HackGit

2022-04-23 10:00:37 Outflank

C2 Tool Collection

This repository contains a collection of tools which integrate with Cobalt Strike (and possibly other C2 frameworks) through BOF and reflective DLL loading techniques.

https://github.com/outflanknl/C2-Tool-Collection Открыть/Комментировать

2022-04-23 09:55:07 ​Undupify

Heuristic-based tool aiming to remove most of unnecessary URLs in a file.

Undupify allows to get rid of most of irrelevant and identical-in-behavior URLs in a file. Undupify incorporates itself really well in a hacking workflow where you would want to apply an additional layer of filtering to your URLs before sending them to a deep time-consuming vulnerability scan.

https://github.com/Th0h0/undupify Открыть/Комментировать

2022-04-22 16:16:00 ​Subscan4

Script that performs a scan of a specific domain, using the following tools: Subfinder, assetfinder, amass and httpx. The result is merged into one file.

https://github.com/drak3hft7/Subscan4 Открыть/Комментировать

2022-04-22 14:14:00 ​Meta(Facebook) BugBounty-Writeups

Inspired from xdavidhu & 1hack0 this is a repo which contains Facebooks Updated BugBounty Writeups.

https://github.com/jaiswalakshansh/Facebook-BugBounty-Writeups/blob/main/README.md

#writeup #facebook #bugbounty #guide #infosec Открыть/Комментировать

2022-04-22 09:44:36 CVE-2022-21449

Exploitation and Sample Vulnerable Application of the JWT Null Signature Vulnerability

https://github.com/DataDog/security-labs-pocs/tree/main/proof-of-concept-exploits/jwt-null-signature-vulnerable-app

#cybersecurity #infosec #infosecurity #pentesting Открыть/Комментировать

2022-04-22 09:41:40 ​CVE-2022-21449

This tool allows to perform a quick scan of compiled code archives (.jar, .war etc) in order to check for vulnerability to CVE-2022-21449 by looking for the string indicating the use of ECDSA algorithm. The tool uses Python3 with no additional prerequisite

https://github.com/jfrog/jfrog-CVE-2022-21449 Открыть/Комментировать

2022-04-22 09:40:54 Awesome-Exploit

https://github.com/Threekiii/Awesome-Exploit

#redteam #hackers #exploit Открыть/Комментировать

2022-04-21 18:18:00 ​Burp Suite for Pentester

This cheatsheet is built for the Bug Bounty Hunters and Penetration Testers such in order to help them to hunt the vulnerabilties from P4 to P1 solely and completely with "BurpSuite".

It is designed such that the beginners can understand the fundamentals and the professionals can brush up their skills with the advanced options.

There are multiple ways to perform all the mentioned tasks, thereby we've performed and compiled this list over with our experience. Please share it with your connections and send your queries and feedbacks directly to Hacking Articles.

https://github.com/Ignitetechnologies/BurpSuite-For-Pentester Открыть/Комментировать

2022-04-21 15:15:00 ​WSO2 RCE (CVE-2022-29464) exploit.

Critical vulnerability on WSO2 discovered by Orange Tsai. the vulnerability is an unauthenticated unrestricted arbitrary file upload which which allows unauthenticated attackers to gain RCE on WSO2 servers via uploading malicious JSP files.

https://github.com/hakivvi/CVE-2022-29464 Открыть/Комментировать

2022-04-21 15:15:00 WinPmem

WinPmem has been the default open source memory acquisition driver for windows for a long time. It used to live in the Rekall project, but has recently been separated into its own repository.

https://github.com/Velocidex/WinPmem Открыть/Комментировать