.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
PatchlessCLRLoader – Advancing .NET Assembly Execution With Hardware Breakpoint Techniques
PatchlessCLRLoader is a fork of InlineExecute-Assembly to load .NET assembly and direct the output to mailslot. I rewrites it to a standalone loader with the following implementation: AES encryption payload Fileless payload support Patchless AMSI and ETW bypass using hardware breakpoint Remarks:The loader only supports setting HWBP in main thread currently. Using hardware breakpoints for patchless bypass has multiple advantages over traditional patching techniques....
Graphpython – A Comprehensive Tool For Microsoft Graph API Enumeration And Exploitation
Graphpython is a modular Python tool for cross-platform Microsoft Graph API enumeration and exploitation. It builds upon the capabilities of AADInternals (Killchain.ps1), GraphRunner, and TokenTactics(V2) to provide a comprehensive solution for interacting with the Microsoft Graph API for red team and cloud assumed breach operations. Graphpython covers external reconnaissance, authentication/token manipulation, enumeration, and post-exploitation of various Microsoft services, including Entra...
RS-Shellcode : A Comprehensive Guide To Shellcode Execution With Rust
Dive into the world of cybersecurity with "RS-Shellcode," a robust shellcode runner crafted in Rust. This tool leverages the windows-rs library to efficiently execute shellcode on Windows platforms. Ideal for security researchers and penetration testers, RS-Shellcode simplifies the process of testing and debugging shellcode, enhancing your exploitation toolkit. A shellcode runner write in Rust use windows-rs. how To Use It Install rustup, use nightly...
WireGuard Obfuscator – Enhancing Privacy By Concealing VPN Traffic
This is a simple obfuscator for WireGuard. It is designed to make it harder to detect WireGuard traffic by making it look like something else. It does this by wrapping WireGuard packets in a layer of obfuscation using a simple XOR cipher. Usefull for bypassing DPI (Deep Packet Inspection) firewalls, e.g. if your ISP/government blocks WireGuard traffic. How It Works +----------------+ |...
Collateral Damage – Unveiling The Xbox Kernel Exploit
Collateral Damage is a kernel exploit for Xbox SystemOS using CVE-2024-30088. It targets Xbox One and Xbox Series consoles running kernel versions 25398.4478, 25398.4908, and 25398.4909. The initial entrypoint is via the Game Script UWP application. The first stage payloads, PE loader and network loader are provided by Solstice. This exploit was developed by Emma Kirkpatrick (vulnerability discovery & exploitation) and Lander Brandt (Solstice) Important Caveats To place the...
CVE-2024-38063 : A Deep Dive Into Remote Code Execution In tcpip.sys
This is a (rather flaky) poc for CVE-2024-38063, a RCE in tcpip.sys patched on August 13th 2024. I didn't find and report this vuln, that would be Wei. Requirements pip3 install scapy pip3 install scapy python3 cve-2024-38063.py The easiest way to reproduce the vuln is by using bcdedit /set debug on on the target system and restarting the machine/VM. This makes the default network adapter driver kdnic.sys, which is...
CompTIA – Understanding Techniques, Threats, And Cybersecurity Defenses
Explore the essential concepts, techniques, and security challenges covered in the CompTIA Security+ certification 1.1 - Compare And Contrast Different Types Of Social Engineering Techniques Typosquatting - URL Hijacking eg: google.com vs g00gle.com Pretexting - Lying to get your info; actor and a story Pharming - Poisoned DNS server, redirects a legit website to a bogus site Vishing - Voice phishing, often spoofed numbers Smishing - SMS phishing, spoofing here...
LiteSpeed Cache Privilege Escalation PoC – CVE-2024-28000
This repository contains a Proof of Concept (PoC) script for exploiting a privilege escalation vulnerability in the LiteSpeed Cache WordPress plugin. The vulnerability, identified as CVE-2024-28000, allows unauthenticated users to gain Administrator-level access to a WordPress site by brute-forcing a weak security hash used in the plugin. Vulnerability Overview The LiteSpeed Cache plugin's user simulation feature is protected by a weak security...
MagiskEoP – Unpacking The Silent Root Exploit In Magisk
This is an exploit for a vulnerability in Magisk app that allows a local app to silently gain root access without user consent. Vulnerability was initially reported by @vvb2060 and PoC-ed by @canyie. It has been fixed in Canary 27007. Demo video for exploit this vulnerability to silently obtaining root privileges and granting root to any Steps to reproduce this vulnerability: Install vulnerable Magisk app...
VeilTransfer – Mastering Data Exfiltration Simulation For Enhanced Cybersecurity
.webp "VeilTransfer – Mastering Data Exfiltration Simulation For Enhanced Cybersecurity"){kind=spacer}
VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allowing organizations to evaluate and improve their security posture. By leveraging multiple exfiltration methods such as MEGA, Github, SFTP, WebDAV, and more, VeilTransfer helps identify gaps in your defenses and ensures your security...
.webp "Bomber : Navigating Security Vulnerabilities In SBOMs")
