PoC tool to coerce Windows hosts to authenticate to other machines via MS-EFSRPC EfsRpcOpenFileRaw or other functions. - topotam/PetitPotam

An application to view and filter pool allocations from a dmp file on Windows 10 RS5+. - yardenshafir/PoolViewer

The holy grail for defenders is being able to detect /stop every attack before / when it happens and to know exactly the how’s no matter the techniques or tools. Unfortunately, we’re still far from…

In April 2021, Orange Tsai from DEVCORE Research Team demonstrated a remote code execution vulnerability in Microsoft Exchange during the Pwn2Own Vancouver 2021 contest. In doing so, he earned himself $200,000. Since then, he has disclosed several other…

A blog about pentesting, CTFs, and security

Contribute to httpvoid/writeups development by creating an account on GitHub.

Research by Dikla Barda & Gal Elbaz As of 2021, WhatsApp is the most popular global mobile messenger app worldwide with approximately two billion monthly active users. It allows users to send text and voice messages, make voice and video calls, and share…

some gadgets about windows process and ready to use :) - PR0CESS/miniCreateProcessEx at main · aaaddress1/PR0CESS

Articles de l'équipe de sécurité offensive de POST Cyberforce

Research By: Slava Makkaveev Introduction Since 2007, Amazon has sold tens of millions of Kindles, which is impressive. But this also means that tens of millions of people could have potentially been hacked through a software bug in those same Kindles. Their…

Intro

This post is a technical analysis of a recently disclosed Chrome JIT vulnerability (CVE-2021-30632) that was believed to be exploited in the wild. This vulnerability was reported by an anonymous researcher and was patched on September 13, 2021 in Chrome version…

Disclaimer The open source tools listed in this article are to serve as examples only and are in no way a direct recommendation from the Kubernetes community or authors. Background USA's National Security Agency (NSA) and the Cybersecurity and Infrastructure…

Skrull is a malware DRM, that prevents Automatic Sample Submission by AV/EDR and Signature Scanning from Kernel. It generates launchers that can run malware on the victim using the Process Ghosting...

A plugin to introduce interactive symbols into your debugger from your decompiler - mahaloz/decomp2dbg

Monitor creation, deletion and changes to LDAP objects live during your pentest or system administration! - GitHub - p0dalirius/LDAPmonitor: Monitor creation, deletion and changes to LDAP objects ...

Microsoft found a vulnerability (CVE-2021-30892) that could allow an attacker to bypass System Integrity Protection (SIP) in macOS. We shared our findings with Apple via coordinated vulnerability disclosure, and a fix was released October 26.