hacker_trick | Unsorted

Telegram-канал hacker_trick - Hacker tricks

3151

CVEs🔰 Tools🛠 RedTeam📕

Subscribe to a channel

Hacker tricks

Real World GitLab Account Take Over
red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835" rel="nofollow">https://medium.com/@red.whisperer/real-world-gitlab-account-take-over-b2e9896a1835

Читать полностью…

Hacker tricks

CFG in Windows 11 24H2
https://ynwarcs.github.io/Win11-24H2-CFG

Читать полностью…

Hacker tricks

ModuleSpoof: So recently I thought of a way to spoof the location of a DLL. By doing this you could hide important information from an attacker
https://github.com/Oliver-1-1/ModuleSpoof

Читать полностью…

Hacker tricks

Burp Suite Professional v2024.3.1.2 + BurpBounty_Pro 2.8.0 + JDK 22

pass: 311138

README (en+ru) inside, plz read it before run BS.

Happy Hacking! 🥳

Run with Java SE JDK 22

Читать полностью…

Hacker tricks

Detecting browser data theft using Windows Event Logs
https://security.googleblog.com/2024/04/detecting-browser-data-theft-using.html

Читать полностью…

Hacker tricks

PPPwn - PlayStation 4 PPPoE RCE
https://github.com/TheOfficialFloW/PPPwn
PoC for wordpress takeover in CVE-2024-27956
https://github.com/diego-tella/CVE-2024-27956-RCE

Читать полностью…

Hacker tricks

From IcedID to Dagon Locker Ransomware in 29 Days
https://thedfirreport.com/2024/04/29/from-icedid-to-dagon-locker-ransomware-in-29-days

Читать полностью…

Hacker tricks

Arbitrary 1-click Azure tenant takeover via MS application
https://falconforce.nl/arbitrary-1-click-azure-tenant-takeover-via-ms-application

Читать полностью…

Hacker tricks

Coffee: is a loader for ELF (Executable and Linkable Format) object files written in Rust. It provides a mechanism to load and parse ELF files similar to COFFLoader, but specifically designed for ELF files used in Unix-like systems
https://github.com/Sndav/coffee

Читать полностью…

Hacker tricks

Find This Easy CSRF in Every Website- A Sweet P4
Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47" rel="nofollow">https://medium.com/@Ajakcybersecurity/find-this-easy-csrf-in-every-website-a-sweet-p4-372a3198bf47

Читать полностью…

Hacker tricks

Horacius (IAM) - Local privilege escalation, even without a Windows account
https://blog.pridesec.com.br/en/horacius-unauthenticated-privilege-escalation

Читать полностью…

Hacker tricks

Embed A Malicious Executable in a Normal PDF or EXE
sam.rothlisberger/embed-a-malicious-executable-in-a-normal-pdf-or-exe-81ee5339707e" rel="nofollow">https://medium.com/@sam.rothlisberger/embed-a-malicious-executable-in-a-normal-pdf-or-exe-81ee5339707e

Читать полностью…

Hacker tricks

LSASS rings KsecDD ext. 0
Overview of the recent KexecDD exploit
https://tierzerosecurity.co.nz/2024/04/29/kexecdd.html

Читать полностью…

Hacker tricks

OSCP Prep: Introducing My Runbooks —RCE on Linux
Fanicia/oscp-prep-introducing-my-runbooks-rce-on-linux-44099b36aa34" rel="nofollow">https://medium.com/@Fanicia/oscp-prep-introducing-my-runbooks-rce-on-linux-44099b36aa34

Читать полностью…

Hacker tricks

PoC for CVE-2024-21345 Windows Kernel EoP
https://github.com/exploits-forsale/CVE-2024-21345

Читать полностью…

Hacker tricks

AMSI Write Raid 0day Bypass
https://www.offsec.com/offsec/amsi-write-raid-0day-vulnerability

Читать полностью…

Hacker tricks

SharpBruteForceSSH: This is a simple SSH brute force tool written in C#. It is designed to perform dictionary-based brute force attacks on SSH services
https://github.com/HernanRodriguez1/SharpBruteForceSSH

Читать полностью…

Hacker tricks

PartyLoader: Threadless shellcode injection tool
https://github.com/itaymigdal/PartyLoader

Читать полностью…

Hacker tricks

#Red_Team_Tactics
"Attacking Kubernetes with security best practices", v.1, April 2024.

Читать полностью…

Hacker tricks

Utilizing Discord as C2 Traffic Broker
https://lsecqt.github.io/Red-Teaming-Army/c2/utilizing-discord-as-c2-traffic-broker

Читать полностью…

Hacker tricks

NucleiScanner: is a Powerful Automation tool for detecting Unknown Vulnerabilities in the Web Applications
https://github.com/0xKayala/NucleiScanner

Читать полностью…

Hacker tricks

Relaying Kerberos Authentication from DCOM OXID Resolving
https://www.tiraniddo.dev/2024/04/relaying-kerberos-authentication-from.html

Читать полностью…

Hacker tricks

How an empty S3 bucket can make your AWS bill explode
maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1" rel="nofollow">https://medium.com/@maciej.pocwierz/how-an-empty-s3-bucket-can-make-your-aws-bill-explode-934a383cb8b1

Читать полностью…

Hacker tricks

Exploiting Vulnerabilities : The SLMail POP3 Buffer Overflow Threat
aloulouomar5/exploiting-vulnerabilities-the-slmail-pop3-buffer-overflow-threat-5cec8e5e6b10" rel="nofollow">https://medium.com/@aloulouomar5/exploiting-vulnerabilities-the-slmail-pop3-buffer-overflow-threat-5cec8e5e6b10

Читать полностью…

Hacker tricks

How LangChain and ChatGPT plugins are getting attacked by this bug
sreedeep200/how-langchain-and-chatgpt-plugins-are-getting-attacked-by-this-bug-9a47807b66a3" rel="nofollow">https://medium.com/@sreedeep200/how-langchain-and-chatgpt-plugins-are-getting-attacked-by-this-bug-9a47807b66a3

Читать полностью…

Hacker tricks

Telegram Web app XSS/Session Hijacking 1-click
pedbap/telegram-web-app-xss-session-hijacking-1-click-95acccdc8d90" rel="nofollow">https://medium.com/@pedbap/telegram-web-app-xss-session-hijacking-1-click-95acccdc8d90

Читать полностью…

Hacker tricks

Google Recaptcha Bypass less than 5 seconds
https://github.com/sarperavci/GoogleRecaptchaBypass

Читать полностью…

Hacker tricks

Automating API Vulnerability Testing Using Postman Workflows
https://haymiz.dev/security/2024/04/27/automating-apis-with-postman-workflows

Читать полностью…

Hacker tricks

Disk Group Privilege Escalation
https://www.hackingarticles.in/disk-group-privilege-escalation

Читать полностью…

Hacker tricks

AutoAppDomainHijack: Tools to automate finding AppDomain hijacks and generating payloads from shellcode
https://github.com/nbaertsch/AutoAppDomainHijack

Читать полностью…
Subscribe to a channel