EDRSilencer: A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server
https://github.com/netero1010/EDRSilencer
Collection of forensic tools
https://github.com/cristianzsh/forensictools
A simple dependency injection library for Rust
https://github.com/m1guelpf/silhouette
SSH ProxyCommand == unexpected code execution (CVE-2023-51385)
https://vin01.github.io/piptagole/ssh/security/openssh/libssh/remote-code-execution/2023/12/20/openssh-proxycommand-libssh-rce
sessionless: TokenSigner is a Burp Suite extension for editing, signing, verifying various signed web tokens
https://github.com/d0ge/sessionless
SharpHIBP: A C# Tool to gather information about email breaches
https://github.com/dmcxblue/SharpHIBP
codecave hook: reverse engineering toolkit
https://github.com/byte2mov/codecave-hook
Windows CLFS and five exploits used by ransomware operators
https://securelist.com/windows-clfs-exploits-ransomware
Introducing YARA-Forge
https://cyb3rops.medium.com/introducing-yara-forge-a77cbb77dcab
What Are Server-Side Request Forgeries And How To Exploit Them
https://blog.novasec.io/what-are-server-side-request-forgeries-ssrf-and-how-to-exploit-them
bbs: is a router for SOCKS and HTTP proxies
https://github.com/synacktiv/bbs
NotEnough: This tool calculates tricky canonical huffman histogram for CVE-2023-4863
https://github.com/caoweiquan322/NotEnough
Some tips to earn your first bounty to find XSS,Blind-XSS,SQLI,SSRF,LFI,LOG4J using some handy automation tools
Alra3ees/some-tips-to-earn-your-first-bounty-find-xss-blind-xss-sqli-ssrf-lfi-log4j-using-some-handy-tools-2ae31afeae1a" rel="nofollow">https://medium.com/@Alra3ees/some-tips-to-earn-your-first-bounty-find-xss-blind-xss-sqli-ssrf-lfi-log4j-using-some-handy-tools-2ae31afeae1a
A simple PoC of injection shellcode into a remote process and get the output using namepipe
https://github.com/MaorSabag/interactive-execute-shellcode
Winton: Yet another C2 framework written in Golang
https://github.com/gatariee/Winton
AutoRecon: is a multi-threaded network reconnaissance tool which performs automated enumeration of services
https://github.com/Tib3rius/AutoRecon
DataBouncing: is a technique for transmitting data between two endpoints using DNS lookups and HTTP header manipulation
https://github.com/Unit-259/DataBouncing
LocklessBof: enumerate open file handles and facilitate the fileless download of locked files
https://github.com/antroguy/LocklessBof
Shadow-Pulse: information about ransomware groups (Ransomware Analysis Notes)
https://github.com/StrangerealIntel/Shadow-Pulse/
Leveraging Microsoft Protection Logging for Forensic Investigations
https://www.crowdstrike.com/blog/how-to-use-microsoft-protection-logging-for-forensic-investigations
This repository implements Threadless Injection in C
https://github.com/lsecqt/ThreadlessInject-C
AuthLogParser: is a powerful DFIR tool designed specifically for analyzing Linux authentication logs, commonly known as auth.log
https://github.com/YosfanEilay/AuthLogParser
smtpsmug: Script to help analyze mail servers for SMTP Smuggling vulnerabilities.
https://github.com/hannob/smtpsmug
Just another C2 Redirector using CloudFlare
https://github.com/som3canadian/Cloudflare-Redirector
Understanding The Workings of Russian Hacker "Wazawaka"
https://25491742.fs1.hubspotusercontent-eu1.net/hubfs/25491742/WAZAWAKA_TLPCLEAR_Report.pd
Android Banking Trojan Chameleon is Back in Action
https://www.threatfabric.com/blogs/android-banking-trojan-chameleon-is-back-in-action
npm search RCE? - Escape Sequence Injection
https://blog.solidsnail.com/posts/npm-esc-seq
Useful tools for searching for WebCams, Information Channels and public access Wifi for the collection of information useful for analysis activities
https://github.com/CScorza/OSINTSurveillance
Mute the Sound: Chaining Vulnerabilities to Achieve RCE on Outlook:
Part 1 ○● Part 2
AtlasLdr: Reflective x64 loader implemented using dynamic indirect syscalls
https://github.com/Krypteria/AtlasLdr
whats-spoofing: Whatsapp Exploit to spoofing impersonate of reply message
https://github.com/lichti/whats-spoofing
SingleDose: Generate Shellcode Loaders & Injects
https://github.com/Wra7h/SingleDose
Chimera: Automated DLL Sideloading Tool With EDR Evasion Capabilities
https://github.com/georgesotiriadis/Chimera
Slip: is a CLI tool to create malicious archive files containing path traversal payloads. It supports zip, tar, 7z, jar, war, apk and ipa archives
https://github.com/0xless/slip
Anti Virus Evading Payloads
https://github.com/RoseSecurity/Anti-Virus-Evading-Payloads
OilRig’s persistent attacks using cloud service-powered downloaders
https://www.welivesecurity.com/en/eset-research/oilrig-persistent-attacks-cloud-service-powered-downloaders
Toward Ending the Domain Wars: Early Detection of Malicious Stockpiled Domains
https://unit42.paloaltonetworks.com/detecting-malicious-stockpiled-domains
TeamCity Intrusion Saga: APT29 Suspected Among the Attackers Exploiting CVE-2023-42793
https://www.fortinet.com/blog/threat-research/teamcity-intrusion-saga-apt29-suspected-exploiting-cve-2023-42793
