hacker_trick | Unsorted

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Subscribe to a channel

Hacker tricks

Threat Brief: Operation MidnightEclipse, Post-Exploitation Activity Related to CVE-2024-3400
https://unit42.paloaltonetworks.com/cve-2024-3400

Читать полностью…

Hacker tricks

HSC24RedTeamInfra:
Slides and Codes used for the workshop Red Team Infrastructure Automation
https://github.com/dazzyddos/HSC24RedTeamInfra

Читать полностью…

Hacker tricks

certReport: A tool to support the reporting of Authenticode Certificates by reducing the effort on individuals to report
https://github.com/Squiblydoo/certReport

Читать полностью…

Hacker tricks

XSS Bypass Filters
https://github.com/Edr4/XSS-Bypass-Filters

Читать полностью…

Hacker tricks

CreateRCE — Yet Another Vulnerability in CreateUri [Zero click RCE in Outlook]
https://www.akamai.com/blog/security-research/2024/apr/critical-vulnerability-create-uri-remote-code-execution

Читать полностью…

Hacker tricks

CVE-2024-3400: PAN-OS Firewall Exploit Script
https://github.com/DrewskyDev/CVE-2024-3400

Читать полностью…

Hacker tricks

gelion bypass: is a tool designed to bypass the authentication system of "keyauth" whilst also dumping
https://github.com/byte2mov/gelion-bypass

Читать полностью…

Hacker tricks

DLL code for testing CVE-2024-21378 in MS Outlook
https://gist.github.com/Homer28/7f3559ff993e2598d0ceefbaece1f97f
Exploit for 6.4 - 6.5 kernels and another exploit for 5.15 - 6.5
https://github.com/YuriiCrimson/ExploitGSM/

Читать полностью…

Hacker tricks

Havoc C2 Framework – A Defensive Operator’s Guide
https://www.immersivelabs.com/blog/havoc-c2-framework-a-defensive-operators-guide

Читать полностью…

Hacker tricks

Magic Bytes in Cybersecurity
Hackhoven/magic-bytes-in-cybersecurity-05e997a2c22e" rel="nofollow">https://medium.com/@Hackhoven/magic-bytes-in-cybersecurity-05e997a2c22e

Читать полностью…

Hacker tricks

eJPT v2 Exam Review: Cracking the eLearnSecurity’s Junior Penetration Tester Certification
vimukthiwishvajith/ejpt-v2-exam-review-cracking-the-elearnsecuritys-junior-penetration-tester-certification-a24f3b962541" rel="nofollow">https://medium.com/@vimukthiwishvajith/ejpt-v2-exam-review-cracking-the-elearnsecuritys-junior-penetration-tester-certification-a24f3b962541

Читать полностью…

Hacker tricks

Exploit CVE-2023-36047 Windows Authentication EoP
https://github.com/Wh04m1001/UserManagerEoP

Читать полностью…

Hacker tricks

Reverse Tunnels in Go over HTTP/3 and QUIC
https://github.com/flipt-io/reverst

Читать полностью…

Hacker tricks

CVE-2024-2887: Type Confusion in WebAssembly
https://docs.google.com/document/d/e/2PACX-1vTwx4dFVn8RpuTZVfp10C96Ioto0_zaRCl769CCx5eJXYNe967-_r44qixJA1H9Fr38biynxR22g7u9/pub

Читать полностью…

Hacker tricks

CVE-2024-31345: WordPress Auto Poster plugin <= 1.2 - Arbitrary File Upload vulnerability
https://github.com/Chokopikkk/CVE-2024-31345_exploit

Читать полностью…

Hacker tricks

CVE-2024-26817: Potential Integer Overflow Leading To Heap Overflow in AMD KFD
https://github.com/MaherAzzouzi/CVE-2024-26817-amdkfd

Читать полностью…

Hacker tricks

WAREED-DNS-C2: is a Command and Control (C2) that utilizes the DNS protocol for secure communications between the server and the target
https://github.com/Faisal-P27/WAREED-DNS-C2

Читать полностью…

Hacker tricks

A collection of awesome one-liners for bug bounty hunting
https://github.com/0xPugal/One-Liners

Читать полностью…

Hacker tricks

A trick, the story of exploiting CVE-2024-26230 - Windows EoP - bypassing XFG
https://whereisk0shl.top/post/a-trick-the-story-of-cve-2024-26230

Читать полностью…

Hacker tricks

CVE-2024-20670 Report
"New Outlook" NTLM Leak and File Execution
https://mpizzicaroli.github.io/missfile

Читать полностью…

Hacker tricks

obfus.h: is a macro-only library for compile-time obfuscating C applications, designed specifically for the Tiny C (tcc).
It is tailored for Windows x86 and x64 platforms and supports all versions of the compiler
https://github.com/DosX-dev/obfus.h

Читать полностью…

Hacker tricks

GhostInjector: proof of concept dll injector which injects without a process handle, and with a thread handle instead
https://github.com/li4321/GhostInjector

Читать полностью…

Hacker tricks

Wordpress Penetration Testing
https://www.hackingdream.net/2024/04/wordpress-penetration-testing.html

Читать полностью…

Hacker tricks

Voipire: scans and exploits the RTP bleed vulnerability
https://github.com/CR-DMcDonald/voipire

Читать полностью…

Hacker tricks

Cracking WiFi Passwords with Aircrack-ng
Sreeraj_K/cracking-wifi-passwords-with-aircrack-ng-b5a1db4caf32" rel="nofollow">https://medium.com/@Sreeraj_K/cracking-wifi-passwords-with-aircrack-ng-b5a1db4caf32

Читать полностью…

Hacker tricks

Chaining N-days to Compromise All: Part 3 — Windows Driver LPE
https://blog.theori.io/chaining-n-days-to-compromise-all-part-3-windows-driver-lpe-medium-to-system-12f7821d97bb

Читать полностью…

Hacker tricks

manual map unsigned driver over signed memory
https://github.com/0mWindyBug/GhostMapperUM

Читать полностью…

Hacker tricks

What're you telling me, Ghidra?
https://byte.how/posts/what-are-you-telling-me-ghidra

Читать полностью…

Hacker tricks

Technical Advisory – Ollama DNS Rebinding Attack (CVE-2024-28224)
https://research.nccgroup.com/2024/04/08/technical-advisory-ollama-dns-rebinding-attack-cve-2024-28224

Читать полностью…

Hacker tricks

Zero-E: Automates the entire network enumeration process in a fire-and-forget manner, among many more functions. Zero effort, zero error network enumeration
https://github.com/Inscyght/Zero-E

Читать полностью…
Subscribe to a channel