Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
https://github.com/EncodeGroup/BOF-RegSave
#cobaltstrike
https://github.com/EncodeGroup/BOF-RegSave
#cobaltstrike
GitHub
GitHub - EncodeGroup/BOF-RegSave: Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File
Dumping SAM / SECURITY / SYSTEM registry hives with a Beacon Object File - EncodeGroup/BOF-RegSave
The vulnerability allows a low-privilege user (such as www-data) to escalate his privileges to root using a bug in PHP-FPM, which has been present for 10 years.
https://www.ambionics.io/blog/php-fpm-local-root
https://www.ambionics.io/blog/php-fpm-local-root
Ambionics
PHP-FPM local root vulnerability (CVE-2021-21703)
This article reveals a privilege escalation vulnerability affecting PHP-FPM.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
https://github.com/Rices/Phishious
https://github.com/Rices/Phishious
GitHub
GitHub - CanIPhish/Phishious: An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers.
An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers. - CanIPhish/Phishious
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automator-Terminator delivers a powerful wave of spoofed ethernet packets to a null MAC address.
https://github.com/RoseSecurity/Automator-Terminator
https://github.com/RoseSecurity/Automator-Terminator
GitHub
GitHub - RoseSecurity/Automator-Terminator: A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations…
A Proof-of-Concept Layer 2 Denial of Service Attack that disrupts low level operations of Programmable Logic Controllers within industrial environments. Utilizing multithreaded processing, Automato...
Atomic Red Team™ is library of tests mapped to the MITRE ATT&CK® framework. Security teams can use Atomic Red Team to quickly, portably, and reproducibly test their environments.
https://github.com/redcanaryco/atomic-red-team
https://github.com/redcanaryco/atomic-red-team
GitHub
GitHub - redcanaryco/atomic-red-team: Small and highly portable detection tests based on MITRE's ATT&CK.
Small and highly portable detection tests based on MITRE's ATT&CK. - redcanaryco/atomic-red-team
A TCP proxy to simulate network and system conditions for #chaos and #resiliency #testing
https://github.com/Shopify/toxiproxy
#toxiproxy #TCPproxy
https://github.com/Shopify/toxiproxy
#toxiproxy #TCPproxy
GitHub
GitHub - Shopify/toxiproxy: :alarm_clock: A TCP proxy to simulate network and system conditions for chaos and resiliency testing
:alarm_clock: :fire: A TCP proxy to simulate network and system conditions for chaos and resiliency testing - GitHub - Shopify/toxiproxy: :alarm_clock: A TCP proxy to simulate network and system co...
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk
https://github.com/splunk/attack_range
https://github.com/splunk/attack_range
GitHub
GitHub - splunk/attack_range: A tool that allows you to create vulnerable instrumented local or cloud environments to simulate…
A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk - GitHub - splunk/attack_range: A tool that allows...
Combine namp and masscan for fast scanning and identification tools Github: https://github.com/MrLion7/Lmap
#tools #Scanner
#tools #Scanner
GitHub
GitHub - MrLion7/Lmap: A tool combined with the advantages of masscan and nmap
A tool combined with the advantages of masscan and nmap - MrLion7/Lmap
Proof-of-concept obfuscation toolkit for C# post-exploitation tools
https://github.com/xforcered/InvisibilityCloak
#POC #FUD
https://github.com/xforcered/InvisibilityCloak
#POC #FUD
GitHub
GitHub - xforcered/InvisibilityCloak: Proof-of-concept obfuscation toolkit for C# post-exploitation tools
Proof-of-concept obfuscation toolkit for C# post-exploitation tools - xforcered/InvisibilityCloak
Fast and customizable vulnerability scanner based on simple YAML based DSL.
https://github.com/projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei-templates
#scanner #bugbounty
https://github.com/projectdiscovery/nuclei
https://github.com/projectdiscovery/nuclei-templates
#scanner #bugbounty
GitHub
GitHub - projectdiscovery/nuclei: Nuclei is a fast, customizable vulnerability scanner powered by the global security community…
Nuclei is a fast, customizable vulnerability scanner powered by the global security community and built on a simple YAML-based DSL, enabling collaboration to tackle trending vulnerabilities on the ...
Turbolist3r is a fork of the #sublist3r #subdomain discovery tool. In addition to the original #OSINT capabilties of sublist3r, turbolist3r automates some analysis of the results, with a focus on subdomain takeover.
https://github.com/alex14324/Turbolist3r
https://github.com/alex14324/Turbolist3r
GitHub
GitHub - alex14324/Turbolist3r
Contribute to alex14324/Turbolist3r development by creating an account on GitHub.
A Series of Baseband & LMP Exploits against Bluetooth Classic Controllers
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
GitHub
GitHub - Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks: A Series of Baseband & LMP Exploits against Bluetooth Classic…
A Series of Baseband & LMP Exploits against Bluetooth Classic Controllers - Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
https://wadcoms.github.io/
https://wadcoms.github.io/
Backdoor
https://github.com/skerkour/black-hat-rust/tree/main/extra/backdoors
https://kerkour.com/rust-crate-backdoor/
https://github.com/skerkour/black-hat-rust/tree/main/extra/backdoors
https://kerkour.com/rust-crate-backdoor/
GitHub
black-hat-rust/extra/backdoors at main · skerkour/black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust - black-hat-rust/extra/backdoors at main · skerkour/black-hat-rust