Link Dump 10/12/19

by admin

Saturday, October 12th, 2019 at 1:01 pm

https://github.com/h43z/dns-rebinding-tool/
http://intx0x80.blogspot.com/2019/10/JWT.html
https://twitter.com/kaluche_/status/1181834267204210688
https://github.com/Hackplayers/Salsa-tools
https://github.com/AlmondOffSec/PoCs/tree/master/Windows_wermgr_eop
https://github.com/HunnicCyber/SharpSniper
https://github.com/3gstudent/GadgetToJScript
https://github.com/ZeroPointSecurity/GoldenTicket
https://github.com/coolboy4me/cve-2019-0708_bluekeep_rce
https://github.com/bugbounty-site/exploits/tree/master/CVE-2019-14994

Reading
https://xz.aliyun.com/t/6498
https://thewover.github.io/Bear-Claw/
https://blog.hunniccyber.com/phishing-with-netlify/
https://www.preempt.com/blog/drop-the-mic-2-active-directory-open-to-more-ntlm-attacks/
https://silentbreaksecurity.com/cve-2019-10617/
https://www.nextron-systems.com/2019/10/04/antivirus-event-analysis-cheat-sheet-v1-7-2/
https://jailbreak.fce365.info/Thread-It-s-possible-once-again-to-bypass-iCloud-by-using-a-CFW-with-the-CheckM8-Exploit?pid=1151#pid1151
https://offsec.almond.consulting/windows-error-reporting-arbitrary-file-move-eop.html
https://ssd-disclosure.com/archives/4033/ssd-advisory-openssh-pre-auth-xmss-integer-overflow
https://safebreach.com/Post/HP-Touchpoint-Analytics-DLL-Search-Order-Hijacking-Potential-Abuses-CVE-2019-6333

Link Dump 10/2

by admin

Wednesday, October 2nd, 2019 at 7:03 pm

Tools:
HRShell –  Flask HTTP/HTTPS Reverse Shell/C2
Evil WinRM + Donut-Loader
USB Armory MKII
PyPyKatz-WASM – Parse lsass dumps in the cloud
https://shell.now.sh/
SMB2 snapshots with Impacket SMBClient
Python API wrapper for spyse.com tools
SharpDoor – termsrv.dll multiRDP patcher

Reading:
https://thehackernews.com/2019/09/windows-fileless-malware-attack.html
https://posts.specterops.io/understanding-and-defending-against-access-token-theft-finding-alternatives-to-winlogon-exe-80696c8a73b
https://www.praetorian.com/blog/running-a-net-assembly-in-memory-with-meterpreter
IP: Loading... - Host: Loading...
IP Geolocation: unknown.

We love our country, but fear our government.

https://www.voleybolum.org/
https://www.arschorus.com/
https://voteantoniobrown.com/
https://enriquefeldman.com/
https://hotel.kirpisoft.com.tr/
https://tms.timetotimecourierservice.com/
https://nanucloud.com/about-us/
https://www.ucandaire.org/
https://nelsonhouseantiques.com/
https://www.bng-tech.com/en/
https://mikestgp.com/
https://mindspecialistsschool.com/site/about/
https://cherrylodgecancercare.org/
https://lsppetalindo.com/klien/
https://bitacorapolitica.com.mx/
https://www.greensswatertanks.com/
https://smyrnalibrary.org/
https://www.blueridgecafefloyd.com/
https://kaashitech.com/
https://metlife-indmed.mednet-global.com:8855/
https://cms.mindspecialistsschool.com/
https://shmechanicals.com/
https://hoteldesetrangers.com.tr/canakkale/
https://metalescamacho.com/nosotros/
https://www.5tips.co/freebies/
https://fcjcorredoresdeseguros.com/contacto/
https://poligreenperu.com/servicios/
https://rymline.com/servicios/
https://webbasel.com/
https://abaclofen.com/
https://noobzinho.com/
https://aprilisarte.com/
https://elmentor.com.py/contact-us/
https://jmluque.gov.py/minutas/
https://nagawin88.vip/
https://anket.bigsportawards.com/
https://solucionesempresas.org/
https://servicio-maritimo.com/
https://xn--viasyparrasdelsur-gxb.com/contact/
https://sitiodato.com/contacto/
https://calientitas.club/21-2/
https://www.bdoentry.com/
https://richpointofview.com/
https://www.beingawoman.org/events/
https://ekumen.com.tr/
https://www.tirarobots.com/
https://www.simetiket.com/referanslar/
https://boranaumutol.com/sss/
https://hygeiaes.net/
https://www.kapilgrv.in/
https://holidayresortsmurree.com/services/
https://invisay.com/reseller/
https://ethio.shop/about-us/