AI/BestGPTs
VisualStudio .suo deserialization Exploit
https://github.com/moom825/visualstudio-suo-exploit
SharpReflectivePEInjection: reflectively load and execute PEs locally and remotely bypassing EDR hooks
https://github.com/cpu0x00/SharpReflectivePEInjection
Shellcode Loader/Execute Shellcode - Automate with Python Programming
https://www.youtube.com/watch?v=hWbfifU8TtA&feature
Exploring Antivirus and EDR evasion techniques step-by-step
Part 1:
https://infosecwriteups.com/exploring-antivirus-and-edr-evasion-techniques-step-by-step-part-1-6459563b12ea
Part 2:
https://infosecwriteups.com/exploring-antivirus-and-edr-evasion-techniques-step-by-step-part-2-4310c58cdc31
GPTs: leaked prompts of GPTs
https://github.com/linexjlin/GPTs
Hijacking OAuth Code via Reverse Proxy for Account Takeover
https://blog.voorivex.team/hijacking-oauth-code-via-reverse-proxy-for-account-takeover
Hunting Sandworm Team’s TTPs
https://montysecurity.medium.com/hunting-sandworm-teams-ttps-57a6fb31dd4b
badgerDAPS: A Brute Ratel LDAP query-log sorting tool, for the aspiring anti-LDAP query/Windows powershell hacker
https://github.com/johnjhacking/badgerDAPS
ProcessStomping: A variation of ProcessOverwriting to execute shellcode on an executable's section
https://github.com/naksyn/ProcessStomping
Escaping the sandbox: A bug that speaks for itself
https://microsoftedge.github.io/edgevr/posts/Escaping-the-sandbox-A-bug-that-speaks-for-itself
The Spelling Police: Searching for Malicious HTTP Servers by Identifying Typos in HTTP Responses
https://research.nccgroup.com/2023/11/15/the-spelling-police-searching-for-malicious-http-servers-by-identifying-typos-in-http-responses
IOKernelRW: Insecurity as an IOService
https://github.com/Siguza/IOKernelRW
Report and Exploit of CVE-2023-36427
Summary:
Kernel-mode code in the root partition can corrupt arbitrary physical pages irrespective of EPT permissions using the Hardware Feedback Interface processor feature
https://github.com/tandasat/CVE-2023-36427
GPT Crawler: Crawl a site to generate knowledge files to create your own custom GPT
https://github.com/BuilderIO/gpt-crawler
Bypass 403 - Forbidden ⛔
https://github.com/LucasPDiniz/403-Bypass
MS Graph Commands and Tools for Blue Teamers
https://github.com/xg5-simon/MS-Graph-BlueTeam
Wndows-Drive-Remapping-EoP: Windows System Drive Remapping - Elevation of Privileges
https://github.com/bluefrostsecurity/Windows-Drive-Remapping-EoP
HEXACON2023 - A 3-Year Tale of Hacking a Pwn2Own Target by Orange Tsai
Video:
https://www.youtube.com/watch?v=uGofhlB1vZU
Slides:
https://github.com/orangetw/My-Presentation-Slides/blob/main/data/2023-A-3-Years-Tale-of-Hacking-a-Pwn2Own-Target.pdf
Awesome GPT Agents:
A curated list of GPT agents for cybersecurity
https://github.com/fr0gger/Awesome-GPT-Agents
Flare-On 2023 Challenge 7 (flake) - Solving a compiled Python challenge using native tools
https://www.x86matthew.com/view_post?id=flareon_2023_7
