Awesome EDR Bypass : A Comprehensive Guide For Ethical Hackers
EDR bypass technology is not just for attackers. Many malware now have EDR bypass capabilities, knowledge that pentesters and incident responders should also be aware of. This repository is not intended to be used to escalate attacks. Use it for ethical hacking. PoC trickster0/TartarusGate: TartarusGate, Bypassing EDRs am0nsec/HellsGate: Original C Implementation of the Hell's Gate VX Technique The paper PDF has a nice...
Better-Sliver : The Community-Driven Fork For Advanced Security Testing
Welcome to Better-Sliver, a fork of the Sliver project. This fork is intended to be a community-driven effort to improve the Sliver project. The goal is to make Sliver less detectable by adding more features, changing default fingerprints, and adding more obfuscation options. This fork is not intended to be a replacement for Sliver, but rather a place to...
Fuzzing Lab : Mastering Software Testing Techniques With UCLA ACM Cyber
This is the repository for the Introduction to Fuzzing Lab run by ACM Cyber at UCLA. Click on one of the links below to get started! WeekTopicSlidesLabWeek 2Intro to FuzzingSlidesUsing HonggfuzzWeek 3Fuzzing LibrariesSlidesFuzzing LibrariesWeek 4Writing HarnessesSlidesWriting HarnessesWeek 5Coverage AnalysisSlidesWriting HarnessesWeek 6Structure-Aware FuzzingSlidesWork on ProjectWeek 7Project WorkSlidesWork on ProjectWeek 8Wrapping UpSlidesWork on ProjectWeek 9Break for Thanksgiving--Week 10Present at Symposium-- Interested to see...
Apache HTTP Server Vulnerability Testing Tool
This repository provides a Proof of Concept (PoC) for testing various vulnerabilities in the Apache HTTP Server, including Filename Confusion Attacks, SSRF, Denial of Service, and others related to recent CVEs. The tool sends crafted HTTP requests to assess whether the server is vulnerable to certain types of attacks. Features Tests for multiple vulnerabilities including: CVE-2024-38472: Apache HTTP Server on Windows UNC...
Wez’s Terminal : A Rust-Powered GPU-Accelerated Terminal Emulator
A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust Getting Help This is a spare time project, so please bear with me. There are a couple of channels for support: You can use the GitHub issue tracker to see if someone else has a similar issue, or to file a new one. Start or join a thread in...
AutorizePro : Revolutionizing Authorization Testing With AI
一句话介绍工具: AutorizePro 是一款创新性的内置AI分析模块的专注于越权检测的 Burp 插件 (已有多个白帽反馈用工具嘎嘎挖到src洞, 每周末更新, 欢迎Star🌟以便持续跟踪项目最新版本功能) 工具背景 越权漏洞在黑盒测试、SRC挖掘中几乎是必测的一项,但手工逐个测试越权漏洞往往会耗费大量时间。 而自动化工具又因为接口的多样化,难以制定一个全面的检测逻辑而存在大量误报, 基于此产生了 AI辅助分析的检测工具 ➡️ AutorizePro !! ⬅️ 工具亮点 优化检测逻辑 && 增加 AI 分析模块(可选项) ,将工具原始误报率从 99% 降低至 5% ,从海量误报中解脱出来 对于需要人工确认的告警可通过展示页面并排查看 原始请求、越权请求 以及 未授权请求 的数据包方便对比差异 支持多种自定义的配置项,如过滤器配置、替换规则配置、导出报告、支持多种大模型分析 ( 默认为YYDS的通义千问 ) 等 🔧 安装AutorizePro 1️⃣ 下载 Burp Suite 和 Jytho 1. 下载 Burp Suite:https://portswigger.net/burp/releases 2. 下载 Jython standalone JAR 文件:https://www.jython.org/download.html 2️⃣ 配置 Burp Suite 的 Python 环境 1. 打开 Burp Suite 2. 导航到 Extender -> Options 3. 在...
SharpRDPHijack : A .NET Utility For RDP Session Hijacking
Sharp RDP Hijack is a proof-of-concept .NET/C# Remote Desktop Protocol (RDP) session hijack utility. RDP session hijacking is a post-exploitation technique for taking control of (forcefully) disconnected interactive login sessions. The technique is described in Mitre ATT&CK T1563.002 - Remote Service Session Hijacking: RDP Hijacking. Notes SharpRDPHijack.cs compiles in Visual Studio 2022 under .NET Framework v.4.8 (and likely earlier versions). TS/RDP Session query...
SharpExecute : Advanced Techniques For Stealth .NET Execution And CLR Manipulation
Executing .NET Files from an Unmanaged Process with Manual CLR Loading. Manually loading the CLR in an unmanaged process and using hardware breakpoints can reveal when the CLR calls NtTraceEvent through the managed thread pool. To evade detection, this tool offers two approaches: Patchless execution by hooking NtTraceEvent AmsiScan and thread-pooling functions using hardware breakpoints. Patching the target function via an APC (Asynchronous...
BlackPill : A Comprehensive Overview Of A Stealthy Linux Rootkit
Dive into the dark intricacies of BlackPill, a sophisticated Linux rootkit engineered in Rust that epitomizes stealth and versatility in cyber threats. This article unravels its multi-faceted modules, from evasion tactics to persistent attacks, outlining how it manipulates system operations to remain undetected. Features The rootkit is composed of multiple modules (talking about Rust modules, not kernel modules): defense evasion: hide files,...
RustScan : Revolutionizing Port Scanning With Speed And Extensibility
The Modern, Blazing Fast Port Scanner. Find ports quickly (3 seconds at its fastest). Run scripts through our scripting engine (Python, Lua, Shell supported). Installation You can install RustScan's binary from our releases page We would prefer you to install with a package manager so it is tested and works for your system. RustScan is in many repositories already. Install it with whatever...
