Адрес канала:
Категории:
Софт, приложения
Язык: Русский
Количество подписчиков:
21.06K
Описание канала:
The channel was created for cybersecurity specialists.
• Offensive Security
• RedTeam
• Malware Research
• BugBounty
• OSINT
• etc
Disclaimer:
t.me/hackgit/2082
Donations - Ads:
t.me/hackgit/5423
Рейтинги и Отзывы
Оценить канал hackgit и оставить отзыв — могут только зарегестрированные пользователи. Все отзывы проходят модерацию.
5 звезд
2
4 звезд
0
3 звезд
0
2 звезд
0
1 звезд
1
Последние сообщения 4
2022-08-31 13:01:23
WUD v1.2
The device has an
ESP32-S2 module that allows it to be identified as a keyboard + USB disk. It also a microSD slot that can be identified as MSC SD Card.
The new ESP32-S2 module from Espressif addresses the security flaws in the original ESP32. While the ESP32-S2 does include improved security features, it lacks the Bluetooth capabilities of the original ESP32 module. But it supports native USB.
The pre-flashed firmware is "Wireless USB disk". It use ESP32-S2 as an USB Disk with Wireless accessibility. HTTP file server be used with both upload and download capability.
Firmware:
Source code of wireless usb disk - written in Arduino
usb_msc_wireless_disk from espressif
WUD-Ducky Thanks tobozo for his great projects
Buy online:
https://ali.ski/AJoiRH
#esp32s2 #usb #ducky
380 views10:01
2022-08-31 11:11:01
CVE-2022-24637Exploit for the Unauthenticated RCE in Open Web Analytics (OWA) <1.7.4. This work is based on https://devel0pment.de/?p=2494.
https://github.com/JacobEbben/CVE-2022-24637
#cve #RCE
492 views08:11
2022-08-31 11:11:00
YongyouNC
UF NC deserialization vulnerability payload generation
https://github.com/Ghost2097221/YongyouNC-Unserialize-Tools
t.me/hackgit
467 views08:11
2022-08-31 10:10:01
SandboxBootkit
Bootkit tested on Windows Sandbox to patch ntoskrnl.exe and disable DSE/PatchGuard.
https://github.com/thesecretclub/SandboxBootkit
t.me/hackgit
471 views07:10
2022-08-31 10:10:00
Reinschauer
A PoC to remotely control Windows machines over Websockets.
Other than most HVNC implementations, reinschauer converts raw bitmaps to JPEG before sending data across the network to reduce frame size.
FPS can be set via the GUI.
Basic mouse and keyboard controls are possible.
You can use the script in the server folder to generate TLS server files or bring your own.
The server window can be resized freely, while click events should be translated to the correct pixel on the target machine.
https://github.com/ps1337/reinschauer
t.me/hackgit
467 views07:10
2022-08-30 18:18:00
Shreder
A powerful multi-threaded SSH protocol password brute-force tool.
Features:
Very fast password guessing, just one password in 0.1 second.
Optimized for big password lists, Shreder tries 1000 passwords in 1 minute and 40 seconds.
Simple CLI and API usage.
https://github.com/EntySec/Shreder
302 views15:18
2022-08-30 17:17:01
WhiskeySAML and Friends
TicketsPlease: Python library to assist with the generation of Kerberos tickets, remote retrieval of ADFS configuration settings, generation of Golden SAML tokens, and retrieval of Azure Access Tokens.
WhiskeySAML: Proof of concept tool for a Golden SAML attack with Remote ADFS Configuration Extraction. This tool leverages the TicketsPlease library.
ShockNAwe: Proof of concept tool to generate a Golden SAML token that will be used to request an Access Token from Azure Core Management which will then be used to enumerate and attack the virtual machines within the Azure subscription.
https://github.com/secureworks/whiskeysamlandfriends
t.me/hackgit
347 views14:17
2022-08-30 17:17:00
RomBuster
A router exploitation tool that allows to disclosure network router admin password.
Features:
Exploits vulnerabilities in most popular routers such as D-Link, Zyxel, TP-Link, Cisco and Huawei.
Optimized to exploit multiple routers at one time from list.
Simple CLI and API usage.
https://github.com/EntySec/RomBuster
t.me/hackgit
300 views14:17
2022-08-30 16:16:00
Knockles
eBPF Port Knocking Tool
Knockles, is a port knocking tool based on eBPF. It allows you to remotely open a TCP connection while being completely invisible to port scanners.
A single SYN request is sent on an opened || closed port.
It carries an OTP for authentication so you can be the only one to open a port.
Once authentified, a random (HMAC based) port is opened for a TCP connection.
Then, the port is closed as soon as a connection has been established.
https://github.com/eeriedusk/knockles
t.me/hackgit
319 views13:16
2022-08-30 15:15:01
mscan
A domain penetration scanning tool that facilitates one-click automated, all-inclusive information gathering and scanning for domain lifting vulnerabilities.
Supports common domain information collection, Zerologon, Nopac, Spooler, MS17010 scanning and other features.
https://github.com/lele8/mscan
330 views12:15
H
