Updog is a replacement for Python's SimpleHTTPServer. It allows uploading and downloading via HTTP/S, can set ad hoc SSL certificates and use http basic auth. - sc0tfree/updog

A fully automated, accurate, and extensive scanner for finding log4j RCE CVE-2021-44228 - GitHub - fullhunt/log4j-scan: A fully automated, accurate, and extensive scanner for finding log4j RCE CVE...

Notes about attacking Jenkins servers. Contribute to gquere/pwn_jenkins development by creating an account on GitHub.

Hacker can steal leaked API keys, passwords, and customer data from GitHub to login to servers, steal personal information, and rack up absurd AWS charges. This article explains shows common types of...

How to build Cyber Security lab to test exploits, security tools, and better understand cyber concepts.

OSCP 2022

A beginners hardware hacking journey of performing a BIOS password bypass on Lenovo laptops. In this article we identify what the problem is, how to identify a vulnerable chip, how to bypass a...

Use Log4Shell vulnerability to vaccinate a victim server against Log4Shell - Cybereason/Logout4Shell

Attack Surface Analyzer can help you analyze your operating system's security configuration for changes during software installation. - microsoft/AttackSurfaceAnalyzer

Network Analysis Tool. Contribute to odedshimon/BruteShark development by creating an account on GitHub.

log4jScanner provides the ability to scan internal subnets for vulnerable log4j web services - proferosec/log4jScanner

VirtualBox E1000 Guest-to-Host Escape. Contribute to MorteNoir1/virtualbox_e1000_0day development by creating an account on GitHub.

🔍 A Hex Editor for Reverse Engineers, Programmers and people who value their retinas when working at 3 AM. - WerWolv/ImHex

🤖 The Modern Port Scanner 🤖. Contribute to RustScan/RustScan development by creating an account on GitHub.

Digital Forensics Guide. Learn all about Digital Forensics, Computer Forensics, Mobile device Forensics, Network Forensics, and Database Forensics. - mikeroyal/Digital-Forensics-Guide

Chaining a misconfiguration in IE11/Edge Legacy with an argument injection in a Windows 10/11 default URI handler and a bypass for a previous Electron patch, we developed a drive-by RCE exploit for...

Sha256 algorithm explained online step by step visually

You don’t know me, but there’s a good chance I know you.

Intro In our research, we expose adversarial Tactics, Techniques and Procedures (TTPs) as well as the tools they use to execute their mission objectives. In most of our cases, we see the threat act…

It embeds the executable file or payload inside the jpg file. The method the program uses isn't exactly called one of the steganography methods. For this reason, it does not cause any dist...

During the exploitation phase of a pen test or ethical hacking engagement, you will ultimately need to try to cause code to run on target system computers. Whether accomplished by phishing emails, ...

Wireless Penetration Testing Cheat Sheet. GitHub Gist: instantly share code, notes, and snippets.

Repurposing BeEF and AutoIt for stealthy malware development

What is DNS Rebinding? Imagine you are a comuter :D People give you URLs and you load them Of course you won’t load url that points to your internal network… That would be stupid right? Because of...

Sometimes you are asked to perform a firewall analysis to determine if the configuration can be improved upon to reduce the ability for an attacker to move laterally through the network or identify…

No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/ - sickcodes/no-s...

Serialization vs Deserialization

HTTP Protocol Stack Remote Code Execution Vulnerability CVE-2022-21907 - ZZ-SOCMAP/CVE-2022-21907

Our discovery of two privilege escalation vulnerabilities in a driver highlights the strength of Microsoft Defender ATP’s sensors. These sensors expose anomalous behavior and give SecOps personnel...

A Wi-Fi deauthentication attack, also known as a "deauth attack" or "disassociation attack," is a type of denial-of-service that targets wireless networks. The primary goal of this attack is to...

Last update: November 3rd, 2021 Updated November 3rd, 2021: Included several fixes and actualized some techniques. Changes made to the Defender evasion, RBCD, Domain Enumeration, Rubeus, and Mimikatz...

AppSec & Bug Bounty

Cover your tracks during Linux Exploitation by leaving zero traces on system logs and filesystem timestamps. - mufeedvh/moonwalk

Practical steps on how to pentest Active Directory environments using a list of most common AD vulnerabilities. Tools and command examples for testing and exploitation of AD vulnerabilities.

All the deals for InfoSec related software/tools this Black Friday - 0x90n/InfoSec-Black-Friday

Tunneling Internet traffic over Whatsapp. Contribute to aleixrodriala/wa-tunnel development by creating an account on GitHub.

A PowerShell example of the Windows zero day priv esc - OneLogicalMyth/zeroday-powershell

### Summary An attacker could, through a link or website, take over the computer of a Visual Studio Code user and any computers they were connected to via the [Visual Studio Code Remote Developmen...

When putting together a SIEM, one of the first things that you need to decide on is the distributed architecture you’re going to choose…

dnsReaper - subdomain takeover tool for attackers, bug bounty hunters and the blue team! - punk-security/dnsReaper

Offensive website security Bug bounty Ethical hacking

IDOR — Insecure Direct Object Reference, abuse of the lack of authentication at every stage.

Awesome-Cellular-Hacking. Contribute to W00t3k/Awesome-Cellular-Hacking development by creating an account on GitHub.

Hide yo mailing lists, Hide yo Slack

On April 7 2021, Thijs Alkemade and Daan Keuper demonstrated a zero-click remote code execution exploit in the Zoom video client during Pwn2Own 2021. Now that related bugs have been fixed for all...

Oh man where to even begin with this one. This was a crazy ride and I learned a ton along the way.

We can increase our capabilities to distribute our HTTP requests over a larger and larger pool of networks.

An open-source Secure Email Gateway (SEG) evaluation toolkit designed for red-teamers. - CanIPhish/Phishious

ThePhish: an automated phishing email analysis tool - emalderson/ThePhish

In this blog post we’ll explain how an attacker can get access into a cloud environment by sending a malicious pull request.

RESTler is the first stateful REST API fuzzing tool for automatically testing cloud services through their REST APIs and finding security and reliability bugs in these services. - microsoft/restler...

Explore this post and more from the hacking community

Automated Penetration Testing Reporting System. Contribute to APTRS/APTRS development by creating an account on GitHub.

JPCERT/CC has confirmed that a new technique was used in an attack that occurred in July, which bypasses detection by embedding a malicious Word file into a PDF file. This blog article calls the...

A list for all things wireless that you may find useful while assessing a real world Wi-Fi Enterprise Network. How-to: c, KARMA, MANA…

ffuf on Steroids. Doing content discovery like a boss!!

JNDI-Exploitation-Kit（A modified version of the great JNDI-Injection-Exploit created by @welk1n. This tool can be used to start an HTTP Server, RMI Server and LDAP Server to exploit java web apps v...

💀 Generate a bunch of malicious pdf files with phone-home functionality. Can be used with Burp Collaborator or Interact.sh - jonaslejon/malicious-pdf

Programs that can collect the user credentials for Google Chrome, Mozilla Firefox and Microsoft Edge and decrypt them then save the decrypted output to .txt files - Lukey J

CVE 2022-0847 is a privilege escalation vulnerability discovered by Max Kellerman present in Linux Kernel itself post versions 5.8 which allows overwriting

Terminal escape injection vulnerability (ANSI/VT escapse sequences) can result into arbitrary command execution (ACE) on every modern system including Windows, Linux or Mac OS.

In the past several years, we have seen multiple malware samples using DNS tunneling to exfiltrate data. In June, Microsoft Security Intelligence warned about BazarCall (or BazaLoader), a scam...

Hi everyone! 👋 If you have been following my blog then you might have already read the article on reverse engineering an Android app by writing custom smali code. I am still very much a reverse...

I made a guide on how to secure docker. I’ve split it up into 3 categories. Feedback is appreciated as this is more a compilation of other resources than anything else and I did not verify everythi...