HackGit

2022-09-01 10:10:01 ​​Awesome Password Cracking

A curated list of awesome tools, research, papers and other projects related to password cracking and password security.

https://github.com/narkopolo/awesome-password-cracking

t.me/hackgit Открыть/Комментировать

2022-09-01 10:10:00 ​​MSSQL-Analysis-Coerce

Coerced Authentication

A technique to coerce a Windows SQL Server to authenticate on an arbitrary machine.

https://github.com/p0dalirius/MSSQL-Analysis-Coerce Открыть/Комментировать

2022-08-31 18:18:01 ​​Wpushell

A tool used to upload a backdoor shell to a site that uses a WordPress Content Management System with a simple and fast process. Built using the Python programming language and can only be run on the command line terminal.

This tool has advantages which include:
Fast process.
Execution of more than one target.
Easy to use.

https://github.com/22XploiterCrew-Team/Wpushell Открыть/Комментировать

2022-08-31 18:18:00 ​​GarbageMan

A set of tools designed for .NET heap analysis. These tools offer the following benefits for malware researchers:

Ability to extract clear-text payload (PE Images etc.) from .NET heaps quickly.
Easy analysis of encrypted network protocols, signs of data exfiltration, and similar.
Ability to overcome malware anti-dumping techniques (psnotify)

https://github.com/WithSecureLabs/GarbageMan

t.me/hackgit Открыть/Комментировать

2022-08-31 17:17:01 ​​Probe

This is a special tool for bug hunter for automated recon process smoothly.

https://github.com/whoami-anoint/Probe

t.me/hackgit Открыть/Комментировать

2022-08-31 17:17:00 ​​CVE-2022-1388

F5 BIG-IP RCE exploitation (CVE-2022-1388)

https://github.com/alt3kx/CVE-2022-1388_PoC

#cve #poc Открыть/Комментировать

2022-08-31 14:14:01 ​​PyExchangePasswordSpray

Microsoft Exchange password spraying tool with proxy capabilities.

Features:
Proxy List Support . HTTP & HTTPS
Set a delay between each password spray.
Use user & password list from a txt file
Multi-threading support

https://github.com/iomoath/PyExchangePasswordSpray Открыть/Комментировать

2022-08-31 14:14:00 ​​BlazingFast

DoS method (updated 2022)

The previous method I posted has been patched, this one has not been. You can modify this script or implement it in order to use bots to take down a BlazingFast VPS. BlazingFast is known for being a relatively good host, and with my own experience, has a good team.

BlazingFast protects all its virtual private servers with very good mitigation and detection methods, this script bypasses them by pretending to be a whitelisted crawling bot (BlazingFast use them to crawl servers for statistics such as avg heat, avg net use, etc) and succeeds in sending enough traffic to knock down a single server its aimed at.

https://github.com/0x44F/blazingfast-dos-updated Открыть/Комментировать

2022-08-31 13:13:01 ​​Ekko_CFG_Bypass

A PoC for adding NtContinue to the CFG allowed list in order to make callback-based sleep obfuscation techniques work in a CFG protected process.

Use the markCFGValid_std function to call SetProcessValidCallTargets and the markCFGValid_nt function to call NtSetInformationVirtualMemory.

https://github.com/IcebreakerSecurity/Ekko_CFG_Bypass

t.me/hackgit Открыть/Комментировать

2022-08-31 13:13:00 ​​The_spy_job

This Tool is focused on the OSINT of almost all areas (People, Nicknames, Social Networks, Emails, Phone Numbers, Websites, Public IPs and Images).

https://github.com/XDeadHackerX/The_spy_job

t.me/hackgit Открыть/Комментировать