MalewareBytes Support tool – SAM hash dump?

Malwarebytes provides a support tool that automatically repairs and fixes software issues and broken configurations, that’s actually common for anti-malware software to assist their customers to do that. after navigation into HelpCenter inside the Malwarebytes interface, you need to download the software package which will do self-extraction and requires elevated permission to continue running. since … Read more

Follina – CVE-2022-30190 RTF

Intro a recent code execution vulnerability targeting office365 using unpatched vulnerability which allows client-side command execution via ms-msdt protocol. the first appearance of wild exploitation comes from the submitted sample over Virus- total. according to Microsoft security response center announcement, An attacker who successfully exploits this vulnerability can run arbitrary code with the privileges of … Read more

Mortar Loader v2 Words to say I released the Mortar loader a couple of months ago, and it was good results in defeating and diverting advanced AV(anti-virus) solutions. However, even after many vendors pushed some updates to detect the loader, it was easy to compile an undetectable version by changing some code lines.,And here I am pointing … Read more

Porting Backdoors – Windows rootkits via RESTful API Service

Research Agenda Part1 – porting the backdoor for windows (READY) Part2 – porting the backdoor for Linux/Unix (IN PROGRESS) Part3 – hiding the process (IN PROGRESS) Part4 – provision of techniques (IN PROGRESS) RootKits Definitions According to Greg Hoglund, a rootkit is “a set of programs and code that allows a permanent or consistent, undetectable presence on a … Read more

Active Directory (Attack & Defense )

understand the specific tactics, techniques, and procedures (TTP) attackers are leveraging to compromise the active directory, this document is being updated regularly grabbed from different sources Table of Contents Discovery Privilege Escalation Defense Evasion Credential Dumping Lateral Movement Persistence Defense & Detection Discovery SPN Scanning SPN Scanning – Service Discovery without Network Port Scanning Active … Read more

0xsp-mongoose RED

Intro 0xsp mongoose red is a unique framework for cybersecurity simulation and red teaming operations, windows auditing for newer vulnerabilities, misconfiguration, and privilege escalations attacks. 0xsp mongoose red version is provided to assist your needs during cybersecurity simulation, by using this version you will be able to audit a targeted windows operation system for system … Read more

bypass restricted command prompt for none-privileged users

intro The Windows Command Prompt (sometimes called the DOS prompt) is a tool that allows administrators to invoke system-wide commands to make administration easier and more efficient. The average user has little use for this tool. many administration prevents users to have a command prompt enabled for their access, as too is considered good practice … Read more

Web attacks payloads collections

a collection of commonly used payloads needed for web application testing (fuzzing), the payloads have been collected from different resources and will be updated frequently. if you wanna contribute by sharing your own payloads don’t hesitate to join our channel on telegram intruder payloads XSS payloads XXE Payloads Command injection payloads windows … Read more