hacker_trick | Unsorted

Telegram-канал hacker_trick - Real profit

2921

Just invest your time

Subscribe to a channel

Real profit

A Detailed Guide on Pwncat
https://www.hackingarticles.in/a-detailed-guide-on-pwncat

Читать полностью…

Real profit

Bypass Paywalls Clean for Firefox
https://github.com/bpc-clone/bypass-paywalls-firefox-clean
Bypass Paywalls Clean for Chrome
https://github.com/bpc-clone/bypass-paywalls-chrome-clean

Читать полностью…

Real profit

A series of methods used to detect kernel shellcode for tencent game safe race 2024
https://github.com/rogxo/search

Читать полностью…

Real profit

New Backdoor, MadMxShell
https://www.zscaler.com/blogs/security-research/malvertising-campaign-targeting-it-teams-madmxshell
Analysis of Pupy RAT Used in Attacks Against Linux Systems
https://asec.ahnlab.com/en/64258

Читать полностью…

Real profit

etw hook (syscall/infinity hook) compatible with the latest Windows version of PG
https://github.com/Oxygen1a1/etw_hook_latest

Читать полностью…

Real profit

KExecDD:
Admin to Kernel code execution using the KSecDD driver
https://github.com/floesen/KExecDD

Читать полностью…

Real profit

PasteBomb C2-less RAT: is a simple, yet powerful, remote administration Trojan (RAT) that allows you to execute terminal commands, send (D)DoS attacks, download files, and open messages in your victim's browser
https://github.com/marco-liberale/PasteBomb

Читать полностью…

Real profit

pyMetaTwin: Copy metadata and digital signatures information from one Windows executable to another using Wine on a non-Windows platform
https://github.com/Cerbersec/pyMetaTwin

Читать полностью…

Real profit

Element Android CVE-2024-26131, CVE-2024-26132 - Never Take Intents From Strangers
https://www.shielder.com/blog/2024/04/element-android-cve-2024-26131-cve-2024-26132-never-take-intents-from-strangers

Читать полностью…

Real profit

Chaining N-days to Compromise All:
Part 4 — VMware Workstation Information leakage
https://blog.theori.io/chaining-n-days-to-compromise-all-part-4-vmware-workstation-information-leakage-44476b05d410

Читать полностью…

Real profit

I Found An IDOR Flaw where users' attached pictures and documents were leaked
Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f" rel="nofollow">https://medium.com/@Ajakcybersecurity/i-found-an-idor-flaw-where-users-attached-pictures-and-documents-were-leaked-961d564ce72f

Читать полностью…

Real profit

LetMeowIn: LSASS dumper using C++ and MASM x64
https://github.com/Meowmycks/LetMeowIn

Читать полностью…

Real profit

HTB CTF: Cracking Passwords with Hashcat
https://infosecwriteups.com/htb-ctf-cracking-passwords-with-hashcat-6a932514e5c8

Читать полностью…

Real profit

DceRPC-OS-Info: Golang implements obtaining Windows remote host information through dcerpc and ntlmssp
https://github.com/W01fh4cker/DceRPC-OS-Info

Читать полностью…

Real profit

Story of a strange IDOR without ID
https://m7arm4n.medium.com/story-of-a-strange-idor-without-id-6735fd3dcd27

Читать полностью…

Real profit

How I Prevented a Mass Data Breach - $15,000 bounty
https://bxmbn.medium.com/how-i-prevented-a-mass-data-breach-15-000-bounty-bxmbn-1096e6400e3d
How Did I Easily Find Stored XSS at Apple And Earn $5000 ?
xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2" rel="nofollow">https://medium.com/@xrypt0/how-did-i-easily-find-stored-xss-at-apple-and-earn-5000-3aadbae054b2

Читать полностью…

Real profit

HackerToolkit offers a curated selection of tools designed to enhance your hacking capabilities. This repository not only organizes these tools but provides information about them. Easily install all of them with one script
https://github.com/ChrisJr404/HackerToolkit

Читать полностью…

Real profit

BlackHat ASIA 2024 Slides
https://github.com/onhexgroup/Conferences/tree/main/BlackHat%20ASIA%202024-Slides

Читать полностью…

Real profit

Backdooring Dotnet Applications
https://starkeblog.com/backdooring/dotnet/2024/04/19/backdooring-dotnet-applications

Читать полностью…

Real profit

PoC for CVE-2024-20356:
A Command Injection vulnerability in Cisco's CIMC
https://github.com/nettitude/CVE-2024-20356

Читать полностью…

Real profit

MagicDot: A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue
https://github.com/SafeBreach-Labs/MagicDot

Читать полностью…

Real profit

CelestialSpark: A modern 64-bit position independent meterpreter and Sliver compatible reverse_TCP Staging Shellcode based on Cracked5piders Stardust
https://github.com/Karkas66/CelestialSpark

Читать полностью…

Real profit

Fake Dialog Boxes to Make Malware More Convincing
https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/fake-dialog-boxes-to-make-malware-more-convincing

Читать полностью…

Real profit

CVE-2024-20697: Windows Libarchive RCE Vulnerability
https://www.zerodayinitiative.com/blog/2024/4/17/cve-2024-20697-windows-libarchive-remote-code-execution-vulnerability

Читать полностью…

Real profit

The Windows Registry Adventure
1: Introduction and research results
https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-1.html
2: A brief history of the feature
https://googleprojectzero.blogspot.com/2024/04/the-windows-registry-adventure-2.html

Читать полностью…

Real profit

CVE-2024-2448: Authenticated Command Injection In Progress Kemp LoadMaster
https://rhinosecuritylabs.com/research/cve-2024-2448-kemp-loadmaster

Читать полностью…

Real profit

IronSharpPack: is a repo of popular C# projects that have been embedded into IronPython scripts that execute an AMSI bypass and then reflective load the C# project
https://github.com/BC-SECURITY/IronSharpPack

Читать полностью…

Real profit

CVE-2024-21338: Local Privilege Escalation from Admin to Kernel vulnerability on Windows 10 and Windows 11 operating systems with HVCI enabled
https://github.com/hakaioffsec/CVE-2024-21338

Читать полностью…

Real profit

Using the LockBit builder to generate targeted ransomware
https://securelist.com/lockbit-3-0-based-custom-targeted-ransomware

Читать полностью…

Real profit

How I got JS Execution (DOM XSS) Via CSTI
amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963" rel="nofollow">https://medium.com/@amrkadry7/how-i-got-js-execution-dom-xss-via-csti-58a4171c2963

Читать полностью…
Subscribe to a channel