SNOWCRASH - A Polyglot Payload Generator

A polyglot payload generator Introduction SNOWCRASH creates a script that can be launched on both Linux and Windows machines. Payload selected by the user in this case combined Bash and Powershell code is embedded into a single polyglot template, which is platform-agnostic. There are few payloads...

INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit

Exploit for multiple platform in category web applications Exploit Title: INNEO Startup TOOLS 2018 M040 13.0.70.3804 - Remote Code Execution Exploit Author: Patrick Hener, SySS GmbH Many credits go to Dr. Benjamin Heß, SySS GmbH for helping with php oddities and the powershell payload Advisory:...

Exploit for Improper Input Validation in Microsoft

CVE-2020-1350 Scanner and Mitigat...

PrivescCheck

This is an offensive tool for Windows privilege escalation. It is an extended and updated version of PowerUp, aiming to enumerate common Windows security misconfigurations that can be leveraged for privilege escalation and gather various information useful for exploitation and/or post-exploitatio...

PowerSploit

This is a PowerShell post-exploitation framework called PowerSploit. It is a collection of PowerShell scripts that can be used to perform various malicious activities, such as code execution, DLL injection, and reflective PE injection. The framework is designed to be portable and can be used on...

PowerUpSQL

This is a PowerShell toolkit for attacking SQL Server, called PowerUpSQL. It includes functions for discovering SQL Server instances, auditing for common weak configurations, and escalating privileges on scale. The toolkit is designed for internal penetration tests and red team engagements, but c...

Debotnet - A Tiny Portable Tool For Controlling Windows 10's Many Privacy-Related Settings And Keep Your Personal Data Private

A free and portable tool for controlling Windows 10's many privacy-related settings and keep your personal data private. Your preparation for the Net! The Windows 10 default privacy settings leave a lot to be desired when it comes to protecting you and your private information. Whenever I set up ...

Inductive Automation Ignition - Remote Code Execution

This Metasploit module exploits a Java deserialization vulnerability in the Inductive Automation Ignition SCADA... This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Inductive Automation Ignition...

Digital Signature Hijack - Binaries, PowerShell Scripts And Information About Digital Signature Hijacking

Hijacking legitimate digital signatures is a technique that can be used during red team assessments in order to sign PowerShell code and binaries. This could assist to bypass Device Guard restrictions and maintain stealthy in an engagement. DigitalSignatureHijack is a PowerShell script based on...

LinkedIn 'Job Offers' Targeted Aerospace, Military Firms With Malware

Attackers are impersonating human resource employees from Collins Aerospace and General Dynamics in a spear-phishing campaign leveraging LinkedIn’s messaging service. Targets are sent phony job offers that include malicious documents designed to fetch data-exfiltrating malware. The spear-phishing...

Updating vCPU in Nutanix prov scheme via Powershell, new machines are not getting the new setting

Tried to decrease the number of cores per vCPU in a Nutanix machine catalog. However, the new machines did not have the desired change...

A Bug in Facebook Messenger for Windows Could've Helped Malware Gain Persistence

Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Labs, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows. The vulnerability, which resides in Messenger version 460.16, could...

A Bug in Facebook Messenger for Windows Could've Helped Malware Gain Persistence

Cybersecurity researchers at Reason Labs, the threat research arm of security solutions provider Reason Labs, today disclosed details of a vulnerability they recently discovered in the Facebook Messenger application for Windows. The vulnerability, which resides in Messenger version 460.16, could...

Blue teams helping red teams: A tale of a process crash, PowerShell, and the MITRE ATT&CK evaluation

In September 2019, MITRE evaluated Microsoft Threat Protection MTP and other endpoint security solutions. The ATT&CK evaluation lasted for three days, with a professional red team from MITRE emulating many advanced attack behaviors used by the nation-state threat group known as YTTRIUM APT29. Aft...

UPDATE: Empire 3.2.3

Empire 3.2.3 was released a couple of days ago! If you remember, I briefly mentioned about this tool in my five month old post titled - List of Open Source C2 Post-Exploitation Frameworks. This version adds MITRE ATT&CK technique tagging among other new features. What is Empire? Empire 3.0 is an...

TAU Threat Analysis: Hakbit Ransomware

The bad actors behind Hakbit ransomware recently released an updated variant of their ransomware, which encrypts the victim’s data and demands 3 Bitcoins in ransom payment. This updated variant is delivered via phishing email as a malicious Excel document, and contains added functionality from th...

WebLogic Server Deserialization Remote Code Execution Exploit

This Metasploit module exploits a Java object deserialization vulnerability in multiple versions of WebLogic. Unauthenticated remote code execution can be achieved by sending a serialized BadAttributeValueExpException object over the T3 protocol to vulnerable versions of WebLogic. Leveraging an...

Storefront 3.12 - Cannot Join Server Group - Joining the Server Group failed. Joiner cleanup was unsuccessful. Please refer to the Windows Event Log for Details

When attempting to add a Storefront Server to a Server group the following error is observed on Joiner Server: Error:Cannot Join Server Group - Joining the Server Group failed. Joiner cleanup was unsuccessful. Please refer to the Windows Event Log for Details. See image below Event logs: Event 1 ...

TAU Threat Analysis: Medusa Locker Ransomware

In recent weeks Carbon Black’s Threat Analysis Unit TAU has seen an increase in the number of infections attributed to the Medusa Locker ransomware family. There were notable traits exhibited by Medusa Locker in these attacks that warranted further investigation to determine behavioral tactics th...

Veeam Backup for Microsoft 365 Modern App-Only Authentication Limitations

Information Veeam Backup for Microsoft 365 v8 and higher Due to Microsoft's deprecation of Basic Authentication, the only option available when adding a new Microsoft 365 organization to Veeam Backup for Microsoft 365 v8 is Modern App-Only Authentication. Veeam Backup for Microsoft 365 v7 and v7a...