Persistence – Disk Clean-up
https://pentestlab.blog/2024/01/29/persistence-disk-clean-up
Ultra-Sophisticated 0day APT SuperMalware Proxy EXE
https://gist.github.com/DanielGibson/f4ea4d46fc279d64a2d35a326e7a1a88
MyDumbEDR: This repo contains all the necessary files to run the MyDumbEDR and try to bypass
https://github.com/sensepost/mydumbedr
Proof-of-concept code for the Android APEX key reuse vulnerability described in https://rtx.meta.security/exploitation/2024/01/30/Android-vendors-APEX-test-keys
Читать полностью…Automated Multi UAC bypass
for win10|win11|ws2019|ws2022
https://github.com/x0xr00t/Automated-MUlti-UAC-Bypass
Trigona Ransomware in 3 Hours
https://thedfirreport.com/2024/01/29/buzzing-on-christmas-eve-trigona-ransomware-in-3-hours
Enumerate SSN (System Service Numbers or Syscall ID) and syscall instruction address in ntdll module by parsing the PEB of the current process
https://github.com/ProcessusT/EnumSSN
ExecIT: DLL Shellcode self-inyector/runner based on HWSyscalls, ideally thought to be executed with rundll32
https://github.com/florylsk/ExecIT
Top-GPTs: Run popular GPTs without the need for ChatGPT Plus subscription
https://github.com/Anil-matcha/Top-GPTs
SOAPHound: is a .NET data collector tool, which collects Active Directory data via the Active Directory Web Services (ADWS) protocol.
SOAPHound is able to extract the same information without directly communicating to the LDAP server
https://github.com/FalconForceTeam/SOAPHound
ADCS Attack Paths in BloodHound — Part 1
https://posts.specterops.io/adcs-attack-paths-in-bloodhound-part-1-799f3d3b03cf
Rust for Cyber Security and Red Teaming
https://infosecwriteups.com/rust-for-cyber-security-and-red-teaming-275595d3fdec
Frameless BITB: A new approach to Browser In The Browser (BITB) without the use of iframes, allowing the bypass of traditional framebusters implemented by login pages like Microsoft and the use with Evilginx
https://github.com/waelmas/frameless-bitb
EventLogCrasher: PoC for a bug, that allows any user to crash the Windows Event Log service of any other Windows 10/Windows Server 2022 machine on the same domain
https://github.com/floesen/EventLogCrasher
Jumpserver Preauth RCE Exploit Chain
https://sites.google.com/site/zhiniangpeng/blogs/Jumpserver
ThievingFox: is a collection of post-exploitation tools to gather credentials from various password managers and windows utilities
https://github.com/Slowerzs/ThievingFox
A direct improvement to remote TLS Injection
https://github.com/Uri3n/Advanced-TLS-Injection
BOFHound: Session Integration
https://posts.specterops.io/bofhound-session-integration-7b88b6f18423
Spoofing 802.11 Wireless Beacon Management Frames with Manipulated Power Values Resulting in Denial of Service for Wireless Clients
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/spoofing-802-11-wireless-beacon-management-frames-with-manipulated-power-values-resulting-in-denial-of-service-for-wireless-clients
Write XLL Dropper in c++ , a red teams most used dropper , learn how to be like a red teams and APT groups by building your XLL Dropper
https://github.com/EvilGreys/XLL-DROPPER-
CsWhispers: Source generator to add D/Invoke and indirect syscall methods to a C# project
https://github.com/rasta-mouse/CsWhispers
Pwn2Own Automotive 2024 - Day Three Results
https://www.thezdi.com/blog/2024/1/25/pwn2own-automotive-2024-day-three-results
Jenkins CVE-2024-23897: Arbitrary File Read Vulnerability Leading to RCE
https://github.com/h4x0r-dz/CVE-2024-23897
SyscallMeMaybe: Implementation of Indirect Syscall technique to pop an innocent calc.exe
https://github.com/oldboy21/SyscallMeMaybe
Kasseika Ransomware Deploys BYOVD Attacks Abuses PsExec and Exploits Martini Driver
https://www.trendmicro.com/en_us/research/24/a/kasseika-ransomware-deploys-byovd-attacks-abuses-psexec-and-expl
Hiding payloads in Java source code strings
https://portswigger.net/research/hiding-payloads-in-java-source-code-strings
CVE-2024-0204 Authentication Bypass in GoAnywhere MFT
https://github.com/horizon3ai/CVE-2024-0204
CVE-2023-4863 Heap buffer overflow in Google libwebp (WebP)
https://github.com/LiveOverflow/webp-CVE-2023-4863
CVE-2023-22527 RCE using SSTI in Confluence
https://github.com/Vozec/CVE-2023-22527
1.6_C2: Using the Counter Strike 1.6 RCON protocol as a C2 Channel
https://github.com/eversinc33/1.6_C2