XenoScan - Open Source Memory Scanner Written In C++

XenoScan is a memory scanner which can be used to scan the memory of processes to locate the specific locations of important values. These types of tools are typically used when hacking video games, as they allow one to locate the values representing the game's state in memory. XenoScan is writte...

[SECURITY] Fedora 27 Update: libxkbcommon-0.8.2-1.fc27

libxkbcommon is the X.Org library for compiling XKB maps into formats usabl e by the X Server or other display servers...

Spykeyboard - Keylogger Which Sends Us The Data To Our Gmail

This is a script which allows us to generate an undetectable keylogger which sends the captured keys to our gmail mail. Once we generated our keylogger in our kali linux we would have to pass the .py file to a windows machine to convert it to an .exe. The tool is under development. Install module...

Microsoft Edge - UnmapViewOfFile ACG Bypass Vulnerability

Exploit for windows platform in category dos / poc Background: To implement ACG https://blogs.windows.com/msedgedev/2017/02/23/mitigating-arbitrary-native-code-execution/VM4y5oTSGCRde3sk.97, Edge uses a separate process for JIT compiling. This JIT Process is also responsible for mapping native co...

Easy Windows and Linux cross-compilers for macOS

tl;dr: you can install cross-compiler toolchains to compile C/C++ for Windows or Linux from macOS with these two Homebrew Formulas. brew install FiloSottile/musl-cross/musl-cross brew install mingw-w64 Cross-compiling C and C++ is dreadful. While in Go you just need to set an environment variable...

Docker Sudo Privilege Escalation

!/bin/bash SUDO Docker Privilege Escalation https://github.com/pyperanger/dockerevil SELINUX "bypass" using :z option https://docs.docker.com/engine/admin/volumes/bind-mounts/configure-the-selinux-label echo " SUDO Docker Privilege Escalation"; echo "+ Writing shellcode"; cat /tmp/sud0-d0ck3r.c...

WebSocket C2 Communication Channel: WSC2

WSC2 is a PoC of using the WebSockets and a browser process to serve as a C2 communication channel between an agent, running on the target system, and a controller acting as the actuel C2 server. WSC2 is composed of: a controller, written in Python, which acts as the C2 server an agent running on...

SpookFlare - Meterpreter Loader Generator With Multiple Features For Bypassing Client-Side And Network-Side Countermeasures

SpookFlare has a different perspective to bypass security measures and it gives you the opportunity to bypass the endpoint countermeasures at the client-side detection and network-side detection. SpookFlare is a loader generator for Meterpreter Reverse HTTP and HTTPS stages. SpookFlare has custom...

Linux Process Hunter: Prochunter

Prochunter aims to find hidden process with all userspace and most of the kernelspace rootkits. This tool is composed of a kernel module that prints out all running processes walking the taskstruct list and creates /sys/kernel/prochunter/set entry. A python script that invokes the kernel function...

EvilAbigail - Automated Linux Evil Maid Attack

Automated Linux evil maid attack Scenario Laptop left turned off with FDE turned on Attacker boots from USB/CD/Network Script executes and backdoors initrd User returns to laptop, boots as normal Backdoored initrd loads: Debian/Ubuntu/Kali .so file into /sbin/init on boot, dropping a shell...

Reproducing Go binaries byte-by-byte

Fully reproducible builds are important because they bridge the gap between auditable open source and convenient binary artifacts. Technologies like TUF and Binary Transparency provide accountability for what binaries are shipped to users, but that's of limited utility if there is no way short of...

Reproducing Go binaries byte-by-byte

Fully reproducible builds are important because they bridge the gap between auditable open source and convenient binary artifacts. Technologies like TUF and Binary Transparency provide accountability for what binaries are shipped to users, but that's of limited utility if there is no way short of...

Linux Kernel (PonyOS 4.0) - fluttershy LD_LIBRARY_PATH Local Privilege Escalation

Linux Kernel PonyOS 4.0 - fluttershy LDLIBRARYPATH Local Privilege Escalation !/usr/bin/python PonyOS 4.0 has added several improvements over previous releases including support for setuid binaries and dynamic libraries. The run-time linker does not sanitize environment variables when running...

Fedora 24 : pcre (2017-a8dc348834)

This release fixes pcregrep multi-line matching with --only-matching option, a crash when JIT-compiling some patterns CVE-2017-6004 and a possible buffer overflow when formatting a pcregrep error message. Note that Tenable Network Security has extracted the preceding description block directly fr...

Mozilla Firefox ESR < 45.5 Multiple Vulnerabilities

Binary data 9805.prm...

Oracle MySQL Multiple Unspecified Vulnerabilities-24 (Jun 2016) - Linux

Oracle MySQL is prone to multiple unspecified vulnerabilities. SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Pemcracker - Tool To Crack Encrypted PEM Files

This tool is inspired by pemcrack by Robert Graham. The purpose is to attempt to recover the password for encrypted PEM files while utilizing all the CPU cores. It still uses high level OpenSSL calls in order to guess the password. As an optimization, instead of continually checking against the P...

Fedora 21 : pcre-8.35-14.fc21 (2015-14242)

This release fixes a heap overflow when compiling certain regular expressions with named refecences. This release fixes buffer overflows when compiling certain expressions. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory...

mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling...

mysql: unspecified vulnerability related to Server:Compiling (CPU April 2015)

Unspecified vulnerability in Oracle MySQL Server 5.5.42 and earlier, and 5.6.23 and earlier, allows remote authenticated users to affect availability via unknown vectors related to Server : Compiling...