ADCSPwn : A Tool To Escalate Privileges In An Active Directory Network By Coercing Authenticate From Machine Accounts And Relaying To The Certificate Service
ADCSPwn is a tool to escalate privileges in an active directory network by coercing authenticate from machine accounts (Petitpotam) and relaying to the certificate service. Usage Run ADCSPwn on your target network. Author: @batsec - MDSec ActiveBreachContributor: @Flangvik - TrustedSecadcspwn.exe --adcs --port --remote Required arguments:adcs - This is the address of the AD CS server which authentication will be relayed to.Optional arguments:port -...
Php-Jpeg-Injector : Injects Php Payloads Into Jpeg Images
Php-Jpeg-Injector Injects php payloads into jpeg images. Related to this post. Exploiting PHP-GD Image Create From jpeg() Function Proof-of-concept to exploit the flaw in the PHP-GD built-in function, image create from jpeg(). Inspired by one of Reddit's comment on my previous thread regarding exploiting the image create from gif() PHP-GD function. Warning: This POC was tested using libJPEG v8.0 only. The image requires...
Solitude : A Privacy Analysis Tool That Enables Anyone To Conduct Their Own Privacy Investigations
Solitude is a privacy analysis tool that enables anyone to conduct their own privacy investigations. Whether a curious novice or a more advanced researcher, Solitude makes the process of evaluating user privacy within an app accessible for everyone. Important Note Prior to installing Solitude it should be noted that Solitude should be run on a private network that is trusted. The...
XDR and the Cloud Security Architecture
Cloud security raises significant challenges for organizations, as more workloads and mission critical applications move to the cloud. XDR is a new security category that can have a major impact on these challenges, by combining security data from the cloud, corporate networks and endpoints, and visualizing threats present in all three environments. In this article I’ll introduce the modern cloud...
Go-Shellcode : A Repository Of Windows Shellcode Runners And Supporting Utilities
Go-Shellcode is a repository of Windows Shellcode runners and supporting utilities. The applications load and execute Shellcode using various API calls or techniques. The available Shellcode runners include: CreateFiber This application leverages the Windows CreateFiber function from the Kernel32.dll to execute shellcode within this application's process. This is usefull when you want to avoid remote process injection and want to avoid calling CreateThread. This application DOES NOT leverage functions from...
CThreadHijack : Beacon Object File (BOF) For Remote Process Injection Via Thread Hijacking
cThreadHijack is a Beacon Object File (BOF) for remote process injection, via thread hijacking, without spawning a remote thread. Accompanying blog can be found here. cThreadHijack works by injecting raw Beacon shellcode, generated via a user-supplied listener argument, into a remote process, defined by the user-supplied PID argument, via VirtualAllocEx and WriteProcessMemory. Then, instead of spawning a new remote thread via CreateRemoteThread or other APIs,...
TwiTi : Tool for extracting IOCs from tweet
TwiTi, a tool for extracting IOCs from tweets, can collect a large number of fresh, accurate IOCs.TwiTi does classifying whether a tweet contains IOCs or not.extracting IOCs from a tweet and also from links mentioned in a tweet. For more details please refer to our paper,"#Twiti: Social Listening for Threat Intelligence" (TheWebConf 2021)Also, you can find supplementary materials of the paper...
WARCannon : High Speed/Low Cost CommonCrawl RegExp In Node.js
WARCannon was built to simplify and cheapify the process of 'grepping the internet'. With WARCannon, you can: Build and test regex patterns against real Common Crawl dataEasily load Common Crawl datasets for parallel processingScale compute capabilities to asynchronously crunch through WARCs at frankly unreasonable capacity.Store and easily retrieve the results How It Works WARCannon leverages clever use of AWS technologies to horizontally scale...
ChangeTower : Tool To Help You Watch Changes In Webpages And Get Notified Of Any Changes
ChangeTower is intended to help you watch changes in webpages and get notified of any changes written in GoThis tools is good to know the web pages are update something or not to work on the new site before others. Installation Instructions ChangeTower requires go1.16+ to install successfully. Run the following command to get the repo go get -v github.com/Dc4ts/ChangeTower If you havent...
Elpscrk : An Intelligent Common User-Password Profiler Based On Permutations And Statistics
Elpscrk is an Intelligent common user-password profiler that's named after the same tool in Mr. Robot series S01E01. In simple words, elpscrk will ask you about all info you know about your target then will try to generate every possible password the target could think of, it all depends on the information you give, the flags you activate, and the...
