HackGit

2022-06-18 20:35:20 DelegationBOF

This tool uses LDAP to check a domain for known abusable Kerberos delegation settings. Currently, it supports RBCD, Constrained, Constrained w/Protocol Transition, and Unconstrained Delegation checks.

Despite the name, I decided to add in a couple more features since the bulk of the code was already there. So now there is a get-spns command as well which can look for ASREP accounts or Kerberoastable SPNs.

https://github.com/IcebreakerSecurity/DelegationBOF Открыть/Комментировать

2022-06-18 17:38:05 ​PoC for MS-DFSNM coerce authentication using NetrDfsRemoveStdRoot method

Spooler service disabled, RPC filters installed to prevent PetitPotam and File Server VSS Agent Service not installed but you still want to relay DC authentication to ADCS? Don't worry MS-DFSNM have your back:

https://github.com/Wh04m1001/DFSCoerce

Inspired by:
https://github.com/topotam/PetitPotam
https://github.com/ShutdownRepo/ShadowCoerce
https://github.com/leechristensen/SpoolSample

#authentication #coercion #petitpotam #dfsnm Открыть/Комментировать

2022-06-18 11:11:00 ​Sliver Keylogger

https://github.com/trustedsec/SliverKeylogger Открыть/Комментировать

2022-06-18 11:11:00 ​CVE-2022-26937

Windows Network File System Crash PoC

https://github.com/omair2084/CVE-2022-26937

#cve Открыть/Комментировать

2022-06-18 10:00:49 ​Fivem-Exec-bypass

Safe and practical Exec Bypass.

https://github.com/SarnaxLii/Fivem-Exec-bypass Открыть/Комментировать

2022-06-18 09:33:44 MikroTik Cloud Hosted Router Universal Unpatchable Jailbreak

Universal "unpatchable" jailbreak for all MikroTik RouterOS versions:

1. Download Cloud Router VM image, boot it in your favourite hypervisor
2. Suspend / save to disk
3. Replace /nova/bin/login with /bin/sh in the saved memory image
4. Restore the running VM from the memory image

https://github.com/pedrib/PoC/blob/master/tools/mikrotik_jailbreak.py Открыть/Комментировать

2022-06-18 09:29:19 ​Caesium

Powerful Java bytecode obfuscator written by sim0n for fun, and released for the public.

Currently available mutators:
Class Folder (Turns classes into folders)
Control Flow
Crasher (Will crash almost every GUI based RE tool)
Local Variable
Line Number
Number
Polymorph
Reference (invokedynamics)
String
Trim (Currently only trims math functions)

https://github.com/sim0n/Caesium Открыть/Комментировать

2022-06-18 09:26:25 ​SuspendEventLogBOF

Beacon Object File to locate and suspend the threads hosting the Event Log service. Utilizes syscalls via InlineWhispers.

https://github.com/nick-frischkorn/SuspendEventLogBOF Открыть/Комментировать

2022-06-18 09:25:11 ​InlineWhispers

Dump the LSASS process via the silent process. This implementation use direct syscall genreated with Outflanknl's InlineWhispers.

https://github.com/guervild/BOFs/tree/dev/SilentLsassDump

#lsass #dump #mimikatz #memory Открыть/Комментировать

2022-06-17 17:45:41 ​WiFi Exploitation Framework

A fully offensive framework to the 802.11 networks and protocols with different types of attacks for WPA and WEP, automated hash cracking, bluetooth hacking and much more.

Supported attacks:
Deauthentication Attack
Authentication Attack
Beacon Flood Attack
PKMID Attack
EvilTwin Attack
Passive/Stealthy Attack
Pixie Dust Attack
Null Pin Attack
Chopchop Attack
Replay Attack
Michael Exploitation Attack
Caffe-Latte Attack
Jamming, Reading and Writing bluetooth connections
GPS Spoofing with HackRF

Features:
Log generator
WPA/WPA2, WPS and WEP Attacks
Auto handshake cracking
Multiple templates for EvilTwin attack
Check monitor mode and it status
2Ghz and 5Ghz attacks
Custom wordlist selector
Auto detect requirements
Bluetooth support (Jamming, Reading, Writing)

https://github.com/D3Ext/WEF Открыть/Комментировать