JS-Tap is a tool intended to help red teams attack web applications.
https://trustedsec.com/blog/js-tap-mark-ii-now-with-c2-shenanigans
https://trustedsec.com/blog/js-tap-mark-ii-now-with-c2-shenanigans
TrustedSec
JS-Tap Mark II: Now with C2 Shenanigans
An Event Tracing for Windows (ETW) tool that allows you to enumerate Manifest & MOF providers, as well as collect events from desired providers.
https://github.com/jsecurity101/ETWInspector
https://github.com/jsecurity101/ETWInspector
GitHub
GitHub - jonny-jhnson/ETWInspector
Contribute to jonny-jhnson/ETWInspector development by creating an account on GitHub.
Operation Triangulation: Attacks On IPhones/iPads - Marco Preuss
https://www.youtube.com/watch?v=xt6z4zExFII
https://www.youtube.com/watch?v=xt6z4zExFII
YouTube
Operation Triangulation: Attacks On IPhones/iPads - Marco Preuss
Тоже классный доклад. Вообще с этой конференции много хороших докладов
When Malware Becomes Creative: A Survey Of Android Detection Evasion Tactics
https://www.youtube.com/watch?v=t-zJ4KepbDg
When Malware Becomes Creative: A Survey Of Android Detection Evasion Tactics
https://www.youtube.com/watch?v=t-zJ4KepbDg
YouTube
When Malware Becomes Creative: A Survey Of Android Detection Evasion Tactics - Dimitrios Valsamaras
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
Пропатчил THOR APT scanner, чтобы он работал без лицензии. Инструмент используется для live forensic. Официальное описание: THOR is an advanced compromise assessment tool specifically designed to detect hack tools, backdoors, and traces of hacker activities on endpoints that standard Anti-virus solutions often miss.
* пропатчил только thor.exe. thor64.exe и thor-update.exe не патчил (обновить сигнатуры нельзя). Перед запуском распакуйте архив с сигма правилами в папку signatures\sigma. запускать "thor.exe —sigma"
** оригинальный архив взял с другого телеграм канала, используйте на свой страх и риск, могут быть бэкдоры!
Скачать
* пропатчил только thor.exe. thor64.exe и thor-update.exe не патчил (обновить сигнатуры нельзя). Перед запуском распакуйте архив с сигма правилами в папку signatures\sigma. запускать "thor.exe —sigma"
** оригинальный архив взял с другого телеграм канала, используйте на свой страх и риск, могут быть бэкдоры!
Скачать
Forwarded from RME-DisCo @ UNIZAR [www.reversea.me]
Code injection on Android without ptrace https://erfur.github.io/blog/dev/code-injection-without-ptrace
erfur's bits and pieces
Code injection on Android without ptrace
A slightly more fun way to disable windows defender. (through the WSC api)
https://github.com/es3n1n/no-defender
https://github.com/es3n1n/no-defender
GitHub
GitHub - es3n1n/no-defender: A slightly more fun way to disable windows defender + firewall. (through the WSC api)
A slightly more fun way to disable windows defender + firewall. (through the WSC api) - es3n1n/no-defender
бля синактив столько материалов генерит, не успеваешь
inside the iOS bug that made deleted photos reappear
https://www.synacktiv.com/publications/inside-the-ios-bug-that-made-deleted-photos-reappear
inside the iOS bug that made deleted photos reappear
https://www.synacktiv.com/publications/inside-the-ios-bug-that-made-deleted-photos-reappear
Synacktiv
Inside the iOS bug that made deleted photos reappear
Malware Development Workshop ($1,200) (регистрация заканчивается)
Автор внушает доверие! (Pavel Yosifovich)
https://training.trainsec.net/malware-development-workshop
промокод
MALDEVISTHEBEST
Автор внушает доверие! (Pavel Yosifovich)
https://training.trainsec.net/malware-development-workshop
промокод
MALDEVISTHEBEST
Hijacking GitHub runners to compromise the organization
https://www.synacktiv.com/publications/hijacking-github-runners-to-compromise-the-organization
https://www.synacktiv.com/publications/hijacking-github-runners-to-compromise-the-organization
Synacktiv
Hijacking GitHub runners to compromise the organization
Injecting code into PPL processes without vulnerable drivers on Windows 11
https://blog.slowerzs.net/posts/pplsystem/
https://blog.slowerzs.net/posts/pplsystem/
Slowerzs' blog
Injecting code into PPL processes without vulnerable drivers on Windows 11
OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator"
https://github.com/ic3qu33n/OffensiveCon24-uefi-task-of-the-translator
https://github.com/ic3qu33n/OffensiveCon24-uefi-task-of-the-translator
GitHub
GitHub - ic3qu33n/OffensiveCon24-uefi-task-of-the-translator: OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI…
OffensiveCon 2024 Repo, contains PoCs and materials for talk "UEFI and the Task of the Translator" - ic3qu33n/OffensiveCon24-uefi-task-of-the-translator