WebTg - Web Telegram

#ID: news4hack

Channel for IT security professionals

View In Telegram

#news4hack-2366
                    Tool to scan for #RouterOS (#Mikrotik) forensic artifacts and vulnerabilities.

https://github.com/microsoft/routeros-scanner
                
#news4hack-2365
                    Windows Red Team Exploitation Techniques
https://hackersploit.org/windows-red-team-exploitation-techniques
                
#news4hack-2362
                    Group3r - tool for rapidly enumerate relevant settings in AD Group Policy, and to identify exploitable misconfigurations in same
https://github.com/Group3r/Group3r
                
#news4hack-2361
                    Top 10 CI/CD Security Risks
https://github.com/cider-security-research/top-10-cicd-security-risks
                
#news4hack-2360
                    Infinite loop in BN_mod_sqrt() reachable when parsing certificates (CVE-2022-0778)
https://www.openssl.org/news/secadv/20220315.txt
                
#news4hack-2359
                    Exploit Development:
Browser Exploitation on Windows - CVE-2019-0567,
A MS Edge Type Confusion Vulnerability
Part 1:
https://connormcgarr.github.io/type-confusion-part-1
Part 2:
https://connormcgarr.github.io/type-confusion-part-2
                
#news4hack-2358
                    CVE-2022-25636:
net/netfilter/nf_dup_netdev.c in the Linux kernel <5.6.10 allows local users to gain privileges because of a heap out-of-bounds write
https://github.com/Bonfee/CVE-2022-25636
                
#news4hack-2357
                    Runtime Mobile Security (RMS) - How to Instrument Android Java Classes and Methods at Runtime
https://securitycafe.ro/2022/03/07/runtime-mobile-security-rms-how-to-instrument-android-java-classes-and-methods-at-runtime
                
#news4hack-2356
                    Repo for archiving research and investigation related to the recent Trickbot leaks.
https://github.com/Cybernite-Technologies/trickbot-leak
                
#news4hack-2355
                    A root exploit for CVE-2022-0847 (Dirty Pipe)
https://github.com/Arinerron/CVE-2022-0847-DirtyPipe-Exploit
                
#news4hack-2354
                    Fuzzing Network Applications with AFL and libdesock
https://lolcads.github.io/posts/2022/02/libdesock
A de-socketing library for fuzzing:
https://github.com/fkie-cad/libdesock
                
#news4hack-2353
                    Crack any MS Windows users password without any privilege (Guest account included)
https://github.com/DarkCoderSc/win-brute-logon
                
#news4hack-2352
                    PELoader with various shellcode injection techniques
https://github.com/Hagrid29/PELoader
                
#news4hack-2351
                    Qbot and Zerologon Lead To Full Domain Compromise
https://thedfirreport.com/2022/02/21/qbot-and-zerologon-lead-to-full-domain-compromise
                
#news4hack-2350
                    Steal Credentials & Bypass 2FA Using noVNC
https://mrd0x.com/bypass-2fa-using-novnc
                
#news4hack-2349
                    Killer video on setting up BeEF with linode cloud instance
https://youtu.be/3ogyS4KOlXc