SMShell: PoC for a SMS-based shell
SMShell PoC for an SMS-based shell. Send commands and receive responses over SMS from mobile broadband-capable computers. This tool came as an inspiration during research on eSIM security implications led...
Category: Penetration Testing
surf: Escalate your SSRF vulnerabilities on Modern Cloud Environments
Surf – Escalate your SSRF vulnerabilities on Modern Cloud Environments surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by...
RDPCredentialStealer: steal credentials provided by users in RDP
RDPCredentialStealer RDPCredentialStealer it’s malware that steals credentials provided by users in RDP using API Hooking with Detours in C++. Code RDPCredStealerDLL: This code is an implementation of a hooking technique...
nodesub: command-line tool for finding subdomains in bug bounty programs
nodesub Nodesub is a command-line tool for finding subdomains in bug bounty programs. It supports various subdomain enumeration techniques and provides flexible options for customization. Feature Perform subdomain enumeration using...
CobaltStrike BOF: spawn Beacons using DLL Application Directory Hijacking
DropSpawn DropSpawn is a CobaltStrike BOF used to spawn additional Beacons via a relatively unknown method of DLL hijacking. Works x86-x86, x64-x64, and x86-x64/vice versa. Use as an alternative to...
ModuleShifting: Improving the stealthiness of Memory Injection Techniques
ModuleShifting ModuleShifting is a stealthier variation of Module Stomping and Module overloading injection technique. It is actually implemented in Python ctypes so that it can be executed fully in memory...
caracal v0.2.2 releases: Static Analyzer for Starknet smart contracts
Caracal Caracal is a static analyzer tool over the SIERRA representation for Starknet smart contracts. Features Detectors to detect vulnerable Cairo code Printers to report information Taint analysis Data flow...
S4UTomato: Escalate Service Account To LocalSystem via Kerberos
S4UTomato Escalate Service Account To LocalSystem via Kerberos. Traditional Potatoes Friends familiar with the “Potato” series of privilege escalation should know that it can elevate service account privileges to local...
CVE_Prioritizer v1.4 releases: Streamline vulnerability patching with CVSS, EPSS, and CISA’s Known Exploited Vulnerabilities
CVE Prioritizer Tool CVE_Prioritizer is a powerful tool that helps you prioritize vulnerability patching by combining CVSS, EPSS, and CISA’s Known Exploited Vulnerabilities. It provides valuable insights into the likelihood of exploitation and...
Android’s August 2023 Updates Patch Critical RCE (CVE-2023-21273 & CVE-2023-21282) Bugs
Google this week announced the August 2023 security updates for Android devices, with patches for over 48 vulnerabilities, including two critical remote code execution (RCE) bugs and a critical elevation...
PoC released for critical Citrix ADC 0-day flaw – CVE-2023-3519
A proof-of-concept (PoC) for CVE-2023-3519, a critical vulnerability in Citrix ADC that allows remote code execution, has been published last weekend. CVE-2023-3519 is not simply another item in an ever-growing...
CVE-2023-3823 & CVE-2023-3824 – PHP Security Vulnerabilities: What You Need to Know
PHP is a popular programming language used to create dynamic web pages. However, like any software, it is not immune to security vulnerabilities. In recent months, two new security vulnerabilities...
Chimera v1.0 releases: Automated DLL Sideloading Tool With EDR Evasion Capabilities
Chimera While DLL sideloading can be used for legitimate purposes, such as loading necessary libraries for a program to function, it can also be used for malicious purposes. Attackers can...
chromecookiestealer: Steal/Inject Chrome cookies over the DevTools protocol
Chrome Cookie Stealer (and injector) Attaches to Chrome using its Remote DevTools protocol and steals/injects/clears/deletes cookies. Heavily inspired by WhiteChocolateMacademiaNut. Cookies are dumped as JSON objects using Chrome’s own format. The same...
NixImports: .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis
NixImports A .NET malware loader, using API-Hashing and dynamic invoking to evade static analysis. NixImports aims to build a loader with little to no direct function calls and reduce referenced...
