MacOs Malware Dev
https://0xf00sec.github.io/2024/03/09/MacOs-X
OSX-Injection:
https://github.com/0xf00sec/OSX-Injection
IndicatorOfCanary: is a collection of PoCs from research on identifying canaries in various file formats
https://github.com/HackingLZ/IndicatorOfCanary
UAC-0050, Cracking The DaVinci Code
https://blog.bushidotoken.net/2024/03/tracking-adversaries-uac-0050-cracking.html
DefenderYara: Extracted Yara rules from Windows Defender mpavbase and mpasbase
https://github.com/roadwy/DefenderYara
Code injection on Android without ptrace
https://erfur.github.io/blog/dev/code-injection-without-ptrace
FuncAddressPro: demonstrates a sophisticated method of using an external assembly file to dynamically retrieve function addresses, serving as an advanced alternative to the standard GetProcAddress
https://github.com/WKL-Sec/FuncAddressPro
Cybersecurity threatscape: Q4 2023
https://www.ptsecurity.com/ww-en/analytics/cybersecurity-threatscape-2023-q4
Smishing with EvilGophish
https://fin3ss3g0d.net/index.php/2024/03/04/smishing-with-evilgophish
Persistence – Explorer
https://pentestlab.blog/2024/03/05/persistence-explorer
List of 39 Documented Windows Persistence Techniques
https://pentestlab.blog/methodologies/red-teaming/persistence
Reverse Engineering Protobuf Definitions From Compiled Binaries
https://arkadiyt.com/2024/03/03/reverse-engineering-protobuf-definitiions-from-compiled-binaries
How I Found Multiple XSS Vulnerabilities Using Unknown Techniques
https://infosecwriteups.com/how-i-found-multiple-xss-vulnerabilities-using-unknown-techniques-74f8e705ea0d
Trojan written in C++ for Windows
https://github.com/sergiLopez/Flanders-Trojan
ComPromptMized: Unleashing Zero-click Worms that Target GenAI-Powered Applications
https://github.com/StavC/ComPromptMized
Taking On A Hardened Windows System
https://assume-breach.medium.com/home-grown-red-team-taking-on-a-hardened-windows-system-f31796ad3fc2
sebel: is a Go package that provides functionality for checking SSL/TLS certificates against malicious connections, by identifying and blacklisting certificates used by botnet command and control (C&C) servers
https://github.com/teler-sh/sebel
pgAdmin (<=8.3) Path Traversal in Session Handling Leads to Unsafe Deserialization and Remote Code Execution (RCE)
https://www.shielder.com/advisories/pgadmin-path-traversal_leads_to_unsafe_deserialization_and_rce
ByassX: The Swiss army knife of evasion tool that bypasses AMSI, Applocker, and CLM mode simultaneously
https://github.com/vulnableone/BypassX
Data Exfiltration: Increasing Number of Tools Leveraged by Ransomware Attackers
https://symantec-enterprise-blogs.security.com/blogs/threat-intelligence/ransomware-data-exfiltration
P/Invoke definitions from the now offline pinvoke•net
https://github.com/ricardojoserf/p-invoke.net
The Gitbook: https://www.p-invoke.net
Hijacking & Spoofing Context Menu Options
https://mrd0x.com/sentinelone-persistence-via-menu-context
TA577’s Unusual Attack Chain Leads to NTLM Data Theft
https://www.proofpoint.com/us/blog/threat-insight/ta577s-unusual-attack-chain-leads-ntlm-data-theft
Network tunneling with… QEMU?
https://securelist.com/network-tunneling-with-qemu
Using form hijacking to bypass CSP
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
SharpThief: Steal a file's icon, resource information, version information, modification time, and digital signature with one click to reduce program entropy
https://github.com/INotGreen/SharpThief
How to Make Nmap Recognize New Services
https://shufflingbytes.com/posts/how-to-make-nmap-recognize-new-services
Exploit for CVE-2024-27198 - TeamCity Server
https://github.com/yoryio/CVE-2024-27198
CVE-2024-27198 and CVE-2024-27199: JetBrains TeamCity Multiple Authentication Bypass Vulnerabilities (FIXED)
https://www.rapid7.com/blog/post/2024/03/04/etr-cve-2024-27198-and-cve-2024-27199-jetbrains-teamcity-multiple-authentication-bypass-vulnerabilities-fixed
linjector-rs: Code injection on Android without ptrace
https://github.com/erfur/linjector-rs
Cyber-security-practice: ALL cyber-security-practice, include exploit loophole , web attack ,cryptographic, system explotation, developing tools and so on
https://github.com/Stander-by/Cyber-security-practice
F31:Tool for hiding Kali Linux on the network
https://github.com/casterbyte/F31
pmesh: is an all-in-one service manager, reverse proxy, and enterprise service bus. It is designed to be a simple and powerful all-in-one replacement for a wide variety of tools commonly deployed in web services
https://github.com/pme-sh/pmesh
