GitLab CI jobs unmasked passwords scanner
https://github.com/Whitespots-OU/gitlab-ci-secrets
#tools #secrets #devsecops
https://github.com/Whitespots-OU/gitlab-ci-secrets
#tools #secrets #devsecops
GitHub
GitHub - Whitespots-OU/gitlab-ci-secrets: Gitlab CI jobs stdout secrets finder
Gitlab CI jobs stdout secrets finder. Contribute to Whitespots-OU/gitlab-ci-secrets development by creating an account on GitHub.
log4hshell — Quick Guide
https://musana.net/2021/12/13/log4shell-Quick-Guide/
#log4j #waf #bypass #bugbounty
https://musana.net/2021/12/13/log4shell-Quick-Guide/
#log4j #waf #bypass #bugbounty
Cobalt-Clip
Cobalt-clip is clipboard addons for Cobalt Strike to interact with clipboard. With this you can dump, edit and monitor the content of clipboard.
https://github.com/DallasFR/Cobalt-Clip
#cobaltstrike #clipboard #dump
Cobalt-clip is clipboard addons for Cobalt Strike to interact with clipboard. With this you can dump, edit and monitor the content of clipboard.
https://github.com/DallasFR/Cobalt-Clip
#cobaltstrike #clipboard #dump
Data Masking Bash OneLiner
If you need to mask data from utilities such as Responder\Inveigh for your report, use the following command:
If you need to mask data from utilities such as Responder\Inveigh for your report, use the following command:
cat hash.txt | awk -F ":" '{print $1"::"$3":"$4":"substr($5,1,4)"***"substr($6,20,20)"***"substr($6,length($6)-8,8)}' | sort -u | sort -u -t : -k 1,1
The following command can be used to mask data HashCat output:cat hash-hashcat.txt | awk -F ":" '{print ($3"/")$1":"substr($7,1,2)"******"substr($7,length($7)-1,3)}' | sort -u
#report #mask #data #pentestBypass AV & Advanced XDR solutions
Mortar Loader is able to bypass modern anti-virus products and advanced XDR solutions and it has been tested and confirmed bypass for the following:
— Kaspersky
— ESET
— Malewarebytes
— Mcafee
— Cortex XDR
— Windows defender
— Cylance
Research:
https://0xsp.com/security%20research%20&%20development%20(SRD)/defeat-the-castle-bypass-av-advanced-xdr-solutions
Source:
https://github.com/0xsp-SRD/mortar
#av #xdr #evasion #redteam
Mortar Loader is able to bypass modern anti-virus products and advanced XDR solutions and it has been tested and confirmed bypass for the following:
— Kaspersky
— ESET
— Malewarebytes
— Mcafee
— Cortex XDR
— Windows defender
— Cylance
Research:
https://0xsp.com/security%20research%20&%20development%20(SRD)/defeat-the-castle-bypass-av-advanced-xdr-solutions
Source:
https://github.com/0xsp-SRD/mortar
#av #xdr #evasion #redteam
PreAuth RCE in ManageEngine ServiceDesk Plus (CVE-2021-44077)
PoC:
https://github.com/horizon3ai/CVE-2021-44077
Research:
https://xz.aliyun.com/t/10631
#manageengine #servicedesk #rce #cve
PoC:
https://github.com/horizon3ai/CVE-2021-44077
Research:
https://xz.aliyun.com/t/10631
#manageengine #servicedesk #rce #cve
GitHub
GitHub - horizon3ai/CVE-2021-44077: Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077
Proof of Concept Exploit for ManageEngine ServiceDesk Plus CVE-2021-44077 - horizon3ai/CVE-2021-44077
Quick & Lazy Malware Development
https://capt-meelo.github.io//redteam/maldev/2021/12/15/lazy-maldev.html
#malware #av #evasion #redteam
https://capt-meelo.github.io//redteam/maldev/2021/12/15/lazy-maldev.html
#malware #av #evasion #redteam
Hack.Learn.Share
Quick & Lazy Malware Development
Quickly and lazily write malware from the perspective of a newbie and someone who has very basic programming skills.
DNS-Black-Cat
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel.
https://github.com/lawrenceamer/dns-black-cat
#c2 #dns #redteam
Multi-platform toolkit for an interactive C2C DNS shell, by using DNS-Black-Cat, you will be able to execute system commands in shell mode over a fully encrypted covert channel.
https://github.com/lawrenceamer/dns-black-cat
#c2 #dns #redteam
GitHub
GitHub - zux0x3a/dns-black-cat: Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you…
Multi platform toolkit for an interactive DNS shell commands exfiltration, by using DNS-Cat you will be able to execute system commands in shell mode over DNS protocol - GitHub - zux0x3a/dns-black...
Auto-Elevate
This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and impersonates it's process TOKEN, and spawns a new SYSTEM-level process with the stolen token. Combined with UAC bypass method #41 (ICMLuaUtil UAC bypass) from hfiref0x's UACME utility, this utility can auto-elevate a low privileged Administrative account to NT AUTHORITY\SYSTEM.
https://github.com/FULLSHADE/Auto-Elevate
#uac #bypass #windows #tools
This tool demonstrates the power of UAC bypasses and built-in features of Windows. This utility auto-locates winlogon.exe, steals and impersonates it's process TOKEN, and spawns a new SYSTEM-level process with the stolen token. Combined with UAC bypass method #41 (ICMLuaUtil UAC bypass) from hfiref0x's UACME utility, this utility can auto-elevate a low privileged Administrative account to NT AUTHORITY\SYSTEM.
https://github.com/FULLSHADE/Auto-Elevate
#uac #bypass #windows #tools
Native Function Static Map
A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.
# https://u5ksv.csb.app/
# https://github.com/EspressoCake/NativeFunctionStaticMap
#mapping #pinvoke #winapi #maldev
A *very* imperfect attempt to correlate Kernel32 function calls to native API (Nt/Zw) counterparts/execution flow.
# https://u5ksv.csb.app/
# https://github.com/EspressoCake/NativeFunctionStaticMap
#mapping #pinvoke #winapi #maldev
Alternative Process Injection
Process injection is a well-known defense evasion technique that has been used for decades to execute malicious code in a legitimate process. Until now, it is still a common technique used by hackers/red teamers.
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
#process #injection #maldev
Process injection is a well-known defense evasion technique that has been used for decades to execute malicious code in a legitimate process. Until now, it is still a common technique used by hackers/red teamers.
https://www.netero1010-securitylab.com/eavsion/alternative-process-injection
#process #injection #maldev
Bug Bounty Tip — Log4j Vulnerability Cheatsheet
— How It Works
— Test Environments
— Challenges & Labs (Rooms)
— Where Payloads can be Injected
— What Information can be Extracted
— How To Identify (Services & Scanners)
#log4j #cheatsheet #bugbounty
— How It Works
— Test Environments
— Challenges & Labs (Rooms)
— Where Payloads can be Injected
— What Information can be Extracted
— How To Identify (Services & Scanners)
#log4j #cheatsheet #bugbounty
❤1
Osmedeus
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Features
— Subdomain Scan.
— Subdomain TakeOver Scan.
— Screenshot the target.
— Basic recon like Whois, Dig info.
— Web Technology detection.
— IP Discovery.
— CORS Scan.
— SSL Scan.
— Wayback Machine Discovery.
— URL Discovery.
— Headers Scan.
— Port Scan.
— Vulnerable Scan.
— Seperate workspaces to store all scan output and details logging.
— REST API.
— React Web UI.
— Support Continuous Scan.
— Slack notifications.
— Easily view report from commnad line.
https://github.com/j3ssie/Osmedeus
#osint #vulnerability #scanner #bugbounty
Fully automated offensive security framework for reconnaissance and vulnerability scanning
Features
— Subdomain Scan.
— Subdomain TakeOver Scan.
— Screenshot the target.
— Basic recon like Whois, Dig info.
— Web Technology detection.
— IP Discovery.
— CORS Scan.
— SSL Scan.
— Wayback Machine Discovery.
— URL Discovery.
— Headers Scan.
— Port Scan.
— Vulnerable Scan.
— Seperate workspaces to store all scan output and details logging.
— REST API.
— React Web UI.
— Support Continuous Scan.
— Slack notifications.
— Easily view report from commnad line.
https://github.com/j3ssie/Osmedeus
#osint #vulnerability #scanner #bugbounty
moonwalk
moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell.
https://github.com/mufeedvh/moonwalk
#unix #log #clearing #redteam
moonwalk is a 400 KB single-binary executable that can clear your traces while penetration testing a Unix machine. It saves the state of system logs pre-exploitation and reverts that state including the filesystem timestamps post-exploitation leaving zero traces of a ghost in the shell.
https://github.com/mufeedvh/moonwalk
#unix #log #clearing #redteam
CloudSploit
CloudSploit's remediation guides are intended to be an open-source resource for improving cloud security. Many cloud IaaS providers like AWS, Azure, and Google Cloud have a shared responsibility model. They provide the physical and architectural security, along with tools to properly secure the services they offer, but it is up to the user to configure those settings properly.
https://github.com/aquasecurity/cloud-security-remediation-guides
#cloud #security #remediation #blueteam
CloudSploit's remediation guides are intended to be an open-source resource for improving cloud security. Many cloud IaaS providers like AWS, Azure, and Google Cloud have a shared responsibility model. They provide the physical and architectural security, along with tools to properly secure the services they offer, but it is up to the user to configure those settings properly.
https://github.com/aquasecurity/cloud-security-remediation-guides
#cloud #security #remediation #blueteam
GitHub
GitHub - aquasecurity/cloud-security-remediation-guides: Security Remediation Guides
Security Remediation Guides. Contribute to aquasecurity/cloud-security-remediation-guides development by creating an account on GitHub.
RogueAssemblyHunter
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
https://github.com/bohops/RogueAssemblyHunter
#dotnet #blueteam #threadhunting
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes.
https://github.com/bohops/RogueAssemblyHunter
#dotnet #blueteam #threadhunting
GitHub
GitHub - bohops/RogueAssemblyHunter: Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running…
Rogue Assembly Hunter is a utility for discovering 'interesting' .NET CLR modules in running processes. - bohops/RogueAssemblyHunter