Universal Privilege Escalation and Persistence – Printer
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
https://pentestlab.blog/2021/08/02/universal-privilege-escalation-and-persistence-printer/
Penetration Testing Lab
Universal Privilege Escalation and Persistence – Printer
The Print Spooler is responsible to manage and process printer jobs. It runs as a service with SYSTEM level privileges on windows environments. Abuse of the Print Spooler service is not new and suc…
ساخت object های مختلف در اکیتو دایرکتوری برای تبدیل ماشین مجازی به محیط تست اکتیو دایرکتوری توسط ماژول های پاورشل badblood
https://github.com/davidprowe/BadBlood
#badblood #LAB #Activedirectory
https://github.com/davidprowe/BadBlood
#badblood #LAB #Activedirectory
GitHub
GitHub - davidprowe/BadBlood: BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure…
BadBlood by @davidprowe, Secframe.com, fills a Microsoft Active Directory Domain with a structure and thousands of objects. The output of the tool is a domain similar to a domain in the real world....
Selection blackhat Tools
https://therecord.media/security-tools-showcased-at-black-hat-usa-2021/amp/?__twitter_impression=true
#blackhat
https://therecord.media/security-tools-showcased-at-black-hat-usa-2021/amp/?__twitter_impression=true
#blackhat
The Record by Recorded Future
Security tools showcased at Black Hat USA 2021
While everyone associates the Black Hat security conference with high-profile keynotes and state-of-the-art cybersecurity research, ever since the 2017 edition, the conference has also been the place where the cybersecurity community has also announced and…
Tool to bypass LSA Protection (aka Protected Process Light)
https://github.com/RedCursorSecurityConsulting/PPLKiller
#post_exploit
https://github.com/RedCursorSecurityConsulting/PPLKiller
#post_exploit
GitHub
GitHub - RedCursorSecurityConsulting/PPLKiller: Tool to bypass LSA Protection (aka Protected Process Light)
Tool to bypass LSA Protection (aka Protected Process Light) - RedCursorSecurityConsulting/PPLKiller
PowerSharpPack
Many usefull offensive CSharp Projects wraped into Powershell for easy usage.
https://github.com/S3cur3Th1sSh1t/PowerSharpPack
#powershell #post_exploit
Many usefull offensive CSharp Projects wraped into Powershell for easy usage.
https://github.com/S3cur3Th1sSh1t/PowerSharpPack
#powershell #post_exploit
GitHub
GitHub - S3cur3Th1sSh1t/PowerSharpPack
Contribute to S3cur3Th1sSh1t/PowerSharpPack development by creating an account on GitHub.
fibratus
A modern tool for the Windows kernel exploration and tracing
https://github.com/rabbitstack/fibratus
A modern tool for the Windows kernel exploration and tracing
https://github.com/rabbitstack/fibratus
GitHub
GitHub - rabbitstack/fibratus: Adversary tradecraft detection, protection, and hunting
Adversary tradecraft detection, protection, and hunting - GitHub - rabbitstack/fibratus: Adversary tradecraft detection, protection, and hunting
smb2os
Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
https://github.com/w1u0u1/smb2os
Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
https://github.com/w1u0u1/smb2os
GitHub
GitHub - w1u0u1/smb2os: Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019
Use smb2 protocol to detect remote computer os version, support win7/server2008-win10/server2019 - w1u0u1/smb2os
unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
https://github.com/last-byte/unDefender
Killing your preferred antimalware by abusing native symbolic links and NT paths.
https://github.com/last-byte/unDefender
XSTREAM 1.4.17 includes (CVE-2021-39141、CVE-2021-39144、CVE-2021-39150、CVE-2021-39152)
https://github.com/zwjjustdoit/Xstream-1.4.17
#Exploit
https://github.com/zwjjustdoit/Xstream-1.4.17
#Exploit
GitHub
GitHub - zwjjustdoit/Xstream-1.4.17: XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150)
XSTREAM<=1.4.17漏洞复现(CVE-2021-39141、CVE-2021-39144、CVE-2021-39150) - zwjjustdoit/Xstream-1.4.17
medusa honeypot for (ssh, telnet, http or other tcp servers)
https://github.com/evilsocket/medusa
#honeypot
https://github.com/evilsocket/medusa
#honeypot
GitHub
GitHub - evilsocket/medusa: A fast and secure multi protocol honeypot.
A fast and secure multi protocol honeypot. Contribute to evilsocket/medusa development by creating an account on GitHub.
Sliver agent for Linux with very low detection rate
https://github.com/BishopFox/sliver
Total link:
https://www.virustotal.com/gui/file/b17e26ce72362caaa1b22d98b384587a8363dc421061db96b897b91a014466a1/community
Rule
https://valhalla.nextron-systems.com/info/rule/MAL_GOLANG_Sliver_Implant
credit:https://twitter.com/cyb3rops/status/1431521109971722241?s=20
https://github.com/BishopFox/sliver
Total link:
https://www.virustotal.com/gui/file/b17e26ce72362caaa1b22d98b384587a8363dc421061db96b897b91a014466a1/community
Rule
https://valhalla.nextron-systems.com/info/rule/MAL_GOLANG_Sliver_Implant
credit:https://twitter.com/cyb3rops/status/1431521109971722241?s=20
GitHub
GitHub - BishopFox/sliver: Adversary Emulation Framework
Adversary Emulation Framework. Contribute to BishopFox/sliver development by creating an account on GitHub.
CVE-2021-26084: Hint 1: grep -FR "='\$!" --include=*.vm confluence/
CVE-2021-26084: Hint 2 : https://github.com/jkuhnert/ognl/blob/master/src/etc/ognl.jjt#L48
CVE-2021-26084: Hint 2 : https://github.com/jkuhnert/ognl/blob/master/src/etc/ognl.jjt#L48
GitHub
ognl/ognl.jjt at master · jkuhnert/ognl
Object Graph Navigation Library. Contribute to jkuhnert/ognl development by creating an account on GitHub.
Windows Defender Application Guard DoS via Long Hostname
https://github.com/jdgregson/Disclosures/tree/master/microsoft/wdag-dos-long-hostname
https://github.com/jdgregson/Disclosures/tree/master/microsoft/wdag-dos-long-hostname
GitHub
Disclosures/microsoft/wdag-dos-long-hostname at master · jdgregson/Disclosures
My publically disclosed vulnerability reports. Contribute to jdgregson/Disclosures development by creating an account on GitHub.
Restricted Admin Mode was introduced in Windows 8.1 as an attempt to prevent credential exposure via RDP. While well intentioned, this unfortunately introduced the ability to pass-the-hash to RDP.
https://github.com/GhostPack/RestrictedAdmin
#RestrictedAdmin #PTH
https://github.com/GhostPack/RestrictedAdmin
#RestrictedAdmin #PTH
GitHub
GitHub - GhostPack/RestrictedAdmin: Remotely enables Restricted Admin Mode
Remotely enables Restricted Admin Mode. Contribute to GhostPack/RestrictedAdmin development by creating an account on GitHub.
OffensivePipeline
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
https://github.com/Aetsu/OffensivePipeline
#redteam
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
https://github.com/Aetsu/OffensivePipeline
#redteam
GitHub
GitHub - Aetsu/OffensivePipeline: OfensivePipeline allows you to download and build C# tools, applying certain modifications in…
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises. - Aetsu/OffensivePipeline
🔥🔥🔥Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++, the architecture and usage like Cobalt Strike
https://github.com/geemion/Khepri
#post-Exploit
https://github.com/geemion/Khepri
#post-Exploit
GitHub
GitHub - roadwy/RIP
Contribute to roadwy/RIP development by creating an account on GitHub.