3145 matches found
PowerSharpPack - Many usefull offensive CSharp Projects wraped into Powershell for easy usage
Many usefull offensive CSharp Projects wraped into Powershell for easy usage. Why? In my personal opinion offensive Powershell is not dead because of AMSI, Script-block-logging, Constrained Language Mode or other protection features. Any of these mechanisms can be bypassed. Since most new...
FIN8 Hackers Return With More Powerful Version of BADHATCH PoS Malware
Threat actors known for keeping a low profile do so by ceasing operations for prolonged periods in between to evade attracting any attention as well as constantly refining their toolsets to fly below the radar of many detection technologies. One such group is FIN8, a financially motivated threat...
FIN8 Hackers Return With More Powerful Version of BADHATCH PoS Malware
Threat actors known for keeping a low profile do so by ceasing operations for prolonged periods in between to evade attracting any attention as well as constantly refining their toolsets to fly below the radar of many detection technologies. One such group is FIN8, a financially motivated threat...
Exploit for Path Traversal in Microsoft
I will continue to add any new code or modify existing code ba...
Exploit for Server-Side Request Forgery in Microsoft
It is an offensive tool for Microsoft Exchange server vulnerabil...
CVE-2021-24082
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability...
CVE-2021-24082
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability...
Security feature bypass
Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability...
CVE-2021-24082
Technical details for CVE-2021-24082 are not publicly available in the provided connected documents. The records list the vulnerability title but do not specify affected products, root cause, impact, or fixes. Monitor for updates.
CVE-2021-24082 Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability
...
APT-Hunter - Threat Hunting Tool For Windows Event Logs Which Made By Purple Team Mindset To Provide Detect APT Movements Hidden In The Sea Of Windows Event Logs To Decrease The Time To Uncover Suspicious Activity
APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity . this tool will make a good use of the windows event logs collected and make sure...
Tax Season Ushers in Quickbooks Data-Theft Spike
Cybercriminals are ready for tax season with new malware designed to exfiltrate Quickbooks data and post it on the internet, according to a new report from ThreatLocker. Attackers use email to deliver the malware, which the ThreatLocker’s CEO Danny Jenkins told Threatpost is a simple, 15-line pie...
Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks
New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or othe...
Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks
New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or othe...
RAT-el - An Open Source Penetration Test Tool That Allows You To Take Control Of A Windows Machine
RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus...
HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)
Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...
Vulnerability of application control tools: Application control in Windows Defender Application Control (WDAC), a PowerShell Core automation tool, allows attackers to bypass existing security mechanisms.
The vulnerability of the application control tool, Windows Defender Application Control WDAC, a PowerShell Core automation tool, is related to security configuration errors. Exploiting this vulnerability allows a malicious actor to bypass existing security measures remotely...
The vulnerability of the application control tool: Windows Defender Application Control (WDAC), a PowerShell Core automation tool that allows attackers to gain unauthorized access to protected information.
The vulnerability of the application control tool, Windows Defender Application Control WDAC, a PowerShell Core automation tool, is related to security configuration errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected informati...
HFS (HTTP File Server) 2.3.x Remote Code Execution
Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...
Vulnerability of .NET Core software, PowerShell Core automation tools, and Microsoft Visual Studio software, related to insufficient input data validation, allowing attackers to trigger service failures.
The vulnerability of the .NET Core runtime, the PowerShell Core automation tool, and the Microsoft Visual Studio software is related to insufficient validation of input data. Exploiting this vulnerability can allow an attacker to cause service failures remotely...