Turbolist3r is a fork of the #sublist3r #subdomain discovery tool. In addition to the original #OSINT capabilties of sublist3r, turbolist3r automates some analysis of the results, with a focus on subdomain takeover.
https://github.com/alex14324/Turbolist3r
https://github.com/alex14324/Turbolist3r
GitHub
GitHub - alex14324/Turbolist3r
Contribute to alex14324/Turbolist3r development by creating an account on GitHub.
A Series of Baseband & LMP Exploits against Bluetooth Classic Controllers
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
https://github.com/Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
GitHub
GitHub - Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks: A Series of Baseband & LMP Exploits against Bluetooth Classic…
A Series of Baseband & LMP Exploits against Bluetooth Classic Controllers - Matheus-Garbelini/braktooth_esp32_bluetooth_classic_attacks
WADComs is an interactive cheat sheet, containing a curated list of offensive security tools and their respective commands, to be used against Windows/AD environments.
https://wadcoms.github.io/
https://wadcoms.github.io/
Backdoor
https://github.com/skerkour/black-hat-rust/tree/main/extra/backdoors
https://kerkour.com/rust-crate-backdoor/
https://github.com/skerkour/black-hat-rust/tree/main/extra/backdoors
https://kerkour.com/rust-crate-backdoor/
GitHub
black-hat-rust/extra/backdoors at main · skerkour/black-hat-rust
Applied offensive security with Rust - https://kerkour.com/black-hat-rust - black-hat-rust/extra/backdoors at main · skerkour/black-hat-rust
Log4j reverse shell : https://www.youtube.com/watch?v=oShZwiDTx9U
Exploit https://github.com/r00tkiiT/log4shell-vulnerable-app
MSrc:https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
@learnpentest
Exploit https://github.com/r00tkiiT/log4shell-vulnerable-app
MSrc:https://msrc-blog.microsoft.com/2021/12/11/microsofts-response-to-cve-2021-44228-apache-log4j2/
@learnpentest
YouTube
Log4Shell sample vulnerable application (CVE-2021-44228)
short video showing the vulnerability Log4Shell.
CVE-2021-44228
link to exploit
https://github.com/r00tkiiT/log4shell-vulnerable-app
CVE-2021-44228
link to exploit
https://github.com/r00tkiiT/log4shell-vulnerable-app
CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes
https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes
POC : https://github.com/Crusaders-of-Rust/CVE-2022-0185
#0day #Linux
https://blog.aquasec.com/cve-2022-0185-linux-kernel-container-escape-in-kubernetes
POC : https://github.com/Crusaders-of-Rust/CVE-2022-0185
#0day #Linux
Aqua
CVE-2022-0185 in Linux Kernel Can Allow Container Escape in Kubernetes
A high-severity CVE was released that affects the Linux kernel, allowing unprivileged users to escalate those rights to root and escape from the container
https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
https://www.ayrx.me/pwnkit-no-logs/
CVE-2021-4034 Exploit:
https://github.com/Ayrx/CVE-2021-4034
https://github.com/ly4k/PwnKit
#Exploit #LPE #linux
https://www.ayrx.me/pwnkit-no-logs/
CVE-2021-4034 Exploit:
https://github.com/Ayrx/CVE-2021-4034
https://github.com/ly4k/PwnKit
#Exploit #LPE #linux
GitHub
GitHub - Ayrx/CVE-2021-4034: Exploit for CVE-2021-4034
Exploit for CVE-2021-4034. Contribute to Ayrx/CVE-2021-4034 development by creating an account on GitHub.
Granular, Actionable Adversary Emulation for the Cloud.
https://github.com/Datadog/stratus-red-team/
#Redteam #Cloud #Stratus
https://github.com/Datadog/stratus-red-team/
#Redteam #Cloud #Stratus
GitHub
GitHub - DataDog/stratus-red-team: :cloud: Granular, Actionable Adversary Emulation for the Cloud
:cloud: :zap: Granular, Actionable Adversary Emulation for the Cloud - GitHub - DataDog/stratus-red-team: :cloud: Granular, Actionable Adversary Emulation for the Cloud
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm.
https://github.com/Cyb3r-Monk/RITA-J
https://github.com/Cyb3r-Monk/RITA-J
GitHub
GitHub - Cyb3r-Monk/RITA-J: Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring…
Implementation of RITA (Real Intelligence Threat Analytics) in Jupyter Notebook with improved scoring algorithm. - Cyb3r-Monk/RITA-J
Stop Defender Service using C# via Token Impersonation
https://github.com/dosxuz/DefenderStop
#readteam
https://github.com/dosxuz/DefenderStop
#readteam
GitHub
GitHub - dosxuz/DefenderStop: Stop Defender Service using C# via Token Impersonation
Stop Defender Service using C# via Token Impersonation - dosxuz/DefenderStop
Peneter Tools
LPE Windows Exploit https://gist.github.com/d4rk-d4nph3/bb83d94fbb7b0fe9c2d8a9c52d7088fc https://github.com/KaLendsi/CVE-2022-21882
win32k LPE bypass CVE-2021-1732 Exploit
https://github.com/KaLendsi/CVE-2022-21882
https://github.com/KaLendsi/CVE-2022-21882
GitHub
GitHub - KaLendsi/CVE-2022-21882: win32k LPE
win32k LPE . Contribute to KaLendsi/CVE-2022-21882 development by creating an account on GitHub.
Remote Code Oxidation is a collection of offensive security tools written in Rust.
https://github.com/kmanc/remote_code_oxidation
#offensivesecurity
https://github.com/kmanc/remote_code_oxidation
#offensivesecurity
GitHub
GitHub - kmanc/remote_code_oxidation
Contribute to kmanc/remote_code_oxidation development by creating an account on GitHub.
EvilSelenium is a new project that weaponizes Selenium to abuse Chrome. The current features right now are:
https://github.com/mrd0x/EvilSelenium
#Evilselenium #chrome
https://github.com/mrd0x/EvilSelenium
#Evilselenium #chrome
GitHub
GitHub - mrd0x/EvilSelenium: EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers.
EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers. - mrd0x/EvilSelenium