Attacking PowerShell CLIXML Deserialization
https://www.truesec.com/hub/blog/attacking-powershell-clixml-deserialization
This repository aims to help you mastering NetExec for your next pentest engagement by allowing you to build the workshop of your choice and experiment with it
https://github.com/Pennyw0rth/NetExec-Lab
From Amos to Poseidon | A SOC Team’s Guide to Detecting macOS Atomic Stealers 2024
https://www.sentinelone.com/blog/from-amos-to-poseidon-a-soc-teams-guide-to-detecting-macos-atomic-stealers-2024
The Art of Exploiting Active Directory from Linux
https://gatari.dev/posts/the-art-of-exploiting-ad-from-linux
This repository is a compilation of all APT simulations that target many vital sectors,both private and governmental. The simulation includes written tools, C2 servers, backdoors, exploitation techniques, stagers, bootloaders, and many other tools that attackers might have used in actual attacks. These tools and TTPs are simulated here
https://github.com/S3N4T0R-0X0/APT-Attack-Simulation
dynamic HTTP/s Payload Stager that automates updating decryption variables, saving time and effort in managing shellcode loaders
https://github.com/WafflesExploits/Dynamic-HTTP-Payload-Stager
Passworld is a fully customizable wordlist generator
https://github.com/SilvestriF3/Passworld
Phishing with a fake reCAPTCHA
https://github.com/JohnHammond/recaptcha-phish
Python3 rewrite of AsOutsider features of AADInternals
https://github.com/synacktiv/AADOutsider-py
NtDumpBOF: BOF port of the tool NativeDump
https://github.com/deh00ni/NtDumpBOF
This BOF can be used to identify processes that hold handles to a given file. This can be useful to identify which process is locking a file on disk
https://github.com/Octoberfest7/enumhandles_BOF
EchoStrike is a tool designed to generate undetectable reverse shells and perform process injection on Windows systems
https://github.com/stivenhacker/EchoStrike
A bunch of scripts to reduce friction when pentesting Active Directory from Linux
https://github.com/dadevel/impacket-zsh-integration
Windows AppLocker Driver LPE – CVE-2024-21338
https://www.crowdfense.com/windows-applocker-driver-lpe-vulnerability-cve-2024-21338
DeadPotato: is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges
https://github.com/lypd0/DeadPotato
Bear C2 is a compilation of C2 scripts, payloads, and stagers used in simulated attacks by Russian APT groups, Bear features a variety of encryption methods, including AES, XOR, DES, TLS, RC4, RSA and ChaCha to secure communication between the payload and the operator machine
https://github.com/S3N4T0R-0X0/BEAR
Windows Hyper-V Elevation of Privilege Vulnerability
https://github.com/pwndorei/CVE-2024-38127
Exploit for Veeam backup and Replication Pre-Auth Deserialization CVE-2024-40711
https://github.com/watchtowrlabs/CVE-2024-40711
Acquiring Malicious Browser Extension Samples on a Shoestring Budget
https://pberba.github.io/crypto/2024/09/14/malicious-browser-extension-genesis-market
ScriptBlock Smuggling
https://dfir.ch/posts/scriptblock_smuggling
XSSpector: A powerful tool for detecting XSS vulnerabilities in web apps. Advanced detection, customizable payloads, proxy support, and cookie management
https://github.com/Vigrahak/XSSpector
Just a simple silly PoC demonstrating executable "exe" file that can be used like exe, dll or shellcode
https://github.com/Dump-GUY/EXE-or-DLL-or-ShellCode
Loading BOF & ShellCode without executable permission
https://github.com/HackerCalico/No_X_BOF-ShellCode
Elevate Your Skills - From COM object fundamentals to UAC bypasses
Читать полностью…
Analyse MSI files for vulnerabilities
https://github.com/CICADA8-Research/MyMSIAnalyzer
This project steals important data from all chromium and gecko browsers installed in the system and gather the data in a stealer db to be exfiltrated out
https://github.com/shaddy43/BrowserSnatch
Infiltrax is a post-exploitation reconnaissance tool for penetration testers and red teams, designed to capture screenshots, retrieve clipboard contents, log keystrokes, and install AnyDesk for persistent remote access
https://github.com/alexdhital/Infiltrax
Dump Kerberos tickets from the KCM database of SSSD
https://github.com/synacktiv/kcmdump
Car Hacking: The ultimate guide! — Part II
redfanatic7/car-hacking-the-ultimate-guide-part-ii-445fe022a07c" rel="nofollow">https://medium.com/@redfanatic7/car-hacking-the-ultimate-guide-part-ii-445fe022a07c
Teaching the Old .NET Remoting New Exploitation Tricks
https://code-white.com/blog/teaching-the-old-net-remoting-new-exploitation-tricks
Create your own custom implant
https://www.ribbiting-sec.info/posts/2024-07-31_implant
