Author: admin

Link Dump 12/9/19

Posted on By admin
Uncategorized

Tools: Simple tool to create HTA with Evading AV CORS Misconfiguration Scanner. Metasploit Shellcode Grows Up: Encrypted and Authenticated C Shells harismuneer/Ultimate-Facebook-Scraper Invoke-Procdump.ps1 SkelSec/pypykatz 0.3.0 released rogerorr/DllSurrogate-dll to call x32com from x64 binaries phackt/stager.dll- metasploit shellcode detection evasion ANDRAX v4 DragonFly – Penetration Testing on Android request smugglerfacebookincubator/WEASEL- DNS covert channel implantCobalt Strike 4.0 ReleasedmacOS … Read More “Link Dump 12/9/19” »

Link Dump 11/21/19

Posted on By admin
Uncategorized

Tools: https://github.com/byt3bl33d3r/WitnessMe https://github.com/NotSoSecure/cloud-service-enum https://github.com/theMiddleBlue/CVE-2019-11043 https://github.com/cobbr/Covenant https://github.com/n1xbyte/donutCS https://sqlectron.github.io/ https://github.com/sansatart/scrapts/blob/master/shodan-favicon-hashes.csv https://gitlab.com/initstring/evil-ssdp https://github.com/nyxgeek/ntlmscan https://twitter.com/cry__pto/status/1190045825914802176 https://github.com/3gstudent/Homework-of-C-Language/blob/master/Install_.Net_Framework_from_the_command_line.cpp https://github.com/initstring/uptux https://github.com/b4rtik/RedPeanut https://github.com/rvazarkar/SharpHound3 https://github.com/Binject/go-donut https://github.com/infosecn1nja/MaliciousMacroMSBuild https://gist.github.com/TarlogicSecurity/2f221924fef8c14a1d8e29f3cb5c5c4a https://shenaniganslabs.io/2019/11/12/Ghost-Potato.html https://github.com/0x09AL/RdpThief https://github.com/Mr-Un1k0d3r/SCShell https://labs.nettitude.com/blog/introducing-sharpsocks-v2-0/ https://github.com/FuzzySecurity/Sharp-Suite#remoteviewing https://github.com/liamg/pax https://github.com/skelsec/jackdaw Reading: https://twitter.com/Alra3ees/status/1192246345341513729 https://www.mdsec.co.uk/2019/11/rdpthief-extracting-clear-text-credentials-from-remote-desktop-clients/ C2 Comparisons https://twitter.com/OSINTtechniques/status/1197102283869376513 http://powerofcommunity.net/poc2019/Qian.pdf https://www.nccgroup.trust/uk/about-us/newsroom-and-events/blogs/2019/november/cve-2019-1405-and-cve-2019-1322-elevation-to-system-via-the-upnp-device-host-service-and-the-update-orchestrator-service/ https://medium.com/@c2defense/man-in-the-network-network-devices-are-endpoints-too-d5bd4a279e37 https://leucosite.com/Edge-Local-File-Disclosure-and-EoP/ https://posts.specterops.io/cve-2019-12757-local-privilege-escalation-in-symantec-endpoint-protection-1f7fd5c859c6 https://www.embercybersecurity.com/blog/cve-2019-1378-exploiting-an-access-control-privilege-escalation-vulnerability-in-windows-10-update-assistant-wua http://tpm.fail/ https://limitedresults.com/2019/11/pwn-the-esp32-forever-flash-encryption-and-sec-boot-keys-extraction/ https://www.bleepingcomputer.com/news/security/magento-urges-users-to-apply-security-update-for-rce-bug/ https://medium.com/@d.bougioukas/red-team-diary-entry-2-stealthily-backdooring-cms-through-redis-memory-space-5813c62f8add https://medium.com/@two06/amsi-as-a-service-automating-av-evasion-2e2f54397ff9https://googleprojectzero.blogspot.com/2019/11/bad-binder-android-in-wild-exploit.html Breaches: https://threatpost.com/hackers-dump-2-2m-gaming-cryptocurrency-passwords-online/150451/ https://headleaks.com/2019/11/21/millions-of-sites-using-jetpack-wordpress-plugin-exposed-by-a-security-vulnerability-Q1VaTHc4VUhUazZGeWcyWDgxL2dYQT09 https://www.helpnetsecurity.com/2019/11/20/confidential-medical-images/ https://gizmodo.com/7-5-million-adobe-accounts-exposed-by-security-blunder-1839364598 https://www.bleepingcomputer.com/news/security/macys-customer-payment-info-stolen-in-magecart-data-breach/https://pastebin.com/8rXhtqgr +20 new dumps added to our database

Link Dump 10/12/19

Posted on By admin
Uncategorized

https://github.com/h43z/dns-rebinding-tool/ http://intx0x80.blogspot.com/2019/10/JWT.html https://twitter.com/kaluche_/status/1181834267204210688 https://github.com/Hackplayers/Salsa-tools https://github.com/AlmondOffSec/PoCs/tree/master/Windows_wermgr_eop https://github.com/HunnicCyber/SharpSniper https://github.com/3gstudent/GadgetToJScript https://github.com/ZeroPointSecurity/GoldenTicket https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce https://github.com/bugbounty-site/exploits/tree/master/CVE-2019-14994 Reading https://xz.aliyun.com/t/6498 https://thewover.github.io/Bear-Claw/ https://blog.hunniccyber.com/phishing-with-netlify/ https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/ https://silentbreaksecurity.com/cve-2019-10617/ https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/ https://jailbreak.fce365.info/Thread-It-s-possible-once-again-to-bypass-iCloud-by-using-a-CFW-with-the-CheckM8-Exploit?pid=1151#pid1151 https://offsec.almond.consulting/windows-error-reporting-arbitrary-file-move-eop.html https://ssd-disclosure.com/archives/4033/ssd-advisory-openssh-pre-auth-xmss-integer-overflow https://safebreach.com/Post/HP-Touchpoint-Analytics-DLL-Search-Order-Hijacking-Potential-Abuses-CVE-2019-6333

Link Dump 10/2

Posted on By admin
Uncategorized

Tools: HRShell –  Flask HTTP/HTTPS Reverse Shell/C2 Evil WinRM + Donut-Loader USB Armory MKII PyPyKatz-WASM – Parse lsass dumps in the cloud https://shell.now.sh/ SMB2 snapshots with Impacket SMBClient Python API wrapper for spyse.com tools SharpDoor – termsrv.dll multiRDP patcher Reading: https://thehackernews.com/2019/09/windows-fileless-malware-attack.html https://posts.specterops.io/understanding-and-defending-against-access-token-theft-finding-alternatives-to-winlogon-exe-80696c8a73b https://www.praetorian.com/blog/running-a-net-assembly-in-memory-with-meterpreter