Windows Defender Application Guard DoS via Long Hostname
https://github.com/jdgregson/Disclosures/tree/master/microsoft/wdag-dos-long-hostname
https://github.com/jdgregson/Disclosures/tree/master/microsoft/wdag-dos-long-hostname
GitHub
Disclosures/microsoft/wdag-dos-long-hostname at master · jdgregson/Disclosures
My publically disclosed vulnerability reports. Contribute to jdgregson/Disclosures development by creating an account on GitHub.
Restricted Admin Mode was introduced in Windows 8.1 as an attempt to prevent credential exposure via RDP. While well intentioned, this unfortunately introduced the ability to pass-the-hash to RDP.
https://github.com/GhostPack/RestrictedAdmin
#RestrictedAdmin #PTH
https://github.com/GhostPack/RestrictedAdmin
#RestrictedAdmin #PTH
GitHub
GitHub - GhostPack/RestrictedAdmin: Remotely enables Restricted Admin Mode
Remotely enables Restricted Admin Mode. Contribute to GhostPack/RestrictedAdmin development by creating an account on GitHub.
OffensivePipeline
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
https://github.com/Aetsu/OffensivePipeline
#redteam
OffensivePipeline allows to download, compile (without Visual Studio) and obfuscate C# tools for Red Team exercises.
https://github.com/Aetsu/OffensivePipeline
#redteam
GitHub
GitHub - Aetsu/OffensivePipeline: OfensivePipeline allows you to download and build C# tools, applying certain modifications in…
OfensivePipeline allows you to download and build C# tools, applying certain modifications in order to improve their evasion for Red Team exercises. - Aetsu/OffensivePipeline
🔥🔥🔥Free,Open-Source,Cross-platform agent and Post-exploiton tool written in Golang and C++, the architecture and usage like Cobalt Strike
https://github.com/geemion/Khepri
#post-Exploit
https://github.com/geemion/Khepri
#post-Exploit
GitHub
GitHub - roadwy/RIP
Contribute to roadwy/RIP development by creating an account on GitHub.
spook.js POC
https://news.1rj.ru/str/Peneter_News/23
https://github.com/spookjs/spookjs-poc
#spookjs #Chrome
https://news.1rj.ru/str/Peneter_News/23
https://github.com/spookjs/spookjs-poc
#spookjs #Chrome
Telegram
Peneter News
یک حمله Side channel با نام spook.js که قابلیت دور زدن مکانیسم امنیت Google Chrome که برای حملات Spectre طراحی شده بود را دارد .
https://www.spookjs.com/files/spook-js.pdf
spook.js = transient execution side-channel attack
پ.ن:
حمله Side channel : در واقع…
https://www.spookjs.com/files/spook-js.pdf
spook.js = transient execution side-channel attack
پ.ن:
حمله Side channel : در واقع…
A shellcode function to encrypt a running process image when sleeping
https://github.com/SolomonSklash/SleepyCrypt
https://www.solomonsklash.io/SleepyCrypt-shellcode-to-encrypt-a-running-image.html
#obfuscation #sleepycrypt
https://github.com/SolomonSklash/SleepyCrypt
https://www.solomonsklash.io/SleepyCrypt-shellcode-to-encrypt-a-running-image.html
#obfuscation #sleepycrypt
GitHub
GitHub - SolomonSklash/SleepyCrypt: A shellcode function to encrypt a running process image when sleeping.
A shellcode function to encrypt a running process image when sleeping. - SolomonSklash/SleepyCrypt
MSHTML OFFICE Exploit
https://github.com/klezVirus/CVE-2021-40444
Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
https://github.com/horizon3ai/CVE-2021-38647
https://github.com/klezVirus/CVE-2021-40444
Proof on Concept Exploit for CVE-2021-38647 (OMIGOD)
https://github.com/horizon3ai/CVE-2021-38647
GitHub
GitHub - klezVirus/CVE-2021-40444: CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit
CVE-2021-40444 - Fully Weaponized Microsoft Office Word RCE Exploit - klezVirus/CVE-2021-40444
PoC CVE-2021-30632 - Out of bounds write in V8
"Tested against Samsung Internet Browser v15.0.2.47, which does not yet have Google's patch."
Google Chrome
https://github.com/Phuong39/PoC-CVE-2021-30632
"Tested against Samsung Internet Browser v15.0.2.47, which does not yet have Google's patch."
Google Chrome
https://github.com/Phuong39/PoC-CVE-2021-30632
GitHub
GitHub - Phuong39/PoC-CVE-2021-30632: PoC CVE-2021-30632 - Out of bounds write in V8
PoC CVE-2021-30632 - Out of bounds write in V8. Contribute to Phuong39/PoC-CVE-2021-30632 development by creating an account on GitHub.
Using CodeQL to detect client-side vulnerabilities in web applications
codeql database create example.com --language=javanoscript
codeql database analyze example.com javanoscript-lgtm.qls --format=sarif-latest --output=results.sarif
./unwebpack_sourcemap.py --detect https://example.com/auth/login example.com
https://raz0r.name/articles/using-codeql-to-detect-client-side-vulnerabilities-in-web-applications/
#codeql #vulnerability #scanner #clientside
codeql database create example.com --language=javanoscript
codeql database analyze example.com javanoscript-lgtm.qls --format=sarif-latest --output=results.sarif
./unwebpack_sourcemap.py --detect https://example.com/auth/login example.com
https://raz0r.name/articles/using-codeql-to-detect-client-side-vulnerabilities-in-web-applications/
#codeql #vulnerability #scanner #clientside
Raz0r.name — Web Application Security
Using CodeQL to detect client-side vulnerabilities in web applications | Raz0r — Web3 Security
GitHub’s CodeQL is a robust query language originally developed by Semmle that allows you to look for vulnerabilities in the source code. CodeQL is known as a tool to inspect open source repositories, however its usage is not limited just to it. In this article…
A new Chrome browser extension has been released to help bug bounty hunters find keys that have made their way into JavaScript online.
https://github.com/trufflesecurity/Trufflehog-Chrome-Extension
#Trufflehog #javanoscript #bugbounty #redteam
https://github.com/trufflesecurity/Trufflehog-Chrome-Extension
#Trufflehog #javanoscript #bugbounty #redteam
GitHub
GitHub - trufflesecurity/Trufflehog-Chrome-Extension
Contribute to trufflesecurity/Trufflehog-Chrome-Extension development by creating an account on GitHub.
EXOCET - AV-evading, undetectable, payload delivery tool
https://github.com/tanc7/EXOCET-AV-Evasion
#FUD
https://github.com/tanc7/EXOCET-AV-Evasion
#FUD
GitHub
GitHub - tanc7/EXOCET-AV-Evasion: EXOCET - AV-evading, undetectable, payload delivery tool
EXOCET - AV-evading, undetectable, payload delivery tool - tanc7/EXOCET-AV-Evasion
Free,Cross-platform,Single-file mass network protocol server simulator
https://github.com/fofapro/fapro
#blueteam
https://github.com/fofapro/fapro
#blueteam
GitHub
GitHub - fofapro/fapro: Fake Protocol Server
Fake Protocol Server. Contribute to fofapro/fapro development by creating an account on GitHub.
A post exploitation framework designed to operate covertly on heavily monitored environments
https://blog.dylan.codes/shad0w/
https://blog.dylan.codes/shad0w/
NMAP noscript for CVE-2021-41773 (Path Traversal on Apache HTTP Server 2.4.49).
https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse
#apache #nmap
https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse
#apache #nmap
GitHub
PersonalStuff/http-vuln-cve-2021-41773.nse at master · RootUp/PersonalStuff
Upload files done during my research. Contribute to RootUp/PersonalStuff development by creating an account on GitHub.