poc

poc Proof of concept Windows UAC P...

March 9, 2021—KB5000851 (Security-only update)

March 9, 2021—KB5000851 Security-only update Important: Verify that you have installed the required updates listed in the How to get this update section before installing this update. Important: For information about the various types of Windows updates, such as critical, security, driver, servic...

ScarCruft continues to evolve, introduces Bluetooth harvester

Executive summary After publishing our initial series of blogposts back in 2016, we have continued to track the ScarCruft threat actor. ScarCruft is a Korean-speaking and allegedly state-sponsored threat actor that usually targets organizations and companies with links to the Korean peninsula. Th...

Parat - Python Based Remote Administration Tool (RAT)

Parat is a simple remote administration tool RAT written in python. Also you can read wiki! Change log: Compatible with both python 2 and 3 versionsdont forget that may causes some error.so please share us any errors Do you want to try? Copy and paste on your terminal: git clone...

Bad Rabbit Linked to ExPetr/Not Petya Attacks

A link has been confirmed between the Bad Rabbit ransomware outbreak detected yesterday in major organizations in Russia and Ukraine and this summer’s ExPetr/Not Petya attacks. Researchers at Kaspersky Lab said there are “clear ties” between the two attacks though one major piece of the puzzle is...

Windows Escalate UAC Protection Bypass (In Memory Injection) abusing WinSXS

This module will bypass Windows UAC by utilizing the trusted publisher certificate through process injection. It will spawn a second shell that has the UAC flag turned off by abusing the way "WinSxS" works in Windows systems. This module uses the Reflective DLL Injection technique to drop only th...