Learn how the Black Lotus Labs team rediscovered a botnet named TheMoon, which has eclipsed its old size and activity.

Leak NTLM via Website tab in teams via MS Office. Contribute to soufianetahiri/TeamsNTLMLeak development by creating an account on GitHub.

Rebound is a monster Active Directory / Kerberos box. I’ll start off with a RID-cycle attack to get a list of users, and combine AS-REP-Roasting with Kerberoasting to get an crackable hash for a service account. That password is shared by a domain user, and…

notes, honeypot, and exploit demo for the xz backdoor (CVE-2024-3094) - amlweems/xzbot

Expose local http, tcp or websocket connections to the public internet - amalshaji/portr

A tool that allows you to create vulnerable instrumented local or cloud environments to simulate attacks against and collect the data into Splunk - GitHub - splunk/attack_range: A tool that allows...

i will upload more templates here to share with the comunity. - ayadim/Nuclei-bug-hunter

Evilginx 3.3 update is here and it comes packing with the special feature everyone has been waiting for.

Does some google dorks against a domain. Contribute to DanMcInerney/fast-recon development by creating an account on GitHub.

There is an essential gadget that you will want to get, to get the best antenna performance. But first we need to cover a bit of antenna theory, before we can answer the question of what antenna that is the best one for your HackRF Portapack, or Flipper Zero…

Translate JavaScript to other writing systems.

APT44 is a threat actor that is actively engaged in the full spectrum of espionage, attack, and influence operations.

A trivial programmatic Llama 3 jailbreak. Sorry Zuck! - haizelabs/llama3-jailbreak

A Post-exploitation Toolset for Interacting with the Microsoft Graph API - dafthack/GraphRunner

Extract credentials from lsass remotely. Contribute to login-securite/lsassy development by creating an account on GitHub.