dn9uy3n

Check-WP-CVE-2020-35489

The (WordPress) website test script can be exploited for Unlimited File Upload via CVE-2020-35489

Get-Shodan

The program allows to download large data from shodan quickly, simply and avoid errors.

Check-CVE-2021-23383

Check the conditions for exploiting CVE-2021-23383 through the handlebars library version assessment.

Special-List-for-Red-Team

Useful lists for red team ;)

search-ms-Attack-Technique

PoC Attack by "search-ms" URI Protocol Handler. Reference: https://www.trellix.com/en-us/about/newsroom/stories/research/beyond-file-search-a-novel-method.html

BlackNET

Unmaintained: Free advanced and modern Windows botnet with a nice and secure PHP panel developed using VB.NET.

AMSI-BYPASS

"AMSI WRITE RAID" Vulnerability that leads to an effective AMSI BYPASS

bug-plutus-nonlazy

C3

Custom Command and Control (C3). A framework for rapid prototyping of custom C2 channels, while still providing integration with existing offensive toolkits.

Conferences

CVE-2021-36260

command injection vulnerability in the web server of some Hikvision product. Due to the insufficient input validation, attacker can exploit the vulnerability to launch a command injection attack by sending some messages with malicious commands.

CVE-2023-36874_BOF

Weaponized CobaltStrike BOF for CVE-2023-36874 Windows Error Reporting LPE

CVE-2024-21412_Water-Hydra

according to trendmicro's research

CVE-2024-29988-exploit

Exploit for Microsoft SmartScreen malicious execution (april 2024)

Darkside

C# AV/EDR Killer using less-known driver (BYOVD)

dnspooq

DNSpooq - dnsmasq cache poisoning (CVE-2020-25686, CVE-2020-25684, CVE-2020-25685)

EDRSilencer

A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.

Hide-Cobalt-Strike-like-a-PRO

Bypass Kaspersky End Point Security AV/EDR

HSC24RedTeamInfra

Slides and Codes used for the workshop Red Team Infrastructure Automation

Impulse

Impulse Denial-of-service ToolKit

ios_15_rce

Remote Code Execution V1 For iOS 15 sent through airdrop after the device was connected to a trusted host

LockBit-RansomWare

Cracked version of LockBit Ransomware Including the missing Locker files. Including source code.

Reg-Restore-Persistence-Mole

a short C code POC to gain persistence and evade sysmon event code registry (creation, update and deletion) REG_NOTIFY_CLASS Registry Callback of sysmon driver filter. RegSaveKeyExW() and RegRestoreKeyW() API which is not included in monitoring. This POC will use

rust-stealer

SspiUacBypass

Bypassing UAC with SSPI Datagram Contexts

Stealerium

Stealer + Clipper + Keylogger

SubSeven

SubSeven Legacy Official Source Code Repository

tr069-client-burpsuite

Burp Suite Extension useful to pentest on TR-069.

UBoat

HTTP Botnet Project

ZipExec

A unique technique to execute binaries from a password protected zip