PoolParty BOF: A beacon object file implementation of PoolParty Process Injection Technique
https://github.com/0xEr3bus/PoolPartyBof
Unmasking the Shadows: The Art of Threat Hunting in Defender for Identity
https://cyberdom.blog/2023/12/09/unmasking-the-shadows-the-art-of-threat-hunting-in-defender-for-identity
Hunting Volt Typhoon TTPs
https://montysecurity.medium.com/hunting-volt-typhoon-ttps-00329f3daae2
Proof of Concept (PoC) of 5G NR Attacks against commercial smartphones, CPE routers, USB Modems, etc
https://github.com/asset-group/5ghoul-5g-nr-attacks
Black Hat Europe 2023 slides
https://github.com/onhexgroup/Conferences/tree/main/Black%20Hat%20Europe%202023%20slides
Defender Exclusions Creator BOF
https://github.com/EspressoCake/Defender-Exclusions-Creator-BOF
Apt style exploitation of Chrome 0day CVE-2023-4357
https://github.com/OgulcanUnveren/CVE-2023-4357-APT-Style-exploitation
The Pool Party You Will Never Forget: New Process Injection Techniques Using Windows Thread Pools
https://www.safebreach.com/blog/process-injection-using-windows-thread-pools
PoolParty: A set of fully-undetectable process injection techniques abusing Windows Thread Pools
https://github.com/SafeBreach-Labs/PoolParty
Tricks for Reliable Split-Second DNS Rebinding in Chrome and Safari
https://www.intruder.io/research/split-second-dns-rebinding-in-chrome-and-safari
Unicode XSS via Combining Characters
https://gist.github.com/paj28/86c7b8f37371d89c9a36ed0280fcf450
Unhooking EDR by remapping ntdll.dll
https://bobvanderstaak.medium.com/unhooking-edr-by-remapping-ntdll-dll-101a99887dfe
Cueing up a calculator: an introduction to exploit development on Linux
https://github.blog/2023-12-06-cueing-up-a-calculator-an-introduction-to-exploit-development-on-linux
Story of the year: the impact of AI on cybersecurity
https://securelist.com/story-of-the-year-2023-ai-impact-on-cybersecurity
Try Hack me — Advent Of Cyber 2023 Day 9 Write Up — She sells C# shells by the C2shore
https://infosecwriteups.com/try-hack-me-advent-of-cyber-2023-day-8-write-up-she-sells-c-shells-by-the-c2shore-080ba26f4011
htb-authority: Exploiting authority from @hackthebox_eu involves cracking Ansible vault, messing with PWM, and two really neat twists on the ESC1 ADCS attack, where I'll generate and use a fake computer, and use Pass-The-Cert
https://0xdf.gitlab.io/2023/12/09/htb-authority
New payload to exploit Error-based SQL injection - Oracle database
https://www.mannulinux.org/2023/12/New-payload-to-exploit-Error-based-SQL-injection-Oracle-database.html
Cookie Monster BOF: Steal browser cookies for edge, chrome and firefox through a BOF or exe! Cookie-Monster will extract the WebKit master key, locate a browser process with a handle to the Cookies and Login Data files, copy the handle(s) and then filelessly download the target
https://github.com/KingOfTheNOPs/cookie-monster
Simple Shellcode Runner in Rust Language
https://github.com/CyberSecurityUP/shellcode-runner-rust
Pentesting with Secure LDAP and LDAP Channel Binding
https://rootsecdev.medium.com/pentesting-with-secure-ldap-and-ldap-channel-binding-fd5baa0f7345
RPC or Not, Here We Log: Preventing Exploitation and Abuse with RPC Firewall
https://blog.nviso.eu/2023/12/08/rpc-or-not-here-we-log-preventing-exploitation-and-abuse-with-rpc-firewall
Oktajacking: Making Okta do keylogging for you
https://pushsecurity.com/blog/oktajacking
Elevating Privileges with SeBackupPrivilege on Windows
https://infosecwriteups.com/elevating-privileges-with-sebackupprivilege-on-windows-107bd34befa2
CVE-2023-45866: Unauthenticated Bluetooth keystroke-injection in Android, Linux, macOS and iOS
https://github.com/skysafe/reblog/tree/main/cve-2023-45866
Critical misconfiguration in Firebase — Bug bounty
facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6" rel="nofollow">https://medium.com/@facu.tha/critical-misconfiguration-in-firebase-e682ec4239d6
Rise of Broken Access Control
rafinrahmanchy/rise-of-broken-access-control-51356916235f" rel="nofollow">https://medium.com/@rafinrahmanchy/rise-of-broken-access-control-51356916235f