( sorry for the design, I'm just presenting useful information)
O.MG Cable
The O.MG Cable is a hand made USB cable with an advanced implant hidden inside. It is designed to allow your Red Team to emulate attack scenario
(https://shop.hak5.org/products/bash-bunny)
The groundbreaking payload platform that introduced multi-vector USB attacks has evolved.Pull off covert attacks or IT automation
IOS reverse engineering
https://www.reddit.com/r/jailbreak/comments/5zzgmo
Reverse engineering focusing on x64 Windows.
Windows LPE via StorSvc
redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team - redteam-research/LPE via StorSvc
PoC: https://github.com/blackarrowsec/redteam-research/tree/master/LPE via StorSvc
PetitPotam: Local Privilege Escalation
Now PetitPotato can elevate to SYSTEM on the latest windows.
Luxury Shield 12.8.9.0 - FUD Crypter ️
» Make your .exe undetectable (FUD) From all Anti-Virus «
Password : hack1ngt0ols
CVE-2022-25765 - PDFkit-CMD-Injection
exploit for VMware vRealize Log Insight
CVE-2023-0045
Bypassing Spectre-BTI User Space Mitigations on Linux
A POC for the new injection technique, abusing windows fork API to evade EDRs.
Weblogic-CVE-2023-21839
Sudo Killer
A tool for finding and exploiting various vulnerabilities that appeared as a result of errors in incorrectly configured files, sudo rule vulnerabilities, incorrectly configured file accesses, and so on. Toulouse is ideal if you need to increase privileges during pentesting, increase security by system administrators, CTF players, and the like.
MyBB 1.8.32 - Chained LFI Remote Code Execution (RCE) (Authenticated)
BypassCredGuard
Credential Guard Bypass Via Patching Wdigest Memory
Privileger
tool to work with windows privileges
RToolZ
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
FilelessNtdllReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table
A cool python exploit to spoof your payload into another extension like pdf, docx, png, jpg, mp3
Bypassing IDS DCSync Signature for secretsdump
Gepetto: IDA plugin which queries OpenAI's ChatGPT to explain decompiled functions
Telepathy - a tool for analyzing Telegram chats
A set of tools for OSINT that allows you to explore Telegram chats.
Telegram Swiss Knife, which allows you to analyze and archive Telegram chats (including responses, media content, comments and reactions), collect lists of participants, find users by location, analyze top posters in the chat, map forwarded messages and much more.
Remote shellcode launch
Filling out a form from a remote bin file using WinHTTP.
Shell codes are dead, long live shell codes without files.
KRAKEN
Modular multi-language webshell
O.MG Cable
The O.MG Cable is a hand made USB cable with an advanced implant hidden inside. It is designed to allow your Red Team to emulate attack scenarios of sophisticated adversaries. Until now, a cable like this would cost $20,000 (ex: COTTONMOUTH-I). These cables will allow you to test new detection...
shop.hak5.org
The O.MG Cable is a hand made USB cable with an advanced implant hidden inside. It is designed to allow your Red Team to emulate attack scenario
Bash Bunny
The groundbreaking payload platform that introduced multi-vector USB attacks has evolved.Pull off covert attacks or IT automation tasks faster than ever with just the flick of a switch. The NEW Bash Bunny Mark II goes from plug to pwn in 7 seconds — so when the light turns green it's a hacked...
shop.hak5.org
(https://shop.hak5.org/products/bash-bunny)
The groundbreaking payload platform that introduced multi-vector USB attacks has evolved.Pull off covert attacks or IT automation
IOS reverse engineering
GitHub - kpwn/iOSRE: iOS Reverse Engineering
iOS Reverse Engineering. Contribute to kpwn/iOSRE development by creating an account on GitHub.
github.com
GitHub - Siguza/ios-resources: Useful resources for iOS hacking
Useful resources for iOS hacking. Contribute to Siguza/ios-resources development by creating an account on GitHub.
github.com
GitHub - potmdehex/multicast_bytecopy: kernel r/w exploit for iOS 15.0 - 15.1.1
kernel r/w exploit for iOS 15.0 - 15.1.1. Contribute to potmdehex/multicast_bytecopy development by creating an account on GitHub.
github.com
Reverse engineering focusing on x64 Windows.
GitHub - 0xZ0F/Z0FCourse_ReverseEngineering: Reverse engineering focusing on x64 Windows.
Reverse engineering focusing on x64 Windows. Contribute to 0xZ0F/Z0FCourse_ReverseEngineering development by creating an account on GitHub.
github.com
GitHub - tylerha97/awesome-reversing: A curated list of awesome reversing resources
A curated list of awesome reversing resources. Contribute to tylerha97/awesome-reversing development by creating an account on GitHub.
github.com
GitHub - b01lers/welcome-to-ctf: A small repo to host b01lers' outline of what CTF is and how to get into it.
A small repo to host b01lers' outline of what CTF is and how to get into it. - GitHub - b01lers/welcome-to-ctf: A small repo to host b01lers' outline of what CTF is and how to get into it.
github.com
GitHub - connormcgarr/Exploit-Development
Contribute to connormcgarr/Exploit-Development development by creating an account on GitHub.
github.com
GitHub - wtsxDev/Exploit-Development: Resources for learning about Exploit Development
Resources for learning about Exploit Development. Contribute to wtsxDev/Exploit-Development development by creating an account on GitHub.
github.com
GitHub - sathwikch/windows-exploitation
Contribute to sathwikch/windows-exploitation development by creating an account on GitHub.
github.com
Windows LPE via StorSvc
redteam-research/LPE via StorSvc at master · blackarrowsec/redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team - redteam-research/LPE via StorSvc at master · blackarrowsec/redteam-research
github.com
redteam-research
Collection of PoC and offensive techniques used by the BlackArrow Red Team - redteam-research/LPE via StorSvc
PoC: https://github.com/blackarrowsec/redteam-research/tree/master/LPE via StorSvc
PetitPotam: Local Privilege Escalation
Now PetitPotato can elevate to SYSTEM on the latest windows.
GitHub - wh0amitz/PetitPotato: Local privilege escalation via PetitPotam (Abusing impersonate privileges).
Local privilege escalation via PetitPotam (Abusing impersonate privileges). - GitHub - wh0amitz/PetitPotato: Local privilege escalation via PetitPotam (Abusing impersonate privileges).
github.com
Luxury Shield 12.8.9.0 - FUD Crypter ️
» Make your .exe undetectable (FUD) From all Anti-Virus «
Password : hack1ngt0ols
Luxury Shield 12.8.9.zip - AnonFiles
anonfiles.com
CVE-2022-25765 - PDFkit-CMD-Injection
GitHub - nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765: Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6
Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6 - GitHub - nikn0laty/PDFkit-CMD-Injection-CVE-2022-25765: Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6
github.com
exploit for VMware vRealize Log Insight
GitHub - horizon3ai/vRealizeLogInsightRCE: POC for RCE using vulnerabilities described in VMSA-2023-0001
POC for RCE using vulnerabilities described in VMSA-2023-0001 - GitHub - horizon3ai/vRealizeLogInsightRCE: POC for RCE using vulnerabilities described in VMSA-2023-0001
github.com
CVE-2023-0045
Bypassing Spectre-BTI User Space Mitigations on Linux
GitHub - es0j/CVE-2023-0045
Contribute to es0j/CVE-2023-0045 development by creating an account on GitHub.
github.com
A POC for the new injection technique, abusing windows fork API to evade EDRs.
GitHub - deepinstinct/Dirty-Vanity: A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass-28417
A POC for the new injection technique, abusing windows fork API to evade EDRs. https://www.blackhat.com/eu-22/briefings/schedule/index.html#dirty-vanity-a-new-approach-to-code-injection--edr-bypass...
github.com
Weblogic-CVE-2023-21839
GitHub - DXask88MA/Weblogic-CVE-2023-21839
Contribute to DXask88MA/Weblogic-CVE-2023-21839 development by creating an account on GitHub.
github.com
Sudo Killer
A tool for finding and exploiting various vulnerabilities that appeared as a result of errors in incorrectly configured files, sudo rule vulnerabilities, incorrectly configured file accesses, and so on. Toulouse is ideal if you need to increase privileges during pentesting, increase security by system administrators, CTF players, and the like.
GitHub - TH3xACE/SUDO_KILLER: A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation.
A tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation. - GitHub - TH3xACE/SUDO_KILLER: A tool to identify and exploit sudo ...
github.com
MyBB 1.8.32 - Chained LFI Remote Code Execution (RCE) (Authenticated)
GitHub - FDlucifer/mybb_1832_LFI_RCE: MyBB 1.8.32 - Chained LFI Remote Code Execution (RCE) (Authenticated) python exploit script...
MyBB 1.8.32 - Chained LFI Remote Code Execution (RCE) (Authenticated) python exploit script... - GitHub - FDlucifer/mybb_1832_LFI_RCE: MyBB 1.8.32 - Chained LFI Remote Code Execution (RCE) (Authent...
github.com
BypassCredGuard
Credential Guard Bypass Via Patching Wdigest Memory
GitHub - wh0amitz/BypassCredGuard: Credential Guard Bypass Via Patching Wdigest Memory
Credential Guard Bypass Via Patching Wdigest Memory - GitHub - wh0amitz/BypassCredGuard: Credential Guard Bypass Via Patching Wdigest Memory
github.com
Privileger
tool to work with windows privileges
GitHub - MzHmO/Privileger: Privileger is a tool to work with Windows Privileges
Privileger is a tool to work with Windows Privileges - GitHub - MzHmO/Privileger: Privileger is a tool to work with Windows Privileges
github.com
RToolZ
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
GitHub - OmriBaso/RToolZ: A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls.
A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL Lsass, no dbghelp.lib calls. - GitHub - OmriBaso/RToolZ: A Stealthy Lsass Dumper - can abuse ProcExp152.sys driver to dump PPL ...
github.com
FilelessNtdllReflection
Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID to avoid opening a handle to ntdll, and trigger exported API from the export table
A cool python exploit to spoof your payload into another extension like pdf, docx, png, jpg, mp3
Bypassing IDS DCSync Signature for secretsdump
Thread by @snovvcrash on Thread Reader App
@snovvcrash: 🧵 (1/) Bypassing IDS DCSync Signature for #secretsdump I’ve been asked lately to bypass a private IDS rule for #impacket’s DCSync operation and I’ve immediately remembered this Charlie’s question ⬇️ 🧵 (...…
threadreaderapp.com
secretsdump.py DCSync without SMB interaction
secretsdump.py DCSync without SMB interaction. GitHub Gist: instantly share code, notes, and snippets.
gist.github.com
Gepetto: IDA plugin which queries OpenAI's ChatGPT to explain decompiled functions
GitHub - JusticeRage/Gepetto: IDA plugin which queries OpenAI's gpt-3.5-turbo language model to speed up reverse-engineering
IDA plugin which queries OpenAI's gpt-3.5-turbo language model to speed up reverse-engineering - GitHub - JusticeRage/Gepetto: IDA plugin which queries OpenAI's gpt-3.5-turbo language model...
github.com
A set of tools for OSINT that allows you to explore Telegram chats.
Telegram Swiss Knife, which allows you to analyze and archive Telegram chats (including responses, media content, comments and reactions), collect lists of participants, find users by location, analyze top posters in the chat, map forwarded messages and much more.
GitHub - proseltd/Telepathy: Public release of Telepathy, an OSINT toolkit for investigating Telegram chats.
Public release of Telepathy, an OSINT toolkit for investigating Telegram chats. - GitHub - proseltd/Telepathy: Public release of Telepathy, an OSINT toolkit for investigating Telegram chats.
github.com
Remote shellcode launch
Filling out a form from a remote bin file using WinHTTP.
Shell codes are dead, long live shell codes without files.
GitHub - kleiton0x00/RemoteShellcodeExec: Execute shellcode from a remote-hosted bin file using Winhttp.
Execute shellcode from a remote-hosted bin file using Winhttp. - GitHub - kleiton0x00/RemoteShellcodeExec: Execute shellcode from a remote-hosted bin file using Winhttp.
github.com
KRAKEN
Modular multi-language webshell
GitHub - kraken-ng/Kraken: Kraken, a modular multi-language webshell coded by @secu_x11
Kraken, a modular multi-language webshell coded by @secu_x11 - GitHub - kraken-ng/Kraken: Kraken, a modular multi-language webshell coded by @secu_x11
github.com