claysec 最近的时间轴更新

BokuLoader A proof-of-concept Cobalt Strike Reflective Loader which aims to recreate, integrate, and enhance Cobalt Strike's evasion features!

azureOutlookC2 Azure Outlook Command & Control (C2) - Remotely control a compromised Windows Device from your Outlook mailbox. Threat Emulation Tool for North Korean APT InkySquid / ScarCruft / APT37. TTP: Use Microsoft Graph API for C2 Operations.

AsmHalosGate x64 Assembly HalosGate direct System Caller to evade EDR UserLand hooks

CVE-2020-23839 Public PoC Disclosure for CVE-2020-23839 - GetSimple CMS v3.3.16 suffers from a Reflected XSS on the Admin Login Portal

DarkWidow Indirect Dynamic Syscall, SSN + Syscall address sorting via Modified TartarusGate approach + Remote Process Injection via APC Early Bird + Spawns a sacrificial Process as target process + (ACG+BlockDll) mitigation policy on spawned process + PPID spoofing + Api resolving from TIB + API hashing

BikeRental-FU-RCE

boku7.github.io Blog

GetSimple-SmtpPlugin-CSRF2RCE GetSimple CMS My SMTP Contact Plugin <= v1.1.1 - CSRF to RCE

Ares Project Ares is a Proof of Concept (PoC) loader written in C/C++ based on the Transacted Hollowing technique

beacon Former attempt at creating a independent Cobalt Strike Beacon

fuzzingFTP Python scripts for fuzzing FTP servers, with percision, over TCP

Apollo A .NET Framework 4.0 Windows Agent

aCal-RCE Exploit Development files for aCal web application - reflected XSS to RCE.

AceLdr Cobalt Strike UDRL for memory scanner evasion.

ADOKit Azure DevOps Services Attack Toolkit

BOFMask

burp-jars

Azur3Alph4 Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE achieved) position.

BarracudaDrivev6.5-LocalPrivEsc Insecure Service File Permissions in bd service in Real Time Logics BarracudaDrive v6.5 allows local attackers to escalate privileges to admin via replacing the bd.exe file and restarting the computer where it will be run as 'LocalSystem' on the next startup automatically.

CheatSheets Cheat sheets for various projects.

cobalt_strike_extension_kit Attempting to be an all in one repo for others' userful aggressor scripts as well as things we've found useful during Red Team Operations.

CVE-2021-1675 Impacket implementation of CVE-2021-1675

DayBird Extension functionality for the NightHawk operator client

GraphRunner A Post-exploitation Toolset for Interacting with the Microsoft Graph API

AV_Bypass-Splitter Splitter script to identify Anti-Virus signature of an executable

CS-Situational-Awareness-BOF Situational Awareness commands implemented using Beacon Object Files

dll-injection-by-CreateRemoteThread

domQuestPro-SEH-BOF

EDRs

ElevateKit The Elevate Kit demonstrates how to use third-party privilege escalation attacks with Cobalt Strike's Beacon payload.

claysec V2EX 第 210570 号会员，加入于 2017-01-12 17:59:08 +08:00

二手交易 相关的信息，包括已关闭的交易，不会被隐藏