Key Takeaways In October 2023, we observed an intrusion that began with a spam campaign, distributing a forked IcedID loader. The threat actor used Impacket’s wmiexec and RDP to install Scree…

Generative AI continues to be misused and abused by malicious individuals. In this article, we dive into new criminal LLMs, criminal services with ChatGPT-like capabilities, and deepfakes being offered on criminal sites.

We write your reusable computer vision tools. 💜. Contribute to roboflow/supervision development by creating an account on GitHub.

#ADCS #activedirectory #hacking #windows

By creating a vulnerable Certificate Template, we modify the Configuration Naming Context (NC) in Active Directory. NC holds configuration information about the entire forest, including ADCS details. We then push…

A technique that can be used to bypass AV/EDR memory scanners. This can be used to hide well-known and detected shellcodes (such as msfvenom) by performing on-the-fly decryption of individual encry...

EclecticIQ analysts discovered phishing campaigns targeting financial institutions driven by a Phishing-as-a-Service (PhaaS) platform called ONNX Store.

Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI - Static binary available - GitHub - erebe/wstunnel: Tunnel all your traffic over Websocket or HTTP2 - Bypass firewalls/DPI -...

A set of rootkit-like abilities for unprivileged users, and vulnerabilities based on the DOT-to-NT path conversion known issue - SafeBreach-Labs/MagicDot

Background Information This post is my solution for the last assignment in my Learning-C repository. I thought a good way to cap off a repo designed to introduce people to very basic C programming would be to take those very basic techinques and make a simple…

Black Lantern Security is publicly releasing our new Python DNS auditing tool, BadDNS. It’s primarily a subdomain takeover detection tool but covers other DNS related issues like zone transfers and NSEC walking as well. Thanks for reading Black Lantern Security…

Microsoft Outlook can be turned into a C2 beacon to remotely execute code, as demonstrated by a new red team post-exploitation framework named "Specula," released today by cybersecurity firm TrustedSec.

Tooling backed by an LLM for performing natural language searches against compiled target binaries. Search for encryption code, password strings, vulnerabilities, etc. - GitHub - arphanetx/Monocle...

GeoServer Remote Code Execution. Contribute to Chocapikk/CVE-2024-36401 development by creating an account on GitHub.

DeadPotato is a windows privilege escalation utility from the Potato family of exploits, leveraging the SeImpersonate right to obtain SYSTEM privileges. This noscript has been customized from ...

BOF and Python3 implementation of technique to unbind 445/tcp on Windows via SCM interactions - GitHub - zyn3rgy/smbtakeover: BOF and Python3 implementation of technique to unbind 445/tcp on Windo...

RedGuard is a C2 front flow control tool,Can avoid Blue Teams,AVs,EDRs check. - wikiZ/RedGuard

Check out Mythic 3.3's major updates, including command augmentation and auto triage tracking. Get ready to optimize your workflows with the new features!