😉 Обновленная консоль агента с гибкими настройками
😉 Оповещения в Telegram
😉 OTP для синхронизации файлов и команд
😉 Новая тема Dracula
😉 Обновление до Golang 1.24.4

Server/Client Architecture for Multiplayer Support
Cross-platform GUI client
Fully encrypted communications
Listener and Agents as Plugin (Extender)
Client extensibility for adding new tools
Task and Jobs storage
Files and Process browsers
Socks4 / Socks5 / Socks5 Auth support
Local and Reverse port forwarding support
BOF support
Linking Agents and Sessions Graph
Agents Health Checker
Agents KillDate and WorkingTime control
Windows/Linux/MacOs agents support
Remote Terminal

sudo apt install mingw-w64 make

wget https://go.dev/dl/go1.24.4.linux-amd64.tar.gz -O /tmp/go1.24.4.linux-amd64.tar.gz
sudo rm -rf /usr/local/go /usr/local/bin/go
sudo tar -C /usr/local -xzf /tmp/go1.24.4.linux-amd64.tar.gz
sudo ln -s /usr/local/go/bin/go /usr/local/bin/go

sudo apt install gcc g++ build-essential cmake libssl-dev qt6-base-dev qt6-websockets-dev qt6-declarative-dev

git clone https://github.com/Adaptix-Framework/AdaptixC2.git
cd AdaptixC2
make server
make extenders
make client
cd dist
chmod +x ssl_gen.sh
./ssl_gen.sh

./adaptixserver -profile profile.json
./AdaptixClient

Defeating Windows User Account Control by abusing built-in Windows AutoElevate backdoor. This project demonstrates various UAC bypass techniques and serves as an educational resource for understanding Windows security mechanisms.

akagi32.exe [Method_Number] [Optional_Command]
akagi64.exe [Method_Number] [Optional_Command]

akagi32.exe 23
akagi64.exe 61
akagi32.exe 23 c:\windows\system32\calc.exe
akagi64.exe 61 c:\windows\system32\charmap.exe

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/google/magika/releases/download/cli/v0.1.3/magika-installer.sh | sh

powershell -ExecutionPolicy Bypass -c "irm https://github.com/google/magika/releases/download/cli/v0.1.3/magika-installer.ps1 | iex"

pip install magika

from magika import Magika
m = Magika()
res = m.identify_path('./tests_data/basic/ini/doc.ini')
print(res.output.label)
// ini

Привет всем! Автор статьи Михаил Жмайло, он пентестер в команде CICADA8.

This tool exploits a new attack against delegated Managed Service Accounts called the "Golden DMSA" attack. The technique allows attackers to generate passwords for all associated dMSAs offline

В этой статье мы представляем Repeater Strike - новое расширение Burp Suite на базе AI, предназначенное для автоматизации поиска IDOR и подобных уязвимостей

Disclaimer: This blog is not related or contain any information about the bug at Pwn2Own Berlin. This is a bug I discovered by accident, and it has already been resolved. I don’t even know which CVE it corresponds to or which version it was patched. It looks like someone found it and kept it for red teaming purposes. If you know any information about this bug, please feel free to leave a comment

uv tool install 'git+https://github.com/OleFredrik1/remoteKrbRelayx.git'

# или

pipx install 'git+https://github.com/OleFredrik1/remoteKrbRelayx.git'

Post-ex tool built to streamline identifying, profiling, and attacking SCCM related assets in an Active Directory

uv tool install 'git+https://github.com/garrettfoster13/sccmhunter.git'
# или
pipx install 'git+https://github.com/garrettfoster13/sccmhunter/'