Code snippets to add on top of #Cobalt_Strike sleep mask to achieve patchless hook on AMSI and ETW.
Feature:
→ Breakpoint will be removed during sleep to avoid scanner (I hope lol)
→ Avoid scanner like moneta that will detect if DLL is modified.
Usage :
1. Include "patchless.c" in sleepmask.c (only supports x64)
2.Add the functions required to do patchless hook on desired functions
→ You may refer to sleepmask.c to see what have been amended
3.Put patchless.c in src47 folder
4.Compile
https://github.com/ScriptIdiot/sleepmask_PatchlessHook
@BlueRedTeam
Feature:
→ Breakpoint will be removed during sleep to avoid scanner (I hope lol)
→ Avoid scanner like moneta that will detect if DLL is modified.
Usage :
1. Include "patchless.c" in sleepmask.c (only supports x64)
2.Add the functions required to do patchless hook on desired functions
→ You may refer to sleepmask.c to see what have been amended
3.Put patchless.c in src47 folder
4.Compile
https://github.com/ScriptIdiot/sleepmask_PatchlessHook
@BlueRedTeam
👍2
Red Blue Team
#Red_Team S3cr3tDetect0rz is a Red Team tool that helps uncover sensitive information in websites using ACTIVE not PASSIVE Techniques for Superior Accuracy! https://github.com/blackhatethicalhacking/S3cr3tDetect0rz @BlueRedTeam
#Red_Team
A Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!
https://github.com/blackhatethicalhacking/SecretOpt1c
@BlueRedTeam
A Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy!
https://github.com/blackhatethicalhacking/SecretOpt1c
@BlueRedTeam
GitHub
GitHub - blackhatethicalhacking/SecretOpt1c: SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites…
SecretOpt1c is a Red Team tool that helps uncover sensitive information in websites using ACTIVE and PASSIVE Techniques for Superior Accuracy! - blackhatethicalhacking/SecretOpt1c
👍1
#Cobalt_Strike
A collection of random small Aggressor snippets that don't warrant their own repo.
https://github.com/Octoberfest7/aggressor_snippets
@BlueRedTeam
A collection of random small Aggressor snippets that don't warrant their own repo.
https://github.com/Octoberfest7/aggressor_snippets
@BlueRedTeam
GitHub
GitHub - Octoberfest7/aggressor_snippets: A collection of random small Aggressor snippets that don't warrant their own repo
A collection of random small Aggressor snippets that don't warrant their own repo - Octoberfest7/aggressor_snippets
❤2
If you have a high skill in web penetration testing, send a message to join our team: denoscription in DM.
@Kaveh_TM
@Kaveh_TM
👎5👍2
#Cobalt_Strike
Cobalt Strike user-defined reflective loader with av/edr evasion in mind.
https://github.com/mgeeky/ElusiveMice
@BlueRedTeam
Cobalt Strike user-defined reflective loader with av/edr evasion in mind.
https://github.com/mgeeky/ElusiveMice
@BlueRedTeam
GitHub
GitHub - mgeeky/ElusiveMice: Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind
Cobalt Strike User-Defined Reflective Loader with AV/EDR Evasion in mind - mgeeky/ElusiveMice
👍1
#Red_Team
A RedTeam Toolkit
ARTToolkit is an interactive cheat sheet, containing an useful list of offensive security tools and their respective commands/payloads, to be used in red teaming exercises.
https://github.com/arttoolkit/arttoolkit.github.io
Find the project at https://ARTToolkit.github.io
Created by Maurits Maas
This project was based on the creation of John Woodman and was inspired by GTFOBins and LOLBAS. I relied heavily on WADComs site template to make this one.
@BlueRedTeam
A RedTeam Toolkit
ARTToolkit is an interactive cheat sheet, containing an useful list of offensive security tools and their respective commands/payloads, to be used in red teaming exercises.
https://github.com/arttoolkit/arttoolkit.github.io
Find the project at https://ARTToolkit.github.io
Created by Maurits Maas
This project was based on the creation of John Woodman and was inspired by GTFOBins and LOLBAS. I relied heavily on WADComs site template to make this one.
@BlueRedTeam
GitHub
GitHub - arttoolkit/arttoolkit.github.io: A RedTeam Toolkit
A RedTeam Toolkit. Contribute to arttoolkit/arttoolkit.github.io development by creating an account on GitHub.
👍2
#Red_Team
And many more. I created this repo to have an overview over my starred repos. I was not able to filter in categories before. Feel free to use it for yourself. I do not list Kali default tools as well as several testing tools which are state of the art.
https://gist.github.com/z0rs/e1c640e2892cb6737602fec5d5496480
@BlueRedTeam
And many more. I created this repo to have an overview over my starred repos. I was not able to filter in categories before. Feel free to use it for yourself. I do not list Kali default tools as well as several testing tools which are state of the art.
https://gist.github.com/z0rs/e1c640e2892cb6737602fec5d5496480
@BlueRedTeam
Gist
Red-Teaming-tool.md
GitHub Gist: instantly share code, notes, and snippets.
👍5
#C2
Open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS and are dynamically compiled with per-binary asymmetric encryption keys.
https://github.com/BishopFox/sliver
@BlueRedTeam
Open source cross-platform adversary emulation/red team framework, it can be used by organizations of all sizes to perform security testing. Sliver's implants support C2 over Mutual TLS (mTLS), WireGuard, HTTP(S), and DNS and are dynamically compiled with per-binary asymmetric encryption keys.
https://github.com/BishopFox/sliver
@BlueRedTeam
GitHub
GitHub - BishopFox/sliver: Adversary Emulation Framework
Adversary Emulation Framework. Contribute to BishopFox/sliver development by creating an account on GitHub.
👍1
🧩 اگر دنبال یک مکان برای منابع CTF هستید میتوانید از کانال ما استفاده کنید .
پست ها به دو زبان Persian & English می باشد .
@PfkCTF
پست ها به دو زبان Persian & English می باشد .
🧩 If you are looking for a place for CTF resources, you can use our channel.The posts are in Persian and English.@PfkCTF
👍11👎2
🚨 A new research report has revealed that the notorious Clop ransomware group has likely been silently exploiting the recently disclosed critical MOVEit Transfer application vulnerability (CVE-2023-34362) since 2021.
Details: https://thehackernews.com/2023/06/clop-ransomware-gang-likely-exploiting.html
Details: https://thehackernews.com/2023/06/clop-ransomware-gang-likely-exploiting.html
👍1
Thruk Monitoring Web Interface 3.06 - Path Traversal exploit.
https://sploitus.com/exploit?id=EDB-ID:51509
https://sploitus.com/exploit?id=EDB-ID:51509
Sploitus
💀 Exploit for Thruk Monitoring Web Interface 3.06 - Path Traversal CVE-2023-34096
Exploit for Thruk Monitoring Web Interface 3.06 - Path Traversal CVE-2023-34096 | Sploitus | Exploit & Hacktool Search Engine
👍1
Exploit for SQL Injection in Osgeo Geoserver exploit
https://sploitus.com/exploit?id=1E160E89-84F9-5C59-8AD3-AA10716AD031
https://sploitus.com/exploit?id=1E160E89-84F9-5C59-8AD3-AA10716AD031
Sploitus
💀 Exploit for SQL Injection in Osgeo Geoserver CVE-2023-25157
Exploit for SQL Injection in Osgeo Geoserver CVE-2023-25157 | Sploitus | Exploit & Hacktool Search Engine
👍2
the Deepfake Offensive Toolkit
dot (aka Deepfake Offensive Toolkit) makes real-time, controllable deepfakes ready for virtual cameras injection. identity verification and video conferencing systems, for the use by security analysts, Red Team members, and biometrics researchers.
https://github.com/sensity-ai/dot
#Red_Team
dot (aka Deepfake Offensive Toolkit) makes real-time, controllable deepfakes ready for virtual cameras injection. identity verification and video conferencing systems, for the use by security analysts, Red Team members, and biometrics researchers.
https://github.com/sensity-ai/dot
#Red_Team
GitHub
GitHub - sensity-ai/dot: The Deepfake Offensive Toolkit
The Deepfake Offensive Toolkit. Contribute to sensity-ai/dot development by creating an account on GitHub.
"Above"
Network Vulnerability Scanner
fully autonomous and works in passive mode, creating no noise on the air.
It supports 18 protocols:
MACSec
DTP
EDP
CDP
LLDP
MNDP
OSPF
EIGRP
VRRP
HSRP
ESRP
GLBP
STP
PVST
LLMNR
NBT-NS
MDNS
DHCPv6
https://github.com/c4s73r/Above
#Red_Team
Network Vulnerability Scanner
fully autonomous and works in passive mode, creating no noise on the air.
It supports 18 protocols:
MACSec
DTP
EDP
CDP
LLDP
MNDP
OSPF
EIGRP
VRRP
HSRP
ESRP
GLBP
STP
PVST
LLMNR
NBT-NS
MDNS
DHCPv6
https://github.com/c4s73r/Above
#Red_Team
GitHub
GitHub - casterbyte/Above: Network Security Sniffer
Network Security Sniffer. Contribute to casterbyte/Above development by creating an account on GitHub.
❤8👍4