Pre-auth WAN remote root for Cisco RV340 VPN Gateway Router
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md
#cisco
https://github.com/pedrib/PoC/blob/master/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md
#cisco
GitHub
PoC/advisories/Pwn2Own/Austin_2021/flashback_connects/flashback_connects.md at master · pedrib/PoC
Advisories, proof of concept files and exploits that have been made public by @pedrib. - pedrib/PoC
Running Mimikatz using GadgetToJScript from JS or VBS
‘cnoscript mimi.js privilege::debug < safe.txt’
Steps:
https://gist.github.com/med0x2e/cc10d42b1f581507013e801da2651c74
#mimikatz #JS
‘cnoscript mimi.js privilege::debug < safe.txt’
Steps:
https://gist.github.com/med0x2e/cc10d42b1f581507013e801da2651c74
#mimikatz #JS
Gist
Steps.txt
GitHub Gist: instantly share code, notes, and snippets.
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be used in a data pipeline.
https://gitlab.com/shodan-public/nrich
#nrich #vulnerability
https://gitlab.com/shodan-public/nrich
#nrich #vulnerability
GitLab
shodan-public / nrich · GitLab
A command-line tool to quickly analyze all IPs in a file and see which ones have open ports/ vulnerabilities. Can also be fed data from stdin to be...
another great tool for finding subdomain takeover vulnerabilities with AWS accounts.
details :
https://blog.assetnote.io/2022/02/13/dangling-eips/
Tool:
https://github.com/assetnote/ghostbuster
details :
https://blog.assetnote.io/2022/02/13/dangling-eips/
Tool:
https://github.com/assetnote/ghostbuster
Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) in domain
https://github.com/jbaines-r7/blankspace
https://github.com/jbaines-r7/blankspace
GitHub
GitHub - jbaines-r7/blankspace: Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893)
Proof of Concept for EFSRPC Arbitrary File Upload (CVE-2021-43893) - jbaines-r7/blankspace
در یک کار تحقیقاتی روند رسیدن به عکس با وضوح از عکس بلور شده رو پیاده سازی کرده اند.
https://arxiv.org/pdf/1702.00783.pdf
هرگز هرگز از پیکسل سازی به عنوان یک تکنیک ویرایش استفاده نکنید .
https://github.com/bishopfox/unredacter
https://arxiv.org/pdf/1702.00783.pdf
هرگز هرگز از پیکسل سازی به عنوان یک تکنیک ویرایش استفاده نکنید .
https://github.com/bishopfox/unredacter
GitHub
GitHub - BishopFox/unredacter: Never ever ever use pixelation as a redaction technique
Never ever ever use pixelation as a redaction technique - BishopFox/unredacter
A new update with Autoruns v14.09, ProcMon v3.89, Sysmon v13.33 and ZoomIt v5.10 has now been posted!
Get the tools at http://sysinternals.com
Get the tools at http://sysinternals.com
Docs
Sysinternals - Sysinternals
Library, learning resources, downloads, support, and community. Evaluate and find out how to install, deploy, and maintain Windows with Sysinternals utilities.
A python noscript to extract information from a Microsoft Remote Desktop Web Access (RDWA) application
https://github.com/p0dalirius/RDWArecon
https://github.com/p0dalirius/RDWArecon
GitHub
GitHub - p0dalirius/RDWAtool: A python noscript to extract information from a Microsoft Remote Desktop Web Access (RDWA) application
A python noscript to extract information from a Microsoft Remote Desktop Web Access (RDWA) application - GitHub - p0dalirius/RDWAtool: A python noscript to extract information from a Microsoft Remote ...
Gather and update all available and newest CVEs with their PoC.
https://github.com/trickest/cve
#CVE #POC
https://github.com/trickest/cve
#CVE #POC
GitHub
GitHub - trickest/cve: Gather and update all available and newest CVEs with their PoC.
Gather and update all available and newest CVEs with their PoC. - trickest/cve
WiFi Zero Click RCE Trigger PoC CVE-2021-1965
https://github.com/parsdefense/CVE-2021-1965
https://github.com/parsdefense/CVE-2021-1965
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
https://github.com/darkquasar/AzureHunter
https://github.com/darkquasar/AzureHunter
GitHub
GitHub - darkquasar/AzureHunter: A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365
A Cloud Forensics Powershell module to run threat hunting playbooks on data from Azure and O365 - darkquasar/AzureHunter
Macrome - Excel Macro Document Reader/Writer For Red Teamers And Analysts
https://www.ired.dev/irb/macrome-excel-macro-document-readerwriter-for-red-teamers-and-analysts-1d11
https://www.ired.dev/irb/macrome-excel-macro-document-readerwriter-for-red-teamers-and-analysts-1d11
iRed.DEV
Macrome - Excel Macro Document Reader/Writer For Red Teamers And Analysts
An Excel Macro Document Reader/Writer for Red Teamers & Analysts. Blog posts describing what...
Run application as system with interactive system process support (active Windows session)
https://github.com/DarkCoderSc/PowerRunAsSystem
https://github.com/DarkCoderSc/PowerRunAsSystem
GitHub
GitHub - PhrozenIO/PowerRunAsSystem: PowerRunAsSystem is a PowerShell noscript, also available as an installable module through the…
PowerRunAsSystem is a PowerShell noscript, also available as an installable module through the PowerShell Gallery, designed to impersonate the NT AUTHORITY/SYSTEM user and execute commands or launch ...