A post exploitation framework designed to operate covertly on heavily monitored environments
https://blog.dylan.codes/shad0w/
https://blog.dylan.codes/shad0w/
NMAP noscript for CVE-2021-41773 (Path Traversal on Apache HTTP Server 2.4.49).
https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse
#apache #nmap
https://github.com/RootUp/PersonalStuff/blob/master/http-vuln-cve-2021-41773.nse
#apache #nmap
GitHub
PersonalStuff/http-vuln-cve-2021-41773.nse at master · RootUp/PersonalStuff
Upload files done during my research. Contribute to RootUp/PersonalStuff development by creating an account on GitHub.
New version of #BurpSuite Exporter extension.
Fixed minor bugs, added support for HTML Forms, Ruby Net::HTTP, JavaScript XHR and a Tab to search HTTP Requests.
https://github.com/artssec/burp-exporter
#bugbounty #bugbountytips
Fixed minor bugs, added support for HTML Forms, Ruby Net::HTTP, JavaScript XHR and a Tab to search HTTP Requests.
https://github.com/artssec/burp-exporter
#bugbounty #bugbountytips
GitHub
GitHub - artssec/burp-exporter: Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming…
Exporter is a Burp Suite extension to copy a request to a file or the clipboard as multiple programming languages functions. - artssec/burp-exporter
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
https://github.com/EncodeGroup/BOF-RegSave
#cobaltstrike
https://github.com/EncodeGroup/BOF-RegSave
#cobaltstrike
GitHub
GitHub - EncodeGroup/BOF-RegSave: Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File - EncodeGroup/BOF-RegSave
The vulnerability allows a low-privilege user (such as www-data) to escalate his privileges to root using a bug in PHP-FPM, which has been present for 10 years.
https://www.ambionics.io/blog/php-fpm-local-root
https://www.ambionics.io/blog/php-fpm-local-root
Ambionics
PHP-FPM local root vulnerability (CVE-2021-21703)
This article reveals a privilege escalation vulnerability affecting PHP-FPM.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
https://github.com/Rices/Phishious
https://github.com/Rices/Phishious
GitHub
GitHub - CanIPhish/Phishious: An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers. - CanIPhish/Phishious
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.
https://github.com/RoseSecurity/Automator-Terminator
https://github.com/RoseSecurity/Automator-Terminator
GitHub
GitHub - RoseSecurity/Automator-Terminator: A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations…
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automato...