Nac Bypass Agent
This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the responder and tcpdump tools, and run the nbtscan tool.
https://github.com/alperenugurlu/Nac_Bypass_Agent
@IRCyberGuardians
This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the responder and tcpdump tools, and run the nbtscan tool.
https://github.com/alperenugurlu/Nac_Bypass_Agent
@IRCyberGuardians
GitHub
GitHub - alperenugurlu/Nac_Bypass_Agent: This function combines all the above functions and takes necessary information from the…
This function combines all the above functions and takes necessary information from the user to change the IP and MAC address, start the responder and tcpdump tools, and run the nbtscan tool. - alp...
Hunting for Skeleton Key Implants
https://riccardoancarani.github.io/2020-08-08-hunting-for-skeleton-keys/
@IRCyberGuardians
https://riccardoancarani.github.io/2020-08-08-hunting-for-skeleton-keys/
@IRCyberGuardians
riccardoancarani.github.io
Hunting for Skeleton Key Implants
Introduction Attack Execution Detection Other Detections and Indicators References Introduction During a recent presentation I examined various ways of persisting within Active Directory (AD) and how every technique can be detected, using both intrinsic IoC…
Kraken Mask
A sleep obfuscation tool is used to encrypt the content of the .text section with RC4 (using SystemFunction032). To achieve this encryption, a ROP chain is employed with QueueUserAPC and NtContinue.
https://github.com/RtlDallas/KrakenMask
@IRCyberGuardians
A sleep obfuscation tool is used to encrypt the content of the .text section with RC4 (using SystemFunction032). To achieve this encryption, a ROP chain is employed with QueueUserAPC and NtContinue.
https://github.com/RtlDallas/KrakenMask
@IRCyberGuardians
The Ultimate Guide to Finding Bugs With Nuclei
https://blog.projectdiscovery.io/ultimate-nuclei-guide/
@IRCyberGuardians
https://blog.projectdiscovery.io/ultimate-nuclei-guide/
@IRCyberGuardians
ProjectDiscovery
The Ultimate Guide to Finding Bugs With Nuclei — ProjectDiscovery Blog
Efficient, extensible, flexible, open source vulnerability scanning.
Introduction
Nuclei is a fast, efficient, and extensible vulnerability scanner. It can scan thousands of hosts in just a few minutes.
The Nuclei engine uses YAML-based templates to define…
Introduction
Nuclei is a fast, efficient, and extensible vulnerability scanner. It can scan thousands of hosts in just a few minutes.
The Nuclei engine uses YAML-based templates to define…
Weaponized Browser-in-the-Middle (BitM) for Penetration Testers
https://github.com/fkasler/cuddlephish
@IRCyberGuardians
https://github.com/fkasler/cuddlephish
@IRCyberGuardians
GitHub
GitHub - fkasler/cuddlephish: Weaponized Browser-in-the-Middle (BitM) for Penetration Testers
Weaponized Browser-in-the-Middle (BitM) for Penetration Testers - fkasler/cuddlephish
An OSINT tool that helps detect members of a company with leaked credentials
https://github.com/infobyte/emploleaks
@IRCyberGuardians
https://github.com/infobyte/emploleaks
@IRCyberGuardians
GitHub
GitHub - infobyte/emploleaks: An OSINT tool that helps detect members of a company with leaked credentials
An OSINT tool that helps detect members of a company with leaked credentials - infobyte/emploleaks
Titan Stealer Source
DL : https://drive.google.com/file/d/1_VCdso5U0UIMq5BGfHAkjqMjDoX6idE_
@IRCyberGuardians
DL : https://drive.google.com/file/d/1_VCdso5U0UIMq5BGfHAkjqMjDoX6idE_
@IRCyberGuardians
Telegram
Cyber Guardians
RedTeaming TTPs
Bug Hunting
Web PenTest
Web Security
Binary Analysis
Exploit DEV
Malware DEV
Malware Analysis
BlueTeaming
Threat Hunting
SOC
CSIRT
FORENSICS
Open-Source Intelligence(OSINT)
Cybersec Tools
Bug Hunting
Web PenTest
Web Security
Binary Analysis
Exploit DEV
Malware DEV
Malware Analysis
BlueTeaming
Threat Hunting
SOC
CSIRT
FORENSICS
Open-Source Intelligence(OSINT)
Cybersec Tools
goctopus
Blazing fast GraphQL discovery & fingerprinting toolbox.
https://github.com/Escape-Technologies/goctopus
@IRCyberGuardians
Blazing fast GraphQL discovery & fingerprinting toolbox.
https://github.com/Escape-Technologies/goctopus
@IRCyberGuardians
GitHub
GitHub - Escape-Technologies/goctopus: Blazing fast GraphQL discovery & fingerprinting toolbox.
Blazing fast GraphQL discovery & fingerprinting toolbox. - Escape-Technologies/goctopus
donut
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
https://github.com/TheWover/donut
@IRCyberGuardians
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters
https://github.com/TheWover/donut
@IRCyberGuardians
GitHub
GitHub - TheWover/donut: Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files,…
Generates x86, x64, or AMD64+x86 position-independent shellcode that loads .NET Assemblies, PE files, and other Windows payloads from memory and runs them with parameters - TheWover/donut
Unlocking the power of Red Teaming: An overview of trainings and certifications
https://blog.nviso.eu/2023/07/31/unlocking-the-power-of-red-teaming-an-overview-of-trainings-and-certifications/?amp
@IRCyberGuardians
https://blog.nviso.eu/2023/07/31/unlocking-the-power-of-red-teaming-an-overview-of-trainings-and-certifications/?amp
@IRCyberGuardians
NVISO Labs
Unlocking the power of Red Teaming: An overview of trainings and certifications
NVISO enjoys an excellent working relationship with SANS and has been involved as Instructors and Course Authors for a variety of their courses: For SEC511, Continuous Monitoring and Security Opera…
Exploiting Web3’s Hidden Attack Surface: Universal XSS on Netlify’s Next.js Library
https://samcurry.net/universal-xss-on-netlifys-next-js-library/
@IRCyberGuardians
https://samcurry.net/universal-xss-on-netlifys-next-js-library/
@IRCyberGuardians
samcurry.net
Exploiting Web3's Hidden Attack Surface: Universal XSS on Netlify's Next.js Library
On August 24th, 2022, we reported a vulnerability to Netlify affecting their Next.js "netlify-ipx" repository which would allow an attacker to achieve persistent cross-site scripting and full-response server side request forgery on any website out of the…
Upgrading Simple Shells to Fully Interactive TTYs
https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
@IRCyberGuardians
https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/
@IRCyberGuardians
ropnop blog
Upgrading Simple Shells to Fully Interactive TTYs
Catching a reverse shell over netcat is great…until you accidentally Ctrl-C and lose it. These techniques let you upgrade your shell to a proper TTY
Top disclosed reports from HackerOne
https://github.com/reddelexc/hackerone-reports/tree/master
@IRCyberGuardians
https://github.com/reddelexc/hackerone-reports/tree/master
@IRCyberGuardians
GitHub
GitHub - reddelexc/hackerone-reports: Top disclosed reports from HackerOne
Top disclosed reports from HackerOne. Contribute to reddelexc/hackerone-reports development by creating an account on GitHub.
In this repository I'll host my research and methodologies for auditing vulnerabilities
https://github.com/OlivierLaflamme/Auditing-Vulnerabilities
@IRCyberGuardians
https://github.com/OlivierLaflamme/Auditing-Vulnerabilities
@IRCyberGuardians
GitHub
GitHub - OlivierLaflamme/Auditing-Vulnerabilities: In this repository I'll host my research and methodologies for auditing vulnerabilities
In this repository I'll host my research and methodologies for auditing vulnerabilities - GitHub - OlivierLaflamme/Auditing-Vulnerabilities: In this repository I'll host my researc...
SSRF and Open Redirect CheatSheet
https://www.hahwul.com/phoenix/ssrf-open-redirect/
@IRCyberGuardians
https://www.hahwul.com/phoenix/ssrf-open-redirect/
@IRCyberGuardians
HAHWUL
SSRF and Open Redirect CheatSheet