Forwarded from Peneter.com
مطمئن شین که Outlook شما وصله شده!
هکرها میتونن از راه دور، رمزهای ورود به سیستم ویندوز 🔑 NTLM شما رو سرقت کنن
آسیب پذیری CVE-2023-35636 در قابلیت تقویم Outlook وجود داره که از طریق دعوتنامه هایی که بهطور خاص ساخته شدهن، راهاندازی میشه
جزئیات در اینجا: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
#امنیت_سایبری #هک #آسیب_پذیری
#cybersecurity #hacking #vulnerability
هکرها میتونن از راه دور، رمزهای ورود به سیستم ویندوز 🔑 NTLM شما رو سرقت کنن
آسیب پذیری CVE-2023-35636 در قابلیت تقویم Outlook وجود داره که از طریق دعوتنامه هایی که بهطور خاص ساخته شدهن، راهاندازی میشه
جزئیات در اینجا: https://thehackernews.com/2024/01/researchers-uncover-outlook.html
#امنیت_سایبری #هک #آسیب_پذیری
#cybersecurity #hacking #vulnerability
Forwarded from Peneter.com
🔍 موتورهای جستجو برای پنتسترها
🔍 Search Engine for Pentesters
#searchengine #pentester #cyber #hacking #cybersecurity
🔍 Search Engine for Pentesters
#searchengine #pentester #cyber #hacking #cybersecurity
a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it effectively useless if ran morethan 5 minutes the system freezes to death.
https://github.com/cpu0x00/EternelSuspention
https://github.com/cpu0x00/EternelSuspention
GitHub
GitHub - cpu0x00/EternelSuspention: a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making…
a simple poc showcasing the ability of an admin to suspend EDR's protected processes , making it useless - GitHub - cpu0x00/EternelSuspention: a simple poc showcasing the ability of an adm...
Disable Windows Defender (+ UAC Bypass, + Upgrade to SYSTEM)
https://github.com/EvilGreys/Disable-Windows-Defender-
https://github.com/EvilGreys/Disable-Windows-Defender-
NTLM Relay Gat - streamlines the process of exploiting NTLM relay vulnerabilities, offering a range of functionalities from listing SMB shares to executing commands on MSSQL databases.
https://github.com/ad0nis/ntlm_relay_gat
https://github.com/ad0nis/ntlm_relay_gat
GitHub
GitHub - ad0nis/ntlm_relay_gat
Contribute to ad0nis/ntlm_relay_gat development by creating an account on GitHub.
This repository contains multiple PowerShell noscripts that can help you respond to cyber attacks on Windows Devices.
https://github.com/Bert-JanP/Incident-Response-Powershell
https://github.com/Bert-JanP/Incident-Response-Powershell
GitHub
GitHub - Bert-JanP/Incident-Response-Powershell: PowerShell Digital Forensics & Incident Response Scripts.
PowerShell Digital Forensics & Incident Response Scripts. - Bert-JanP/Incident-Response-Powershell
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing
https://github.com/reveng007/DarkWidow
https://github.com/reveng007/DarkWidow
GitHub
GitHub - reveng007/DarkWidow: Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote…
Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+Bloc...
Cobalt Strike Profiles for EDR #Evasion
https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion
https://github.com/EvilGreys/Cobalt-Strike-Profiles-for-EDR-Evasion
With PPLDescribe, you can retrieve information about processes that are protected by PPL. The tool parses PS_PROTECTION, PS_PROTECTED_TYPE and PS_PROTECTED_SIGNER structures to retrieve the information
#Credential_access
https://github.com/MzHmO/PPLDescribe
#Credential_access
https://github.com/MzHmO/PPLDescribe
GitHub
GitHub - MzHmO/PPLDescribe: Tool for obtaining information about PPL processes
Tool for obtaining information about PPL processes - MzHmO/PPLDescribe
Remote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box
https://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e
https://github.com/SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e
GitHub
GitHub - SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack-in-wpa_supplicant-binary-in-android-11-platform-samsung-a20e: Remote…
Remote buffer overflow over wifi_stack in wpa_supplicant binary in android 11, platform:samsung a20e, stock options so like works out of the box - SpiralBL0CK/Remote-buffer-overflow-over-wifi_stack...
Simulate the behavior of AV/EDR for malware development training.
https://github.com/Helixo32/CrimsonEDR/tree/main
https://github.com/Helixo32/CrimsonEDR/tree/main
GitHub
GitHub - Helixo32/CrimsonEDR: Simulate the behavior of AV/EDR for malware development training.
Simulate the behavior of AV/EDR for malware development training. - Helixo32/CrimsonEDR
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. #evasion
https://github.com/Sh3lldon/FullBypass
https://github.com/Sh3lldon/FullBypass
GitHub
GitHub - Sh3lldon/FullBypass: A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language…
A tool which bypasses AMSI (AntiMalware Scan Interface) and PowerShell CLM (Constrained Language Mode) and gives you a FullLanguage PowerShell reverse shell. - Sh3lldon/FullBypass