Weaponizing_Mapping_Injection.pdf
709 KB
#Offensive_security
"Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection"
Process Injection is a technique to hide code behind benign and/or system processes. This technique is usually used by malwares to gain stealthiness while performing malicious operations on the system. AVs/EDR solutions are aware of this technique and create detection patterns to identify and kill this "class" of attacks.
📚
"Weaponizing Mapping Injection with Instrumentation Callback for stealthier process injection"
Process Injection is a technique to hide code behind benign and/or system processes. This technique is usually used by malwares to gain stealthiness while performing malicious operations on the system. AVs/EDR solutions are aware of this technique and create detection patterns to identify and kill this "class" of attacks.
📚
Living_off_the_Walled_Garden.pdf
801 KB
#Offensive_security
BlackHat USA 2022:
"Living Off the Walled Garden: Abusing the Features of the Early Launch Antimalware Ecosystem"
]-> https://gist.github.com/mattifestation/660d7e17e43e8f32c38d820115274d2e
BlackHat USA 2022:
"Living Off the Walled Garden: Abusing the Features of the Early Launch Antimalware Ecosystem"
]-> https://gist.github.com/mattifestation/660d7e17e43e8f32c38d820115274d2e
Backdooring_hijacking_AzureAD_accounts.pdf
2.2 MB
#Cloud_Security
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚
#Offensive_security
BlackHat USA 2022:
"Backdooring and Hijacking Azure AD Accounts by Abusing External Identities"
📰
📚
Pulling_Psw_out_of_Configuration_Mng.pdf
8.5 MB
#tools
#Offensive_security
"Pulling Passwords out of Configuration Manager: Practical Attacks against Microsoft's Endpoint Management Software", 2022.
]-> PXEThief - set of tooling that can extract passwords from the OS Deployment functionality in MS Endpoint Conf. Manager:
https://github.com/MWR-CyberSec/PXEThief
📰
📚
#Offensive_security
"Pulling Passwords out of Configuration Manager: Practical Attacks against Microsoft's Endpoint Management Software", 2022.
]-> PXEThief - set of tooling that can extract passwords from the OS Deployment functionality in MS Endpoint Conf. Manager:
https://github.com/MWR-CyberSec/PXEThief
📰
📚
Detect_kernel_exploits.pdf
1 MB
#Offensive_security
BlackHat USA 2022:
"Return to sender - Detecting kernel exploits with eBPF"
]-> Tool: https://github.com/Gui774ume/krie
📰
📚
BlackHat USA 2022:
"Return to sender - Detecting kernel exploits with eBPF"
]-> Tool: https://github.com/Gui774ume/krie
📰
📚
Destabilizing_Hash_Table_MsIIS.pdf
4.5 MB
#Offensive_security
BlackHat USA 2022:
"Let's Dance in the Cache: Destabilizing Hash Table on Microsoft IIS"
📰
📚
BlackHat USA 2022:
"Let's Dance in the Cache: Destabilizing Hash Table on Microsoft IIS"
📰
📚
ELF.pdf
3.8 MB
#Offensive_security
BlackHat USA 2022:
"ELF Section Docking Revisiting Stageless Payload Delivery"
]-> ELF Sectional docking payload injector system:
https://github.com/xforcered/elfpack
📰
📚
BlackHat USA 2022:
"ELF Section Docking Revisiting Stageless Payload Delivery"
]-> ELF Sectional docking payload injector system:
https://github.com/xforcered/elfpack
📰
📚
Browser_Powered_Desync_Attacks.pdf
1.2 MB
#Offensive_security
BlackHat USA 2022:
"Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling"
]-> Tool: https://github.com/portswigger/http-request-smuggler
📰
📚
BlackHat USA 2022:
"Browser-Powered Desync Attacks: A New Frontier in HTTP Request Smuggling"
]-> Tool: https://github.com/portswigger/http-request-smuggler
📰
📚
AMSI_Bypass.pdf
1.3 MB
#Offensive_security
Black Hat Asia 2022:
"AMSI Unchained: Review of Known AMSI Bypass Techniques and Introducing a New One".
📰
📚
Black Hat Asia 2022:
"AMSI Unchained: Review of Known AMSI Bypass Techniques and Introducing a New One".
📰
📚
Bypass_EDRs.pdf
1.3 MB
#Offensive_security
"Bypass EDR’s memory protection, introduction to hooking", 2020.
]-> AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence":
https://github.com/hoangprod/AndrewSpecial/tree/master
📰
📚
"Bypass EDR’s memory protection, introduction to hooking", 2020.
]-> AndrewSpecial, dumping lsass' memory stealthily and bypassing "Cilence":
https://github.com/hoangprod/AndrewSpecial/tree/master
📰
📚
AtLayer2_PoC.pdf
3.2 MB
#Offensive_security
Exploit Persistent XSS And Unsanitized Injection Vectors For Layer 2 Bypass And COOLHANDLUKE Protocol Creation
// demonstrates leveraging cross site scripting and polyglot exploitation in an exploit COOLHANDLUKE to violate network segmentation / L2 VLAN policies while routing and sending a file between isolated, air gapped networks without a router. This issue affects HP Procurve, Aruba Networks, Cisco, Dell, Netgear products
📰
📚
Exploit Persistent XSS And Unsanitized Injection Vectors For Layer 2 Bypass And COOLHANDLUKE Protocol Creation
// demonstrates leveraging cross site scripting and polyglot exploitation in an exploit COOLHANDLUKE to violate network segmentation / L2 VLAN policies while routing and sending a file between isolated, air gapped networks without a router. This issue affects HP Procurve, Aruba Networks, Cisco, Dell, Netgear products
📰
📚
Delegating_Kerberos.pdf
14.4 MB
#Offensive_security
Delegating Kerberos to bypass Kerberos delegation limitation
https://www.thehacker.recipes/ad/movement/kerberos/delegations
📰
📚
Delegating Kerberos to bypass Kerberos delegation limitation
https://www.thehacker.recipes/ad/movement/kerberos/delegations
📰
📚
Beaconfuzz.pdf
3.4 MB
#Offensive_security
"BeaconFuzz:
A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery",.
t.iss.one/Library_Sec
"BeaconFuzz:
A Journey into Ethereum 2.0 Blockchain Fuzzing and Vulnerability Discovery",.
t.iss.one/Library_Sec
XSS_2022.pdf
21.5 MB
#Offensive_security
Cross-site scripting (XSS) cheat sheet, 2022.
]-> https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#file-upload-attacks
t.iss.one/Library_Sec
Cross-site scripting (XSS) cheat sheet, 2022.
]-> https://portswigger.net/web-security/cross-site-scripting/cheat-sheet#file-upload-attacks
t.iss.one/Library_Sec
intelligent_automated_tiered_phishing_system.pdf
1.3 MB
#Whitepaper
#Offensive_security
"Building an Intelligent, Automated Tiered Phishing System: Matching the Message Level to User Ability", 2022.
t.iss.one/Library_Sec
#Offensive_security
"Building an Intelligent, Automated Tiered Phishing System: Matching the Message Level to User Ability", 2022.
t.iss.one/Library_Sec
PICYourMalware.pdf
1.5 MB
PIC Your Malware! (.pdf)
]-> PIC lsass dumper using cloned handles:
https://github.com/codewhitesec/HandleKatz
#malware
#Offensive_security
t.iss.one/library_Sec
]-> PIC lsass dumper using cloned handles:
https://github.com/codewhitesec/HandleKatz
#malware
#Offensive_security
t.iss.one/library_Sec
evil.pdf
459.9 KB
"EVIL: Exploiting Software via Natural Language", 2021.
// Approach to automatically generate software exploits in assembly/Python language from descriptions in natural language
]-> https://github.com/dessertlab/EVIL
#Offensive_security
t.iss.one/library_Sec
// Approach to automatically generate software exploits in assembly/Python language from descriptions in natural language
]-> https://github.com/dessertlab/EVIL
#Offensive_security
t.iss.one/library_Sec