Shared Bookmarks

781 links

Links per page: 20 50 100

◄Older

page 12 / 40

Newer►

mlgualtieri/NTLMRawUnHide: NTLMRawUnhide.py is a Python3 script designed to parse network packet capture files and extract NTLMv2 hashes in a crackable format. The following binary network packet capture formats are supported: *.pcap *.pcapng *.cap *.etl

https://www.mike-gualtieri.com/posts/live-off-the-land-and-crack-the-ntlmssp-protocol
September 28, 2022 at 2:42:02 PM UTC - permalink -

- https://github.com/mlgualtieri/NTLMRawUnHide

ntlmv2 windows ntlm network sniffer
Windows 10 quietly got a built-in network sniffer, how to use

pktmon filter add -p 445
pktmon start --etw -p 0 -c 13
pktmon format PktMon.etl -o test.txt
pktmon pcapng <input> -o <output>
pktmon start --etw -p 0 -c 13 -l real-time
pktmon start --etw --pkt-size 0 --comp 1
September 28, 2022 at 2:35:41 PM UTC - permalink -

- https://www.bleepingcomputer.com/news/microsoft/windows-10-quietly-got-a-built-in-network-sniffer-how-to-use/

pktmon sniffer networking windows rpc 445
jakejarvis/awesome-shodan-queries: 🔍 A collection of interesting, funny, and depressing search queries to plug into shodan.io 👩‍💻
September 27, 2022 at 10:34:17 PM UTC * - permalink -

- https://github.com/jakejarvis/awesome-shodan-queries

awesome shodan queries
5pider on Twitter: "90% of my Twitter DMs are asking me about how to start getting into Malware development. Well, I love answering them but it's easier to write a small thread about it so here we go. 1/12" / Twitter
September 27, 2022 at 12:35:33 PM UTC - permalink -

- https://twitter.com/C5pider/status/1555256779553906694

maldev
FourCoreLabs/EDRHunt: Scan installed EDRs and AVs on Windows
September 27, 2022 at 9:00:47 AM UTC - permalink -

- https://github.com/FourCoreLabs/EDRHunt

edr av hunt check install
zeroperil/HookDump: Security product hook detection
September 26, 2022 at 6:20:08 PM UTC - permalink -

- https://github.com/zeroperil/HookDump

edr hooking hook
D4stiny/spectre: A Windows kernel-mode rootkit that abuses legitimate communication channels to control a machine.
September 26, 2022 at 6:19:53 PM UTC - permalink -

- https://github.com/D4stiny/spectre

windows rootkit
kitabisa/mubeng: An incredibly fast proxy checker & IP rotator with ease.

https://github.com/ustayready/fireprox
proxycannon
proxymesh
September 26, 2022 at 4:23:40 PM UTC - permalink -

- https://github.com/kitabisa/mubeng

proxy rotate
hackerscrolls/SecurityTips
September 24, 2022 at 9:50:31 PM UTC - permalink -

- https://github.com/hackerscrolls/SecurityTips

tips pentest cheatsheet todo
barrracud4/image-upload-exploits: This repository contains various media files for known attacks on web applications processing media files. Useful for penetration tests and bug bounty.
September 24, 2022 at 9:50:18 PM UTC * - permalink -

- https://github.com/barrracud4/image-upload-exploits

upload rce vuln cheatsheet tool
Liferay Portal Json Web Service Deserialization Vulnerability (CVE-2020–7961) Analysis | by Knownsec 404 team | Medium
September 22, 2022 at 12:15:30 PM UTC * - permalink -

- https://medium.com/@knownsec404team/liferay-portal-json-web-service-deserialization-vulnerability-cve-2020-7961-analysis-ca9f24478274

liferay rce c3p0
lkarlslund/ldapnomnom: Anonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)
September 21, 2022 at 11:17:06 AM UTC - permalink -

- https://github.com/lkarlslund/ldapnomnom

tool ldap ping username user bf bruteforce ad internal
assetnote/kiterunner: Contextual Content Discovery Tool
September 21, 2022 at 11:16:24 AM UTC - permalink -

- https://github.com/assetnote/kiterunner

enum recon tool discovery endpoint dynamic
Escape-Technologies/graphinder: 🕸️ Blazing fast GraphQL endpoints finder using subdomain enumeration, scripts analysis and bruteforce. 🕸️
September 21, 2022 at 11:15:57 AM UTC - permalink -

- https://github.com/Escape-Technologies/graphinder

graphql web fuzzer
Markakd/CVE-2022-2588: exploit for CVE-2022-2588
September 20, 2022 at 11:15:38 PM UTC * - permalink -

- https://github.com/Markakd/CVE-2022-2588

lpe privesc linux
citronneur/pamspy: Credentials Dumper for Linux using eBPF
September 20, 2022 at 10:46:38 PM UTC - permalink -

- https://github.com/citronneur/pamspy

rootkit postex ebpf pass creds pam ssh 3snake
NF.sec – Linux Security Blog - Wstrzykiwanie .htaccess do aplikacji PHP
September 20, 2022 at 4:11:46 PM UTC - permalink -

- https://nfsec.pl/security/5927

php htaccess upload
CyberSecurityUP/Cloud-Security-Attacks: Azure and AWS Attacks
September 19, 2022 at 9:03:28 AM UTC - permalink -

- https://github.com/CyberSecurityUP/Cloud-Security-Attacks

cloud aws azure gcp
The hidden side of Seclogon part 3: Racing for LSASS dumps
September 12, 2022 at 12:52:47 PM UTC - permalink -

- https://splintercod3.blogspot.com/p/the-hidden-side-of-seclogon-part-3.html

lsass dump toread
LSASS dumping in 2021/2022 - from memory - without C2 | S3cur3Th1sSh1t
September 8, 2022 at 4:02:20 PM UTC - permalink -

- https://s3cur3th1ssh1t.github.io/Reflective-Dump-Tools/

lsass dumping internal

Links per page: 20 50 100

◄Older

page 12 / 40

Newer►