blacklanternsecurity/TREVORspray: A featureful round-robin SOCKS proxy and Python O365 sprayer based on MSOLSpray which uses the Microsoft Graph API
November 28, 2020 at 1:26:07 PM UTC - permalink -

- https://github.com/blacklanternsecurity/TREVORspray

proxycannon/proxycannon-ng: A private botnet using multiple cloud environments for pentesters and red teamers. - Built by the community during a hackathon at the WWHF 2018 security conference
November 28, 2020 at 1:13:26 PM UTC - permalink -

- https://github.com/proxycannon/proxycannon-ng

Path to Process Injection — Bypass Userland API Hooking | by Seemant Bisht | Nov, 2020 | Medium
November 27, 2020 at 6:58:26 PM UTC * - permalink -

- https://securitytimes.medium.com/path-to-process-injection-bypass-userland-api-hooking-a8a49ae5def6

moohax/Proof-Pudding: Copy cat model for Proofpoint
November 24, 2020 at 11:27:06 AM UTC - permalink -

- https://github.com/moohax/Proof-Pudding

InsertScript: ImageMagick - Shell injection via PDF password
November 23, 2020 at 2:15:09 PM UTC - permalink -

- https://insert-script.blogspot.com/2020/11/imagemagick-shell-injection-via-pdf.html

shhgit: find secrets in real time across GitHub, GitLab and BitBucket
November 23, 2020 at 2:04:04 PM UTC - permalink -

- https://www.shhgit.com/

(292) 118 Attacking ADFS Endpoints with PowerShell Karl Fosaaen - YouTube
November 22, 2020 at 11:33:41 PM UTC - permalink -

- https://www.youtube.com/watch?v=oTyLdAUjw30&feature=emb_logo

Bypassing LSA Protection (aka Protected Process Light) without Mimikatz on Windows 10 - RED CURSOR
November 20, 2020 at 12:41:31 AM UTC - permalink -

- https://www.redcursor.com.au/blog/bypassing-lsa-protection-aka-protected-process-light-without-mimikatz-on-windows-10

RythmStick/AMSITrigger: The Hunt for Malicious Strings
November 19, 2020 at 9:58:07 PM UTC - permalink -

- https://github.com/RythmStick/AMSITrigger

Constructing Kerberos Attacks with Delegation Primitives - Constructing Kerberos Attacks with Delegation Primitives.pdf
November 19, 2020 at 9:54:57 PM UTC * - permalink -

- https://shenaniganslabs.io/media/Constructing%20Kerberos%20Attacks%20with%20Delegation%20Primitives.pdf

Databases and Clouds: SQL Server as a C2
November 18, 2020 at 5:04:38 PM UTC - permalink -

- https://blog.netspi.com/databases-and-clouds-sql-server-as-a-c2/

CSM_pocs.md
November 18, 2020 at 1:31:54 PM UTC - permalink -

- https://gist.github.com/Frycos/8bf5c125d720b3504b4f28a1126e509e

Advanced MSSQL Injection Tricks – PT SWARM
November 13, 2020 at 3:47:35 PM UTC - permalink -

- https://swarm.ptsecurity.com/advanced-mssql-injection-tricks/

HoangKien1020/CVE-2020-10239: CVE-2020-10239: Incorrect Access Control in com_fields SQL field-RCE- PoC
November 12, 2020 at 9:30:30 AM UTC - permalink -

- https://github.com/HoangKien1020/CVE-2020-10239

The OXID Resolver [Part 1] - Remote enumeration of network interfaces without any authentication - Airbus CyberSecurity
November 11, 2020 at 2:38:47 PM UTC * - permalink -

- https://airbus-cyber-security.com/the-oxid-resolver-part-1-remote-enumeration-of-network-interfaces-without-any-authentication/

phra's blog ~ Technical posts about InfoSec
November 11, 2020 at 11:47:49 AM UTC - permalink -

- https://iwantmore.pizza/posts/PEzor.html

РНР_wrappers.pdf
November 11, 2020 at 11:24:43 AM UTC - permalink -

- https://www.ptsecurity.com/upload/corporate/ru-ru/webinars/ics/%D0%90.%D0%9C%D0%BE%D1%81%D0%BA%D0%B2%D0%B8%D0%BD_%D0%9E_%D0%B1%D0%B5%D0%B7%D0%BE%D0%BF_%D0%B8%D1%81%D0%BF_%D0%A0%D0%9D%D0%A0_wrappers.pdf

Orange: 十月 2018
November 10, 2020 at 6:38:26 PM UTC - permalink -

- http://blog.orange.tw/2018/10/

Exploit with PHP Protocols / Wrappers - cdxy
November 10, 2020 at 4:41:29 PM UTC - permalink -

- https://www.cdxy.me/?p=752

PowerPoint Presentation - us-18-Thomas-It's-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf
November 10, 2020 at 12:07:26 PM UTC - permalink -

- https://raw.githubusercontent.com/s-n-t/presentations/master/us-18-Thomas-It%27s-A-PHP-Unserialization-Vulnerability-Jim-But-Not-As-We-Know-It.pdf