Bypass_EDRs.pdf
1.3 MB
#Offensive_security
"Bypass EDR’s memory protection, introduction to hooking", 2020.
]-> AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence":
https://github.com/hoangprod/AndrewSpecial/tree/master
📰
📚
"Bypass EDR’s memory protection, introduction to hooking", 2020.
]-> AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence":
https://github.com/hoangprod/AndrewSpecial/tree/master
📰
📚
AtLayer2_PoC.pdf
3.2 MB
#Offensive_security
Exploit Persistent XSS And Unsanitized Injection Vectors For Layer 2 Bypass And COOLHANDLUKE Protocol Creation
// demonstrates leveraging cross site scripting and polyglot exploitation in an exploit COOLHANDLUKE to violate network segmentation / L2 VLAN policies while routing and sending a file between isolated, air gapped networks without a router. This issue affects HP Procurve, Aruba Networks, Cisco, Dell, Netgear products
📰
📚
Exploit Persistent XSS And Unsanitized Injection Vectors For Layer 2 Bypass And COOLHANDLUKE Protocol Creation
// demonstrates leveraging cross site scripting and polyglot exploitation in an exploit COOLHANDLUKE to violate network segmentation / L2 VLAN policies while routing and sending a file between isolated, air gapped networks without a router. This issue affects HP Procurve, Aruba Networks, Cisco, Dell, Netgear products
📰
📚
Delegating_Kerberos.pdf
14.4 MB
#Offensive_security
Delegating Kerberos to bypass Kerberos delegation limitation
https://www.thehacker.recipes/ad/movement/kerberos/delegations
📰
📚
Delegating Kerberos to bypass Kerberos delegation limitation
https://www.thehacker.recipes/ad/movement/kerberos/delegations
📰
📚
Beaconfuzz.pdf
3.4 MB
#Offensive_security
"BeaconFuzz:
A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery",.
t.iss.one/Library_Sec
"BeaconFuzz:
A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery",.
t.iss.one/Library_Sec
XSS_2022.pdf
21.5 MB
#Offensive_security
Cross-site scripting (XSS) cheat sheet, 2022.
]-> https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#file-upload-attacks
t.iss.one/Library_Sec
Cross-site scripting (XSS) cheat sheet, 2022.
]-> https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#file-upload-attacks
t.iss.one/Library_Sec
intelligent_automated_tiered_phishing_system.pdf
1.3 MB
#Whitepaper
#Offensive_security
"Building an Intelligent, Automated Tiered Phishing System: Matching the Message Level to User Ability", 2022.
t.iss.one/Library_Sec
#Offensive_security
"Building an Intelligent, Automated Tiered Phishing System: Matching the Message Level to User Ability", 2022.
t.iss.one/Library_Sec
PICYourMalware.pdf
1.5 MB
PIC Your Malware! (.pdf)
]-> PIC lsass dumper using cloned handles:
https://github.com/codewhitesec/HandleKatz
#malware
#Offensive_security
t.iss.one/library_Sec
]-> PIC lsass dumper using cloned handles:
https://github.com/codewhitesec/HandleKatz
#malware
#Offensive_security
t.iss.one/library_Sec
evil.pdf
459.9 KB
"EVIL: Exploiting Software via Natural Language", 2021.
// Approach to automatically generate software exploits in assembly/Python language from descriptions in natural language
]-> https://github.com/dessertlab/EVIL
#Offensive_security
t.iss.one/library_Sec
// Approach to automatically generate software exploits in assembly/Python language from descriptions in natural language
]-> https://github.com/dessertlab/EVIL
#Offensive_security
t.iss.one/library_Sec