Red Team Toolkit
A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
https://github.com/DavidProbinsky/RedTeam-Physical-Tools
JOIN @h4ckerinthehouse FOR MORE! ✅
A curated list of tools that are commonly used in the field for Physical Security, Red Teaming, and Tactical Covert Entry.
https://github.com/DavidProbinsky/RedTeam-Physical-Tools
JOIN @h4ckerinthehouse FOR MORE! ✅
❤🔥7❤1
Extension Bypass V2
• do.php%00.png
• do.php%0A.png
• do.php\n.png
• do.php\u000a.png
• do.php\u560a.png
• do.php%E5%98%8A.png
• do.php#.png
• do.php%23.png
• do.php\u0023.png
• do.php;.png
• do.php%3B.png
• do.php\u003b.png
• do.php\u563b.png
• do.php%E5%98%BB.png
JOIN @h4ckerinthehouse FOR MORE! ✅
• do.php%00.png
• do.php%0A.png
• do.php\n.png
• do.php\u000a.png
• do.php\u560a.png
• do.php%E5%98%8A.png
• do.php#.png
• do.php%23.png
• do.php\u0023.png
• do.php;.png
• do.php%3B.png
• do.php\u003b.png
• do.php\u563b.png
• do.php%E5%98%BB.png
JOIN @h4ckerinthehouse FOR MORE! ✅
🔥6❤🔥1
level_up! : Web3 Security WarGames
level_up! is a smartcontracts challenge platform where users can register with their wallet and perform different challenges oriented to their security. In each challenge the corresponding Solidity code can be found for analysis.
level_up! is based on the idea that the best way to improve smart contract security is through active participation. By motivating users to work in such an easy way to find security flaws, we hope to improve good programming practices within smart contracts.
https://github.com/Telefonica/level_up
JOIN @h4ckerinthehouse FOR MORE! ✅
level_up! is a smartcontracts challenge platform where users can register with their wallet and perform different challenges oriented to their security. In each challenge the corresponding Solidity code can be found for analysis.
level_up! is based on the idea that the best way to improve smart contract security is through active participation. By motivating users to work in such an easy way to find security flaws, we hope to improve good programming practices within smart contracts.
https://github.com/Telefonica/level_up
JOIN @h4ckerinthehouse FOR MORE! ✅
❤6👍1
List of Awesome macOS Red Teaming Resources.
As more and more companies begin to adopt macOS as a daily office solution, we often encounter macOS operating system during our Pentest/Red Teaming process.
How to #hacking #macOS, how to achieve Persistence under macOS, and using this as a starting point Lateral Movement to DC is a topic worth research.
This list is for anyone who wants to learn about Red Teaming for macOS but has no starting point. 👇
https://github.com/tonghuaroot/Awesome-macOS-Red-Teaming
JOIN @h4ckerinthehouse FOR MORE! ✅
As more and more companies begin to adopt macOS as a daily office solution, we often encounter macOS operating system during our Pentest/Red Teaming process.
How to #hacking #macOS, how to achieve Persistence under macOS, and using this as a starting point Lateral Movement to DC is a topic worth research.
This list is for anyone who wants to learn about Red Teaming for macOS but has no starting point. 👇
https://github.com/tonghuaroot/Awesome-macOS-Red-Teaming
JOIN @h4ckerinthehouse FOR MORE! ✅
OSCE³ Study Guide
https://github.com/CyberSecurityUP/OSCE-Complete-Guide
JOIN @h4ckerinthehouse FOR MORE! ✅
https://github.com/CyberSecurityUP/OSCE-Complete-Guide
JOIN @h4ckerinthehouse FOR MORE! ✅
❤5
This media is not supported in your browser
VIEW IN TELEGRAM
SSH Remote Port Forwarding / Tunneling Explained.
(Animated 1 Minute Video)
The inverse of Local port forwarding is Remote port forwarding.
When communication arrives at a port on your Remote Exposed Server, it is sent to your local computer.
It allows you to forward a local port service on the remote (ssh server) machine to a port on the local (ssh client) machine, which is then forwarded to a port on the destination machine.
This can be utilize for Getting reverse shell during the assessment OR Pivoting through Network OR Exposing Local Services using Another Server.
Remote port forwarding helps in situations when you have compromised a box that has a service running on a port bound to localhost , but you want to access that service from outside.
JOIN @h4ckerinthehouse FOR MORE! ✅
(Animated 1 Minute Video)
The inverse of Local port forwarding is Remote port forwarding.
When communication arrives at a port on your Remote Exposed Server, it is sent to your local computer.
It allows you to forward a local port service on the remote (ssh server) machine to a port on the local (ssh client) machine, which is then forwarded to a port on the destination machine.
This can be utilize for Getting reverse shell during the assessment OR Pivoting through Network OR Exposing Local Services using Another Server.
Remote port forwarding helps in situations when you have compromised a box that has a service running on a port bound to localhost , but you want to access that service from outside.
JOIN @h4ckerinthehouse FOR MORE! ✅
🔥8❤1👍1
NEW KALI PURPLE
LEVELING THE PLAYING FIELD
- SOC analysis and threat hunting practice.
- Security control design and testing.
- Blue / Red / Purple teaming exercises.
- Kali spy vs. spy competitions (bare knuckle Blue vs. Red)
In addition, Kali Purple also has an expansive suite of over 100 defensive tools, including the likes of Arkime, CyberChef, Zeek, and more.
https://gitlab.com/kalilinux/kali-purple/documentation/-/wikis/home
https://www.kali.org/blog/kali-linux-2023-1-release/
DOWNLOAD:
https://www.kali.org/get-kali/
LEVELING THE PLAYING FIELD
- SOC analysis and threat hunting practice.
- Security control design and testing.
- Blue / Red / Purple teaming exercises.
- Kali spy vs. spy competitions (bare knuckle Blue vs. Red)
In addition, Kali Purple also has an expansive suite of over 100 defensive tools, including the likes of Arkime, CyberChef, Zeek, and more.
https://gitlab.com/kalilinux/kali-purple/documentation/-/wikis/home
https://www.kali.org/blog/kali-linux-2023-1-release/
DOWNLOAD:
https://www.kali.org/get-kali/
❤🔥5❤3🔥3
BountyTricks
Sharing #BugBounty tips and tricks with the community including but not limited to automation, one liners and useful thoughts.
https://github.com/NagliNagli/Shockwave-OSS
JOIN @h4ckerinthehouse FOR MORE! ✅
Sharing #BugBounty tips and tricks with the community including but not limited to automation, one liners and useful thoughts.
https://github.com/NagliNagli/Shockwave-OSS
JOIN @h4ckerinthehouse FOR MORE! ✅
👍2
Linux Post Exploitation
Tips, Tricks, and Scripts for Linux Post Exploitation.
https://github.com/regorsec/Linux-Post-Exploitation
JOIN @h4ckerinthehouse FOR MORE! ✅
Tips, Tricks, and Scripts for Linux Post Exploitation.
https://github.com/regorsec/Linux-Post-Exploitation
JOIN @h4ckerinthehouse FOR MORE! ✅
❤1
Goblob
A lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in Azure blobs, which can be useful for various research purposes such as vulnerability assessments, penetration testing, and reconnaissance.
https://github.com/Macmod/goblob
JOIN @h4ckerinthehouse FOR MORE! ✅
A lightweight and fast enumeration tool designed to aid in the discovery of sensitive information exposed publicy in Azure blobs, which can be useful for various research purposes such as vulnerability assessments, penetration testing, and reconnaissance.
https://github.com/Macmod/goblob
JOIN @h4ckerinthehouse FOR MORE! ✅
Latest Nuclei Release v2.9.0!
https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.0
https://github.com/projectdiscovery/nuclei/releases/tag/v2.9.0
GitHub
Release v2.9.0 · projectdiscovery/nuclei
What's Changed
Added support for templates in JSON format by @CodFrm in #3333
Added template sign/verify functionality by @Mzack9999 in #3029
Added -track-error option to add custom errors to ...
Added support for templates in JSON format by @CodFrm in #3333
Added template sign/verify functionality by @Mzack9999 in #3029
Added -track-error option to add custom errors to ...
🔥2
Ultimate DevSecOps library
This library contains list of tools and methodologies accompanied with resources. The main goal is to provide to the engineers a guide through opensource #DevSecOps tooling. This repository covers only #cybersecurity in the cloud and the DevSecOps scope.
https://github.com/sottlmarek/DevSecOps
JOIN @h4ckerinthehouse FOR MORE! ✅
This library contains list of tools and methodologies accompanied with resources. The main goal is to provide to the engineers a guide through opensource #DevSecOps tooling. This repository covers only #cybersecurity in the cloud and the DevSecOps scope.
https://github.com/sottlmarek/DevSecOps
JOIN @h4ckerinthehouse FOR MORE! ✅
🔥2
Critical Microsoft Outlook Vulnerability
A critical vulnerability has been discovered in Microsoft Outlook, which could allow hackers to remotely access and take control of a victim's computer. The vulnerability has been assigned the identifier CVE-2023-23397
JOIN @h4ckerinthehouse FOR MORE! ✅
A critical vulnerability has been discovered in Microsoft Outlook, which could allow hackers to remotely access and take control of a victim's computer. The vulnerability has been assigned the identifier CVE-2023-23397
JOIN @h4ckerinthehouse FOR MORE! ✅
❤1
CVE-2023-23397.ps1
2.9 KB
💥CVE-2023-23397-POC-Powershell
Script functions to either send or save calendar NTLM leakage using the ReminderSoundFile option. Run script to load the functions in Powershell, then you can use the examples below as a starting point for using the functions. Requires to be run on a Windows machine with Outlook installed since it uses the Outlook COM object to send emails. Note that it will send the email from the email account associated with Outlook. The current functions will add the meeting start time as of when the script is execute and set it to last 2 hours.
JOIN @h4ckerinthehouse FOR MORE! ✅
Script functions to either send or save calendar NTLM leakage using the ReminderSoundFile option. Run script to load the functions in Powershell, then you can use the examples below as a starting point for using the functions. Requires to be run on a Windows machine with Outlook installed since it uses the Outlook COM object to send emails. Note that it will send the email from the email account associated with Outlook. The current functions will add the meeting start time as of when the script is execute and set it to last 2 hours.
JOIN @h4ckerinthehouse FOR MORE! ✅
❤1
Open Source SQL Injection Tools
1 SQLMap – Automatic SQL Injection And Database Takeover Tool
2 jSQL Injection – Java Tool For Automatic SQL Database Injection
3 BBQSQL – A Blind SQL-Injection Exploitation Tool
4 NoSQLMap – Automated NoSQL Database Pwnage
5 Whitewidow – SQL Vulnerability Scanner
6 DSSS – Damn Small SQLi Scanner
7 explo – Human And Machine Readable Web Vulnerability Testing Format
8 Blind-Sql-Bitshifting – Blind SQL-Injection via Bitshifting
9 Leviathan – Wide Range Mass Audit Toolkit
10 Blisqy – Exploit Time-based blind-SQL-injection in HTTP-Headers (MySQL/MariaDB)
JOIN @h4ckerinthehouse FOR MORE! ✅
1 SQLMap – Automatic SQL Injection And Database Takeover Tool
2 jSQL Injection – Java Tool For Automatic SQL Database Injection
3 BBQSQL – A Blind SQL-Injection Exploitation Tool
4 NoSQLMap – Automated NoSQL Database Pwnage
5 Whitewidow – SQL Vulnerability Scanner
6 DSSS – Damn Small SQLi Scanner
7 explo – Human And Machine Readable Web Vulnerability Testing Format
8 Blind-Sql-Bitshifting – Blind SQL-Injection via Bitshifting
9 Leviathan – Wide Range Mass Audit Toolkit
10 Blisqy – Exploit Time-based blind-SQL-injection in HTTP-Headers (MySQL/MariaDB)
JOIN @h4ckerinthehouse FOR MORE! ✅
❤🔥3👍2❤1
How to Find Secrets in Javascripts files via crawling?
Explanation Takes live domains as input, crawled using hakrawler tool which extracts javascript files and then passes it to Secretfinder script which checks for sensitive data in the javascript files.
Liner:
JOIN @h4ckerinthehouse FOR MORE! ✅
Explanation Takes live domains as input, crawled using hakrawler tool which extracts javascript files and then passes it to Secretfinder script which checks for sensitive data in the javascript files.
Liner:
cat alive.txt | rush 'hakrawler -plain-js -depth 2 -url {}' | rush 'python3 /root/Tools/SecretFinder/SecretFinder.py -i-o cli' | anew secretfinderJOIN @h4ckerinthehouse FOR MORE! ✅
🔥4❤🔥2❤1
Federal agents of U.S. law enforcement arrested on Wednesday have arrested Conor Brian Fitzpatrick, a Peekskill, New York resident, who allegedly operated the infamous dark web data breach site, "BreachForums." The site, which hosted stolen databases from nearly 1,000 companies and websites, has been a significant player in the cybercrime ecosystem.
Fitzpatrick, who went by the online alias "Pompompurin," was charged with a single count of conspiracy to commit access device fraud. BreachForums offered stolen personal information, including names, emails, and passwords, for sale to users.
These databases were often used for fraudulent activities. Fitzpatrick's arrest took place at his home, where he admitted to using the alias "Pompompurin" and operating BreachForums.
In an affidavit filed with the District Court for the Southern District of New York, FBI Special Agent John Langmire said that at around 4:30 p.m. on March 15, 2023, he led a team of law enforcement agents that made a probable cause arrest of a Conor Brian Fitzpatrick in Peekskill, NY.
#stay safe while hacking "ethically"
#Focus on your OPSEC
Fitzpatrick, who went by the online alias "Pompompurin," was charged with a single count of conspiracy to commit access device fraud. BreachForums offered stolen personal information, including names, emails, and passwords, for sale to users.
These databases were often used for fraudulent activities. Fitzpatrick's arrest took place at his home, where he admitted to using the alias "Pompompurin" and operating BreachForums.
In an affidavit filed with the District Court for the Southern District of New York, FBI Special Agent John Langmire said that at around 4:30 p.m. on March 15, 2023, he led a team of law enforcement agents that made a probable cause arrest of a Conor Brian Fitzpatrick in Peekskill, NY.
#stay safe while hacking "ethically"
#Focus on your OPSEC
❤4👍1