"Assembly Unleashed: A Hacker's Handbook" is a definitive resource tailored specifically for hackers and security researchers seeking to master the art of assembly programming language. Authored by seasoned practitioners in the field, this book offer...

Technical talk at Hack in the Box + Positive Hack Days 2024 joint security conference on 25th May 2024 in Bangkok, Thailand
Speaker: Alisa Esage

Zero Day Engineering Research & Courses
https://zerodayengineering.com

Follow us:
https://www.youtube.com/…

Scripts I use to deploy Havoc on Linode and setup categorization and SSL - smokeme/ansible-havoc

Fuzzing IoT Devices Using the Router TL-WR902AC as Example - otsmr/blackbox-fuzzing

AD Miner is an Active Directory audit tool that leverages cypher queries to crunch data from the #Bloodhound graph database to uncover security weaknesses - Mazars-Tech/AD_Miner

smbclient-ng, a fast and user friendly way to interact with SMB shares. - GitHub - p0dalirius/smbclient-ng: smbclient-ng, a fast and user friendly way to interact with SMB shares.

Docker has revolutionized the way software is developed, deployed, and managed by providing a lightweight, portable, and scalable platform for containerization.

Practical resources for offensive CI/CD security research. - TupleType/awesome-cicd-attacks

Key Takeaways In October 2023, we observed an intrusion that began with a spam campaign, distributing a forked IcedID loader. The threat actor used Impacket’s wmiexec and RDP to install Scree…

Generative AI continues to be misused and abused by malicious individuals. In this article, we dive into new criminal LLMs, criminal services with ChatGPT-like capabilities, and deepfakes being offered on criminal sites.

We write your reusable computer vision tools. 💜. Contribute to roboflow/supervision development by creating an account on GitHub.

#ADCS #activedirectory #hacking #windows

By creating a vulnerable Certificate Template, we modify the Configuration Naming Context (NC) in Active Directory. NC holds configuration information about the entire forest, including ADCS details. We then push…

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry...

EclecticIQ analysts discovered phishing campaigns targeting financial institutions driven by a Phishing-as-a-Service (PhaaS) platform called ONNX Store.

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available - GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI -...

A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue - SafeBreach-Labs/MagicDot