EvilSelenium is a new project that weaponizes Selenium to abuse Chrome. The current features right now are:
https://github.com/mrd0x/EvilSelenium
#Evilselenium #chrome
https://github.com/mrd0x/EvilSelenium
#Evilselenium #chrome
GitHub
GitHub - mrd0x/EvilSelenium: EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers.
EvilSelenium is a tool that weaponizes Selenium to attack Chromium based browsers. - mrd0x/EvilSelenium
با کمک سایت http://birdhunt.co میشه سرچ بر اساس مختصات جغرافیایی زد. در واقع این ابزار خیلی تو OSINT بدرد میخوره مثلا لیست توییت هایی که در 8.7 کیلومتر تهران زده شده اند:
https://twitter.com/search?q=%20geocode%3A35.696%2C51.401%2C8.7km&src=typed_query&f=live
اگر علاقه مند بودید بیشتر یاد بگیرید به بلاگ پنتر سر بزنید.
#osint
https://twitter.com/search?q=%20geocode%3A35.696%2C51.401%2C8.7km&src=typed_query&f=live
اگر علاقه مند بودید بیشتر یاد بگیرید به بلاگ پنتر سر بزنید.
#osint
birdhunt.huntintel.io
BirdHunt | Find Tweets By Location
BirdHunt is a Free OSINT tool to find tweets by location. BirdHunt uses Twitters GeoCoded tweet search to find tweets by location. BirdHunt is simple to use, mobile friendly and designed for OSINT researchers. How to tell where a tweet came from? Use the…
Best DDoS Attack Script Python3, Cyber Attack With 36 Methods
https://github.com/MHProDev/MHDDoS
#DDOS
https://github.com/MHProDev/MHDDoS
#DDOS
GitHub
GitHub - MatrixTM/MHDDoS: Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods
Best DDoS Attack Script Python3, (Cyber / DDos) Attack With 56 Methods - MatrixTM/MHDDoS
PrintProcessor Persistence/LPE with SharpStay
Tool:
https://github.com/tothi/SharpStay
technical:
https://stmxcsr.com/persistence/print-processor.html
#print #persistence #sharpstay #redteaming
Tool:
https://github.com/tothi/SharpStay
technical:
https://stmxcsr.com/persistence/print-processor.html
#print #persistence #sharpstay #redteaming
GitHub
GitHub - tothi/SharpStay: .NET project for installing Persistence
.NET project for installing Persistence. Contribute to tothi/SharpStay development by creating an account on GitHub.
Remote Stack Overflow in Linux Kernel TIPC
details:
https://www.openwall.com/lists/oss-security/2022/02/10/1
kernel patch:
https://github.com/torvalds/linux/commit/9aa422ad326634b76309e8ff342c246800621216
source:
https://twitter.com/_mattata/status/1492725144732766212?s=20&t=UQREx-4ydrHjUiUixRWQMg
#kernel #RBOF #linux #TIPC
details:
https://www.openwall.com/lists/oss-security/2022/02/10/1
kernel patch:
https://github.com/torvalds/linux/commit/9aa422ad326634b76309e8ff342c246800621216
source:
https://twitter.com/_mattata/status/1492725144732766212?s=20&t=UQREx-4ydrHjUiUixRWQMg
#kernel #RBOF #linux #TIPC
GitHub
tipc: improve size validations for received domain records · torvalds/linux@9aa422a
The function tipc_mon_rcv() allows a node to receive and process
domain_record structs from peer nodes to track their views of the
network topology.
This patch verifies that the number of members ...
domain_record structs from peer nodes to track their views of the
network topology.
This patch verifies that the number of members ...
Kernel mode WinDbg extension and PoCs for token privilege investigation.
https://github.com/daem0nc0re/PrivFu
#PE
https://github.com/daem0nc0re/PrivFu
#PE
GitHub
GitHub - daem0nc0re/PrivFu: Kernel mode WinDbg extension and PoCs for token privilege investigation.
Kernel mode WinDbg extension and PoCs for token privilege investigation. - daem0nc0re/PrivFu
Sandboxing Antimalware Products for Fun and Profit
https://elastic.github.io/security-research/whitepapers/2022/02/02.sandboxing-antimalware-products-for-fun-and-profit/article/
poc:
https://github.com/Allevon412/PPL_Sandboxer
#AV #sandbox
https://elastic.github.io/security-research/whitepapers/2022/02/02.sandboxing-antimalware-products-for-fun-and-profit/article/
poc:
https://github.com/Allevon412/PPL_Sandboxer
#AV #sandbox
Pre-auth WAN remote root for Cisco RV340 VPN Gateway Router
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md
#cisco
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md
#cisco
GitHub
PoC/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md at master · pedrib/PoC
Advisories, proof of concept files and exploits that have been made public by @pedrib. - pedrib/PoC
Running Mimikatz using GadgetToJScript from JS or VBS
‘cnoscript mimi.js privilege::debug < safe.txt’
Steps:
https://gist.github.com/med0x2e/cc10d42b1f581507013e801da2651c74
#mimikatz #JS
‘cnoscript mimi.js privilege::debug < safe.txt’
Steps:
https://gist.github.com/med0x2e/cc10d42b1f581507013e801da2651c74
#mimikatz #JS
Gist
Steps.txt
GitHub Gist: instantly share code, notes, and snippets.
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be used in a data pipeline.
https://gitlab.com/shodan-public/nrich
#nrich #vulnerability
https://gitlab.com/shodan-public/nrich
#nrich #vulnerability
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...