Exploit for Use After Free in Microsoft

CVE-2021-40449 My exploit for CVE-2021-40449, a Windows LPE vi...

ThreadStackSpoofer - PoC For An Advanced In-Memory Evasion Technique Allowing To Better Hide Injected Shellcode'S Memory Allocation From Scanners And Analysts

A PoC implementation for an advanced in-memory evasion technique that spoofs Thread Call Stack. This technique allows to bypass thread-based memory examination rules and better hide shellcodes while in-process memory. Intro This is an example implementation for Thread Stack Spoofing technique...

Inceptor - Template-Driven AV/EDR Evasion Framework

Modern Penetration testing and Red Teaming often requires to bypass common AV/EDR appliances in order to execute code on a target. With time, defenses are becoming more complex and inherently more difficult to bypass consistently. Inceptor is a tool which can help to automate great part of this...

nightmare

This is a course on binary exploitation and reverse engineering, specifically targeting Linux systems. The course is designed to be a comprehensive guide to learning binary exploitation and reverse engineering, with a focus on hands-on exercises and real-world examples. The course covers a range ...

Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode (415 bytes)

; Name: Windows/x86 - Bind TCP shellcode / Dynamic PEB & EDT method null-free Shellcode 415 bytes ; Author: h4pp1n3ss ; Tested on: Microsoft Windows Version 10.0.19042.1237 ; Description: ; This a bind tcp shellcode that open a listen socket on 0.0.0.0 and port 1337. In order to accomplish this...

Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode 178 bytes

; Windows/x86 - WinExec PopCalc PEB & Export Directory Table NullFree Dynamic Shellcode 178 bytes ; Description: ; This is a shellcode that pop a calc.exe. The shellcode iuses ; the PEB method to locate the baseAddress of the required module and the Export Directory Table ; to locate symbols. Als...

Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode (230 bytes)

; Name: Windows/x86 - MessageBoxA PEB & Export Address Table NullFree/Dynamic Shellcode 230 bytes ; Author: h4pp1n3ss ; Tested on: Microsoft Windows Version 10.0.19042.1237 ; Description: ; This is a shellcode that ; pop a MessageBox and show the text "Pwn3d by h4pp1n3ss". In order to accomplish...

LittleCorporal - A C# Automated Maldoc Generator

LittleCorporal: A C Automated Maldoc Generator C:\LittleCorporal\bin\ReleaseLittleCorporal.exe C:\beacon.bin explorer.exe . . . . | | ||/ |/ || | \ \ | | | | | \ \ \ | / / \ / / \ \ \ / \ \ \ | | | || || | | | | |\ /\ \ | / | | // | | | ||| || |/\ \ //|| | / /|| // / / / || / / \ / o\ /...

emp3r0r

It is an offensive tool for Linux systems. The tool is called emp3r0r, a Linux post-exploitation framework made by a user named jm33-ng. It is designed to provide a better experience for remote administration on Linux systems, particularly for terminal-based interactions. The framework is written...

Ether MP3 CD Burner 1.3.8 - Buffer Overflow (SEH) Exploit

Exploit Title: EtherMP3CDBurner 1.3.8 - Buffer Overflow SEH Software Link: https://mp3-avi-mpeg-wmv-rm-to-audio-cd-burner.software.informer.com/download/?caa8ec-1.2 Software Link 2: https://anonfiles.com/X2Ff36J6ue/ethercdburnerexe Exploit Author: Achilles Tested Version: 1.3.8 Tested on: Windows...

New Malware Targets Windows Subsystem for Linux to Evade Detection

A number of malicious samples have been created for the Windows Subsystem for Linux WSL with the goal of compromising Windows machines, highlighting a sneaky method that allows the operators to stay under the radar and thwart detection by popular anti-malware engines. The "distinct tradecraft"...

Windows/x64 - Reverse TCP (192.168.201.11:4444) Shellcode (330 Bytes)

Title: Windows/x64 - Reverse TCP 192.168.201.11:4444 Shellcode 330 Bytes Author: Xenofon Vassilakopoulos Tested on: Windows/x64 - 10.0.19043 N/A Build 19043 / MIT License Copyright c 2021 Xenofon Vassilakopoulos Permission is hereby granted, free of charge, to any person obtaining a copy of this...

GoPurple - Yet Another Shellcode Runner Consists Of Different Techniques For Evaluating Detection Capabilities Of Endpoint Security Solutions

This project is a simple collection of various shell code injection techniques, aiming to streamline the process of endpoint detection evaluation, beside challenging myself to get into Golang world. Installation 1 - Requires go installed. 2 - Build the application from the project's directory: go...

SigFlip - A Tool For Patching Authenticode Signed PE Files (Exe, Dll, Sys ..Etc) Without Invalidating Or Breaking The Existing Signature

SigFlip is a tool for patching authenticode signed PE files exe, dll, sys ..etc in a way that doesn't affect or break the existing authenticode signature, in other words you can change PE file checksum/hash by embedding data i.e shellcode without breaking the file signature, integrity checks or P...

PEzor - Open-Source Shellcode And PE Packer

Read the blog posts here: https://iwantmore.pizza/posts/PEzor.html https://iwantmore.pizza/posts/PEzor2.html https://iwantmore.pizza/posts/PEzor3.html https://iwantmore.pizza/posts/PEzor4.html Installation The install.sh is designed to work on a Kali Linux distro. ---------------- \ / \ //\ \ |/|...

New SideWalk Backdoor Targets U.S.-based Computer Retail Business

A computer retail company based in the U.S. was the target of a previously undiscovered implant called SideWalk as part of a recent campaign undertaken by a Chinese advanced persistent threat group primarily known for singling out entities in East and Southeast Asia. Slovak cybersecurity firm ESE...

REW-sploit - Emulate And Dissect MSF And *Other* Attacks

REW-sploit The tool has been presented at Black-Hat Arsenal USA 2021 https://www.blackhat.com/us-21/arsenal/schedule/index.htmlrew-sploit-dissecting-metasploit-attacks-24086 Slides of presentation are available at https://github.com/REW-sploit/REW-sploitdocs Need help in analyzing Windows shellco...

NK Hackers Deploy Browser Exploits on South Korean Sites to Spread Malware

A North Korean threat actor has been discovered taking advantage of two exploits in Internet Explorer to infect victims with a custom implant as part of a strategic web compromise SWC targeting a South Korean online newspaper. Cybersecurity firm Volexity attributed the watering hole attacks to a...

crossfire-server 1.9.0 - SetUp() Remote Buffer Overflow Exploit

Exploit Title: crossfire-server 1.9.0 - 'SetUp' Remote Buffer Overflow Exploit Author: Khaled Salem @Khaled0x07 Software Link: https://www.exploit-db.com/apps/43240af83a4414d2dcc19fff3af31a63-crossfire-1.9.0.tar.gz Version: 1.9.0 Tested on: Kali Linux 2020.4 CVE : CVE-2006-1236 !/bin/python impor...

Malicious Ads Target Cryptocurrency Users With Cinobi Banking Trojan

A new social engineering-based malvertising campaign targeting Japan has been found to deliver a malicious application that deploys a banking trojan on compromised Windows machines to steal credentials associated with cryptocurrency accounts. The application masquerades as an animated porn game, ...