Backstab — Kill EDR Protected Processes
Tool capable of killing antimalware protected processes by leveraging sysinternals’ Process Explorer (ProcExp) driver, which is signed by Microsoft.
https://github.com/Yaxser/Backstab
#edr #bypass #kill #process #unload
Tool capable of killing antimalware protected processes by leveraging sysinternals’ Process Explorer (ProcExp) driver, which is signed by Microsoft.
https://github.com/Yaxser/Backstab
#edr #bypass #kill #process #unload
GitHub
GitHub - Yaxser/Backstab: A tool to kill antimalware protected processes
A tool to kill antimalware protected processes. Contribute to Yaxser/Backstab development by creating an account on GitHub.
Forwarded from PT SWARM
RCE on a backend IIS server via file upload with an atypical file extension.
More community curated payloads can be found at https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files/Extension%20ASP
More community curated payloads can be found at https://github.com/swisskyrepo/PayloadsAllTheThings/tree/master/Upload%20Insecure%20Files/Extension%20ASP
🔥OWASP Top 10 2021 DRAFT is out 🔥
Now available for peer review, comment, translation, and suggestions for improvements:
owasp.org/Top10/
#OWASPTop10
Now available for peer review, comment, translation, and suggestions for improvements:
owasp.org/Top10/
#OWASPTop10
APT
https://twitter.com/buffaloverflow/status/1435596990650503168?s=21 #0day #office
Twitter
Felix
🙋Having a hard time replicating Office samples exploiting CVE-2021-40444 (MSHTML Remote Code Execution Vulnerability) because the server side component is taken down? ⚙️Imaginary C2 got you covered, it allows to easily simulate the server side component:…
Active Directory Pentest Mindmap
# https://github.com/Orange-Cyberdefense/arsenal/raw/master/mindmap/pentest_ad.png
# https://www.xmind.net/m/5dypm8/
UPD (12.11.2021):
https://raw.githubusercontent.com/Orange-Cyberdefense/arsenal/master/mindmap/pentest_ad.png
UPD (10.11.2022):
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
#mindmap #ad #pentest
# https://github.com/Orange-Cyberdefense/arsenal/raw/master/mindmap/pentest_ad.png
# https://www.xmind.net/m/5dypm8/
UPD (12.11.2021):
https://raw.githubusercontent.com/Orange-Cyberdefense/arsenal/master/mindmap/pentest_ad.png
UPD (10.11.2022):
https://orange-cyberdefense.github.io/ocd-mindmaps/img/pentest_ad_dark_2022_11.svg
#mindmap #ad #pentest
🔥1
Karma v2
Passive Open Source Intelligence Automated Reconnaissance Framework
https://github.com/Dheerajmadhukar/karma_v2
#osint #recon
Passive Open Source Intelligence Automated Reconnaissance Framework
https://github.com/Dheerajmadhukar/karma_v2
#osint #recon
GitHub
GitHub - Dheerajmadhukar/karma_v2: ⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework)
⡷⠂𝚔𝚊𝚛𝚖𝚊 𝚟𝟸⠐⢾ is a Passive Open Source Intelligence (OSINT) Automated Reconnaissance (framework) - Dheerajmadhukar/karma_v2
Kali Linux Tools Page
Now you can learn more about all the tools that you can install in Kali.
https://kali.org/tools/
#tools #cheatsheet #kali
Now you can learn more about all the tools that you can install in Kali.
https://kali.org/tools/
#tools #cheatsheet #kali
targetedKerberoast
Kerberoast with ACL abuse capabilities
https://github.com/ShutdownRepo/targetedKerberoast
#kerberoasting #ad #spn
Kerberoast with ACL abuse capabilities
https://github.com/ShutdownRepo/targetedKerberoast
#kerberoasting #ad #spn
GitHub
GitHub - ShutdownRepo/targetedKerberoast: Kerberoast with ACL abuse capabilities
Kerberoast with ACL abuse capabilities. Contribute to ShutdownRepo/targetedKerberoast development by creating an account on GitHub.
SpoolSploit
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access.
https://github.com/BeetleChunks/SpoolSploit
#ad #spooler #rpc
SpoolSploit is a collection of Windows print spooler exploits containerized with other utilities for practical exploitation. A couple of highly effective methods would be relaying machine account credentials to escalate privileges and execute malicious DLLs on endpoints with full system access.
https://github.com/BeetleChunks/SpoolSploit
#ad #spooler #rpc
GitHub
GitHub - BeetleChunks/SpoolSploit: A collection of Windows print spooler exploits containerized with other utilities for practical…
A collection of Windows print spooler exploits containerized with other utilities for practical exploitation. - BeetleChunks/SpoolSploit
Brute Force Wordlist
Some files for bruteforcing certain things.
https://github.com/random-robbie/bruteforce-lists
#wordlist #bruteforce
Some files for bruteforcing certain things.
https://github.com/random-robbie/bruteforce-lists
#wordlist #bruteforce
GitHub
GitHub - random-robbie/bruteforce-lists: Some files for bruteforcing certain things.
Some files for bruteforcing certain things. Contribute to random-robbie/bruteforce-lists development by creating an account on GitHub.