nuts.'s repositories
CVE-2023-27372
SPIP before 4.2.1 allows Remote Code Execution via form values in the public area because serialization is mishandled. The fixed versions are 3.2.18, 4.0.10, 4.1.8, and 4.2.1.
RedTeaming-Tactics-and-Techniques
Red Teaming Tactics and Techniques
nuts7.github.io
A blog about security, CTF writeups, researches and more
Arsenal4BugBounty
Arsenal is just a quick inventory and launcher for bug bounty
GTFOBins.github.io
GTFOBins is a curated list of Unix binaries that can be used to bypass local security restrictions in misconfigured systems
Awesome-GPT-Agents
A curated list of GPT agents for cybersecurity
EDRSandblast
EDRSandBlast is a tool written in C that weaponize a vulnerable signed driver to bypass EDR detections (Notify Routine callbacks, Object Callbacks and ETW TI provider) and LSASS protections. Multiple userland unhooking techniques are also implemented to evade userland monitoring.
hacktricks
Welcome to the page where you will find each trick/technique/whatever I have learnt in CTFs, real life apps, and reading researches and news.
HellHall-Tartarus
Performing Indirect Clean Syscalls
linux-dotfiles
My dotfiles
nuclei-templates
Community curated list of templates for the nuclei engine to find security vulnerabilities.
PayloadsAllTheThings
A list of useful payloads and bypass for Web Application Security and Pentest/CTF
SharpCollection
Nightly builds of common C# offensive tools, fresh from their respective master branches built and released in a CDI fashion using Azure DevOps release pipelines.
The-Hacker-Recipes
This project is aimed at freely providing technical guides on various hacking topics: Active Directory services, web services, servers, intelligence gathering, physical intrusion, phishing, mobile apps, iot, social engineering, etc.
Unprotect_Submission
Repository to publish your evasion techniques and contribute to the project
EDRSilencer
A tool uses Windows Filtering Platform (WFP) to block Endpoint Detection and Response (EDR) agents from reporting security events to the server.