.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
UAC-BOF-Bonanza : Elevating Access With Advanced Bypass Methods
This repository serves as a collection of public UAC bypass techniques that have been weaponized as BOFs. A single module which integrates all techniques has been provided to use the BOFs via the Havoc C2 Framework. A extension.json file has also been provided for each bypass technique for use in Sliver. See the section of the readme titled Greetz/Credit for all references/code that was used...
XC : A Comprehensive Guide To Netcat – Like Reverse Shell For Linux And Windows
.webp "XC : A Comprehensive Guide To Netcat – Like Reverse Shell For Linux And Windows")
A powerful tool reminiscent of Netcat, designed for both Linux and Windows systems. With its array of features including file manipulation, port forwarding, and plugin execution, XC offers versatile capabilities for penetration testers and ethical hackers. This article provides a detailed overview and setup guide for leveraging XC's functionalities effectively. Netcat like reverse shell for Linux & Windows. Features Windows Usage: └ Shared Commands:...
linWinPwn – Active Directory Vulnerability Scanner
.webp "linWinPwn – Active Directory Vulnerability Scanner")
A versatile bash script designed for automating Active Directory enumeration and vulnerability assessment. By leveraging a curated selection of tools and employing clever techniques like dynamic port forwarding, linWinPwn streamlines the process of gathering evidence in AD environments. Whether you're working against time constraints or aiming to minimize footprint, this article introduces you to the setup, modules, and parameters...
WDAC Rule Levels Comparison And Guide – Understanding File Attribute-Based Security Measures
.webp "WDAC Rule Levels Comparison And Guide – Understanding File Attribute-Based Security Measures")
We delve into the hierarchy of WDAC rule levels, ranging from the most secure to the least secure, providing insight into their significance and implications for system security. Understanding these levels is crucial for effectively implementing file attribute-based security measures in your Windows environment. This document lists all of the levels of WDAC rules. From Top to bottom, from the most...
SharpADWS – Red Team’s Secret Weapon For Active Directory Reconnaissance
.webp "SharpADWS – Red Team’s Secret Weapon For Active Directory Reconnaissance")
A groundbreaking tool revolutionizing Active Directory reconnaissance for Red Teams. By leveraging the obscure Active Directory Web Services (ADWS) protocol, SharpADWS enables discreet data collection and manipulation, evading traditional detection methods. Explore its unique advantages and protocol implementation, empowering Red Teams with unparalleled precision in post-exploitation operations. Active Directory reconnaissance and exploitation for Red Teams via the Active Directory Web...
MinDNS – A Lightweight Rust-Based DNS Server For Enhanced Network Security
.webp "MinDNS – A Lightweight Rust-Based DNS Server For Enhanced Network Security")
Delve into the realm of network security with MinDNS, a lightweight DNS server crafted in Rust. Designed for versatility, it serves as a formidable firewall, black-hole, or proxy DNS server. In this article, we explore its features, performance, and potential applications, shedding light on its role in fortifying digital infrastructures. MinDNS is a minimal DNS server written in Rust. It...
DarkWidow – A Stealthy Windows Dropper And Post-Exploitation Tool
.webp "DarkWidow – A Stealthy Windows Dropper And Post-Exploitation Tool")
A formidable tool tailored for both dropper and post-exploitation scenarios on Windows systems. With its sophisticated capabilities including dynamic syscall invocation, process injection, and PPID spoofing, DarkWidow emerges as a potent weapon in the arsenal of cyber adversaries. This article delves into its functionalities, compile instructions, and evasion tactics, shedding light on its intricate workings and potential implications for...
Cobalt-Strike-Profiles-For-EDR-Evasion + SourcePoint Is A C2 Profile Generator For Cobalt Strike
.webp "Cobalt-Strike-Profiles-For-EDR-Evasion + SourcePoint Is A C2 Profile Generator For Cobalt Strike")
Bypassing Memory Scanners The recent versions of Cobalt Strike have made it so easy for the operators to bypass memory scanners like BeaconEye and Hunt-Sleeping-Beacons. The following option will make this bypass possible: set sleep_mask "true"; By enabling this option, Cobalt Strike will XOR the heap and every image section of its beacon prior to sleeping, leaving no string or...
Living Off The LandLeaked Certificates (LoLCerts) – Unveiling The Underworld
.webp "Living Off The LandLeaked Certificates (LoLCerts) – Unveiling The Underworld")
Threat actors are known to sign their malware using stolen, or even legally acquired, code signing certificates. This threat is becoming more relevant as more and more defenses are relying on digital signatures for allowing or not execution on an endpoint. This project aims at collecting the details of the certificates that are known to be abused in the...
Powershell Digital Forensics And Incident Response (DFIR) – Leveraging Scripts For Effective Cybersecurity
.webp "Powershell Digital Forensics And Incident Response (DFIR) – Leveraging Scripts For Effective Cybersecurity")
This repository contains multiple PowerShell scripts that can help you respond to cyber attacks on Windows Devices. The following Incident Response scripts are included: DFIR Script: Collects all items as listed in section DFIR Script. CollectWindowsEvents: Collects all Windows events and outputs it as CSV. CollectWindowsSecurityEvents: Collects all Windows security events and outputs it as CSV. CollectPnPDevices: Collects all Plug and Play devices, such as...
