Fingerprinting, Netscaler Gateway Version information leaking – the kolbicz blog
January 26, 2022 at 10:09:20 AM UTC - permalink -

- https://kolbi.cz/blog/2015/05/26/fingerprinting-netscaler-gateway-version/

qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt
January 25, 2022 at 9:23:18 PM UTC * - permalink -

- https://www.qualys.com/2022/01/25/cve-2021-4034/pwnkit.txt

Port 1 - 99
January 25, 2022 at 6:03:05 PM UTC - permalink -

- http://www.bekkoame.ne.jp/~s_ita/port/port1-99.html

Oracle WebLogic Server 12.1.3.0.0 / 12.2.1.3.0 / 12.2.1.4.0 / 14.1.1.0.0 Local File Inclusion
January 25, 2022 at 5:43:19 PM UTC - permalink -

- https://gist.github.com/picar0jsu/f3e32939153e4ced263d3d0c79bd8786

code white | Blog: RCE in Citrix ShareFile Storage Zones Controller (CVE-2021-22941) – A Walk-Through
January 25, 2022 at 5:39:20 PM UTC - permalink -

- https://codewhitesec.blogspot.com/2021/09/citrix-sharefile-rce-cve-2021-22941.html

dotdotpwn/TraversalEngine.pm at master · wireghoul/dotdotpwn
January 25, 2022 at 1:59:12 PM UTC - permalink -

- https://github.com/wireghoul/dotdotpwn/blob/master/DotDotPwn/TraversalEngine.pm#L50

Cobalt Strike, a Defender’s Guide - Part 2
January 25, 2022 at 12:23:52 AM UTC - permalink -

- https://thedfirreport.com/2022/01/24/cobalt-strike-a-defenders-guide-part-2/

T E X T F I L E S
January 20, 2022 at 10:03:08 AM UTC - permalink -

- http://textfiles.com/hacking/

optiv/Ivy: Ivy is a payload creation framework for the execution of arbitrary VBA (macro) source code directly in memory. Ivy’s loader does this by utilizing programmatical access in the VBA object environment to load, decrypt and execute shellcode.
January 12, 2022 at 3:34:45 PM UTC - permalink -

- https://github.com/optiv/Ivy

Yaxser/Backstab: A tool to kill antimalware protected processes
January 12, 2022 at 12:01:12 PM UTC - permalink -

- https://github.com/Yaxser/Backstab

sickcodes/Docker-OSX: Run Mac in a Docker! Run near native OSX-KVM in Docker! X11 Forwarding! CI/CD for OS X!
January 12, 2022 at 12:00:57 PM UTC - permalink -

- https://github.com/sickcodes/Docker-OSX

http://www.blogeek.ch/images/news/gpsimac.mp3
January 10, 2022 at 3:27:24 PM UTC - permalink -

- http://www.blogeek.ch/images/news/gpsimac.mp3

kleiton0x00/Advanced-SQL-Injection-Cheatsheet: A cheat sheet that contains advanced queries for SQL Injection of all types.
January 9, 2022 at 1:58:19 PM UTC - permalink -

- https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet/

OSWE cheat sheet – V1s3r1on
January 5, 2022 at 12:52:02 AM UTC - permalink -

- https://cyber-dragon.nl/oswe-cheat-sheet/

How to audit a Magento site for upgrades or custom functionality | Cadence Labs
January 2, 2022 at 11:07:23 PM UTC - permalink -

- https://www.cadence-labs.com/2016/02/how-to-audit-a-magento-site-for-upgrades-or-custom-functionality/?PageSpeed=noscript

Adrian ⛩️ Hetman 🐺⚔️ on Twitter: "How to make a jump from Web2 hacking to Web3 hacking? This is the question I started getting over DMs and I decided to answer all of them in a form of a Twitter thread so other can learn to. knowledge will be compressed so keep that in mind🙃 Here we go! 🧵👇 https://t.co/Y5C55Ze8dO" / Twitter
January 2, 2022 at 2:18:18 PM UTC - permalink -

- https://twitter.com/adrianhetman/status/1475550508354093072

FH8kA3rXwAILKzB (Image JPEG, 2911 × 2560 pixels)
January 2, 2022 at 1:45:14 PM UTC * - permalink -

- https://pbs.twimg.com/media/FH8kA3rXwAILKzB?format=jpg&name=4096x4096

Attacking Java RMI via SSRF | qtc's blog
December 31, 2021 at 2:27:06 PM UTC - permalink -

- https://blog.tneitzel.eu/posts/01-attacking-java-rmi-via-ssrf/

c3c/ADExplorerSnapshot.py: ADExplorerSnapshot.py is an AD Explorer snapshot ingestor for BloodHound.
December 28, 2021 at 11:15:33 PM UTC - permalink -

- https://github.com/c3c/ADExplorerSnapshot.py

ForbiddenProgrammer/conti-pentester-guide-leak: Leaked pentesting manuals given to Conti ransomware crooks
December 17, 2021 at 1:58:49 PM UTC - permalink -

- https://github.com/ForbiddenProgrammer/conti-pentester-guide-leak