PoC for CVE-2024-40348 Bazaar v1.4.3 and prior
Will attempt to read /etc/passwd from target
https://github.com/bigb0x/CVE-2024-40348
JScripter: is a Python script designed to scrape and save unique JavaScript files from a list of URLs or a single URL
https://github.com/ifconfig-me/JScripter
How Almost Sacrificing a University Group Project led to a Microsoft Bug Bounty
pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006" rel="nofollow">https://medium.com/@pyrus369/how-almost-sacrificing-a-university-group-project-led-to-a-microsoft-bug-bounty-9801e0f8f006
Blocks EDR Telemetry by performing Person-in-the-Middle attack where network filtering is applied using iptables
https://github.com/TierZeroSecurity/edr_blocker
SessionExec allows you to execute specified commands in other Sessions on Windows Systems, either targeting a specific session ID or All sessions, with the option to suppress command output
https://github.com/Leo4j/SessionExec
View State, The unpatchable IIS forever day being actively exploited
https://zeroed.tech/blog/viewstate-the-unpatchable-iis-forever-day-being-actively-exploited
JNDI Injection Remote Code Execution via Path Manipulation in MemoryUserDatabaseFactory
https://srcincite.io/blog/2024/07/21/jndi-injection-rce-via-path-manipulation-in-memoryuserdatabasefactory
BenignHunter: is a simple tool to try and identify which native api's are deemed benign by EDRs and are therefore not hooked
https://github.com/Allevon412/BenignHunter
Forensic Investigation Operations — Windows Base I
brsdncr/forensic-investigation-operations-windows-base-i-ca28d9982729" rel="nofollow">https://medium.com/@brsdncr/forensic-investigation-operations-windows-base-i-ca28d9982729
CVE-2024-40725 and CVE-2024-40898, affecting Apache HTTP Server versions 2.4.0 through 2.4.61
https://github.com/TAM-K592/CVE-2024-40725-CVE-2024-40898
Announcing Pwn2Own Ireland – Bringing Pwn2Own (and WhatsApp) to the Emerald Isle
https://www.zerodayinitiative.com/blog/2024/7/16/announcing-pwn2own-ireland-2024
The Return of Ghost Emperor’s Demodex
https://www.sygnia.co/blog/ghost-emperor-demodex-rootkit
Windows Installer, exploiting Common Actions
https://blog.doyensec.com/2024/07/18/custom-actions.html
Advanced SQL Injection Techniques
https://github.com/ifconfig-me/SQL_Injection-Techniques
List of Directory Traversal/LFI Payloads
https://github.com/ifconfig-me/Directory-Traversal-Payloads
SOC Home Lab
dyavanapellisujal7/soc-home-lab-part-1-6309b5b91118">Part 1 ○● dyavanapellisujal7/soc-home-lab-part-2-2a0e1f3cdca6">Part 2 ○● dyavanapellisujal7/soc-home-lab-part-3-8832e8325e80">Part 3
WhatsApp trick: Android malware can impersonate PDF file
https://www.mobile-hacker.com/2024/07/23/whatsapp-trick-android-malware-can-impersonate-pdf-file
Goffloader: A pure Go implementation of an in-memory COFFLoader (and PE loader)
https://github.com/praetorian-inc/goffloader
Cursed tapes: Exploiting the EvilVideo vulnerability on Telegram for Android
https://www.welivesecurity.com/en/eset-research/cursed-tapes-exploiting-evilvideo-vulnerability-telegram-android
3 ways to get Remote Code Execution in Kafka UI
https://github.blog/2024-07-22-3-ways-to-get-remote-code-execution-in-kafka-ui
The Security Principle Every Attacker Needs to Follow
https://posts.specterops.io/the-security-principle-every-attacker-needs-to-follow-905cc94ddfc6
Wyvern is a kernel driver designed to facilitate the transmission and reception of memory from any process via the computer's kernel
https://github.com/SnyakoCode/wyvernkernel
Lsass Dump using MiniDump Method and Direct Syscall Technique
https://github.com/CyberSecurityUP/LsassDumpSyscall
ZeroHVCI accomplishes arbitrary kernel read/writes/function calling in Hypervisor-Protected Code Integrity (HVCI) protected environments calling without admin permissions or kernel drivers
https://github.com/zer0condition/ZeroHVCI
Electron JS ASAR Integrity Bypass
https://blog.souravkalal.tech/electron-js-asar-integrity-bypass-431ac4269ed5
HotPage: Story of a signed, vulnerable, ad-injecting driver
https://www.welivesecurity.com/en/eset-research/hotpage-story-signed-vulnerable-ad-injecting-driver
Container Breakouts: Escape Techniques in Cloud Environments
https://unit42.paloaltonetworks.com/container-escape-techniques
PoC for CVE-2023-20872 VMware Escape
https://github.com/ze0r/vmware-escape-CVE-2023-20872-poc