Pinboard (asteroza)
https://pinboard.in/u:asteroza/public/
recent bookmarks from asterozaOrange-Cyberdefense/awesome-industrial-protocols: Security-oriented list of resources about industrial network protocols.2024-01-25T05:22:57+00:00
https://github.com/Orange-Cyberdefense/awesome-industrial-protocols
asterozaoperational technology network protocol reference information security hacking pentestinghttps://pinboard.in/u:asteroza/b:26324af8c4a7/floesen/EventLogCrasher2024-01-25T03:13:57+00:00
https://github.com/floesen/EventLogCrasher
asterozawindows security sysadmin tips tricks hacking pentesting PoChttps://pinboard.in/u:asteroza/b:7174d751eca1/Infecting SSH Public Keys with backdoors2023-12-21T03:54:38+00:00
https://blog.thc.org/infecting-ssh-public-keys-with-backdoors
asterozaSSH public key backdoor security hacking pentestinghttps://pinboard.in/u:asteroza/b:bf35ebb53192/GitHub - rootcathacking/catspin: Catspin rotates the IP address of HTTP requests making IP based blocks or slowdown measures ineffective. It is based on AWS API Gateway and deployed via AWS Cloudformation.2023-12-14T05:27:48+00:00
https://github.com/rootcathacking/catspin
asterozared team security hacking pentesting tools utilities AWS proxy IP address API gateway software opensourcehttps://pinboard.in/u:asteroza/b:04443dce0c28/Abusing Microsoft Access "Linked Table" Feature to Perform NTLM Forced Authentication Attacks - Check Point Research2023-12-01T06:45:47+00:00
https://research.checkpoint.com/2023/abusing-microsoft-access-linked-table-feature-to-perform-ntlm-forced-authentication-attacks/
asterozasecurity hacking pentesting NTLMhttps://pinboard.in/u:asteroza/b:5e56e7122d06/Bootloader Crimes - Disposable Windows VM Builder2023-12-01T05:49:25+00:00
https://bootloader-crimes.de/
asterozasecurity hacking pentestinghttps://pinboard.in/u:asteroza/b:52cc4601dd63/Squid Caching Proxy Security Audit: 55 vulnerabilities and 35 0days | Squid-Security-Audit2023-10-12T03:11:06+00:00
https://megamansec.github.io/Squid-Security-Audit/
asterozasquid vulnerability PoC security hacking pentestinghttps://pinboard.in/u:asteroza/b:2147a85b3d7f/New Offline Capabilities in DSInternals 4.11 | DSInternals2023-10-03T04:11:40+00:00
https://www.dsinternals.com/en/dsinternals-v4.11/
asterozaactive directory hacking security pentesting offline cracking passwordhttps://pinboard.in/u:asteroza/b:82808282501b/Process Injection using NtSetInformationProcess - RiskInsight2023-10-03T04:11:01+00:00
https://www.riskinsight-wavestone.com/en/2023/10/process-injection-using-ntsetinformationprocess/
asterozathreadless process injection security hacking pentesting windowshttps://pinboard.in/u:asteroza/b:ab4cd35ec09a/Epieos, the ultimate OSINT tool2023-09-22T06:44:41+00:00
https://epieos.com/
asterozaemail OSINT search security hacking pentestinghttps://pinboard.in/u:asteroza/b:cc547eec9aae/GitHub - 0xHossam/Killer: Is a tool created to evade AVs and EDRs or security tools.2023-09-22T06:40:10+00:00
https://github.com/0xHossam/Killer
asterozaantivirus EDR evasion security hacking pentestinghttps://pinboard.in/u:asteroza/b:401cd2883d01/GitHub - fortalice/bofhound: Generate BloodHound compatible JSON from logs written by ldapsearch BOF, pyldapsearch and Brute Ratel's LDAP Sentinel2023-09-22T06:30:47+00:00
https://github.com/fortalice/bofhound
asterozabloodhound AD security hacking pentestinghttps://pinboard.in/u:asteroza/b:376eb9f6e151/BOFHound - Granularize Your Active Directory Reconnaissance Game Part 22023-09-22T06:30:20+00:00
https://www.fortalicesolutions.com/posts/granularize-your-active-directory-reconnaissance-game-part-2
asterozabloodhound windows AD security hacking pentestinghttps://pinboard.in/u:asteroza/b:056885417f80/GitHub - deepinstinct/ContainYourself: A PoC of the ContainYourself research presented in DEFCON 31, which abuses the Windows containers framework to bypass EDRs.2023-09-21T02:45:15+00:00
https://github.com/deepinstinct/ContainYourself
asterozawindows contianer EDR bypass security hacking pentesting PoChttps://pinboard.in/u:asteroza/b:91d7f8b800fe/Bypassing UAC with SSPI Datagram Contexts2023-09-21T02:20:35+00:00
https://splintercod3.blogspot.com/p/bypassing-uac-with-sspi-datagram.html
asterozasecurity windows UAC hacking pentesting NTLM LSASShttps://pinboard.in/u:asteroza/b:da7c6c98ed1d/GitHub - malcomvetter/Periscope: Fully Integrated Adversarial Operations Toolkit (C2, stagers, agents, ephemeral infrastructure, phishing engine, and automation)2023-09-21T01:40:38+00:00
https://github.com/malcomvetter/Periscope
asterozasecurity hackinig pentestinghttps://pinboard.in/u:asteroza/b:fcaa162fa056/Annoying Apple Fans: The Flipper Zero Bluetooth Prank Revealed - Techryptic's Blog2023-09-07T23:20:11+00:00
https://techryptic.github.io/2023/09/01/Annoying-Apple-Fans/
asterozaFlipperZero DDoS attack bluetooth BLE spam securoity hacking pentestinghttps://pinboard.in/u:asteroza/b:4f619d35c231/padre - Padding Oracle Attack Tool Advanced Exploiter2023-05-30T08:41:09+00:00
https://www.darknet.org.uk/2023/05/padre-padding-oracle-attack-exploiter-tool/
asterozapadding oracle decryption CBC encryption attack security hacking pentestinghttps://pinboard.in/u:asteroza/b:afecdc173d32/GitHub - ergrelet/windiff: Web-based tool that allows browsing and comparing symbol and type information of Microsoft Windows binaries across different versions of the OS.2023-05-30T08:40:34+00:00
https://github.com/ergrelet/windiff
asterozadiff windows binary PE comparison reverse engineering hacking security pentestinghttps://pinboard.in/u:asteroza/b:114d2490dddb/WinDiff2023-05-30T08:40:25+00:00
https://windiff.vercel.app/
asterozadiff windows binary PE comparison reverse engineering hacking security pentestinghttps://pinboard.in/u:asteroza/b:fed5265d6b82/Global Socket | Connect like there is no firewall. Securely.2023-05-29T07:21:36+00:00
https://www.gsocket.io/deploy/
asterozabackdoor reverse shell security hacking pentestinghttps://pinboard.in/u:asteroza/b:569c72493223/[2305.12784] Hot Pixels: Frequency, Power, and Temperature Attacks on GPUs and ARM SoCs2023-05-29T06:20:20+00:00
https://arxiv.org/abs/2305.12784
asterozaside channel attack pixel temperature frequency power security hacking pentesting smartphonehttps://pinboard.in/u:asteroza/b:b209f99a29a9/Germán Fernández on Twitter: "😂😂😂 /latestupdate.zip https://t.co/Zh2OOYBDor" / Twitter2023-05-29T01:15:30+00:00
https://twitter.com/1ZRR4H/status/1657809133704192001
asterozahumor zip DNS TLS security hacking pentestinghttps://pinboard.in/u:asteroza/b:79db02d6c8eb/elastic/protections-artifacts: Elastic Security detection content for Endpoint2023-04-26T04:37:15+00:00
https://github.com/elastic/protections-artifacts
asterozasecurity hacking pentesting YARA rule list malware detection elasticsearchhttps://pinboard.in/u:asteroza/b:f032404f6747/corkami/collisions: Hash collisions and exploitations2023-04-25T07:08:18+00:00
https://github.com/corkami/collisions/
asterozahash collision exploitation hashquine security hacking pentesting MD2 MD4 MD5 MD6 SHA-1 SHA-2 SHA-3 SHA1 SHA2 SHA3https://pinboard.in/u:asteroza/b:961ff4cefbf2/The Bitcoin Brain Drain: Examining the Use and Abuse of Bitcoin Brain Wallets2023-04-25T05:52:27+00:00
https://www.cs.unm.edu/~vasek/papers/vasekfc16.pdf
asterozasecurity hacking pentesting common password passphrase word list wordlist attackhttps://pinboard.in/https://pinboard.in/u:asteroza/b:60ade3e86489/buzzer-re/Shinigami: A dynamic unpacking tool2023-04-25T05:47:21+00:00
https://github.com/buzzer-re/Shinigami/
asterozamalware implant reverse engineering security hacking pentesting process hollowinghttps://pinboard.in/u:asteroza/b:0e92d68da7c8/Talkback2023-04-06T08:04:20+00:00
https://talkback.sh/
asterozasecurity news aggregator hacking pentestinghttps://pinboard.in/u:asteroza/b:72506e89050d/CAN Injection: keyless car theft | Dr. Ken Tindell2023-04-06T07:28:34+00:00
https://kentindell.github.io/2023/04/03/can-injection/
asterozaCANbus injection car theft security hacking pentesting automotive technology exploithttps://pinboard.in/u:asteroza/b:f1fa7ce6771a/Home · s7ephen/seacrane Wiki · GitHub2023-04-06T07:25:56+00:00
https://github.com/s7ephen/seacrane/wiki
asterozamultiplatform windows mac OSX linux android MIPS ARM x86 lateral movement security hacking pentesting tools utilitieshttps://pinboard.in/u:asteroza/b:31c0507643f0/निर्भीक चौहान on Twitter: "If someone had told me 10 years ago that all H264 hw decoders are fundamentally broken and vulnerable, I would've said "Yes, and no one wants to find out". Well, now we've found out: https://t.co/1O2De6e62023-04-05T06:24:49+00:00
https://twitter.com/nirbheek/status/1640311607535505411
asterozah.264 decoder vulnerability exploit PoC security hacking pentesting video hardware webGLhttps://pinboard.in/u:asteroza/b:6c03ed2d4270/GitHub - vanhoefm/macstealer2023-03-31T05:39:26+00:00
https://github.com/vanhoefm/macstealer
asterozawifi low power buffer exploit security hacking pentesting PoChttps://pinboard.in/u:asteroza/b:984d4e5ba26d/Alexandre Borges on Twitter: "Unfortunately, the same fileless (and without code injection) user access control (UAC) bypass technique being used over and over again... #malware #security #reversing https://t.co/IMvcMe0a4x" / Twitter2023-03-17T04:04:58+00:00
https://twitter.com/ale_sp_brazil/status/1430394969945223169
asterozawindows security UAC bypass hacking pentestinghttps://pinboard.in/u:asteroza/b:ecc672910365/Android Security Bulletin—March 2023 | Android Open Source Project2023-03-09T07:10:16+00:00
https://source.android.com/docs/security/bulletin/2023-03-01
asterozaandroid security hacking pentestinghttps://pinboard.in/u:asteroza/b:a117f15500d5/SPTH/LLMorpher.txt at master · SPTHvx/SPTH · GitHub2023-03-07T07:29:41+00:00
https://github.com/SPTHvx/SPTH/blob/master/articles/files/LLMorpher.txt
asterozaChatGPT virus mutation security hacking pentesting variant evolutionhttps://pinboard.in/u:asteroza/b:4aaa1806b535/GitHub - realoriginal/bootlicker: A generic UEFI bootkit used to achieve initial usermode execution. It works with modifications.2023-02-28T02:38:07+00:00
https://github.com/realoriginal/bootlicker
asterozaUEFI bootkit security hacking pentesting windowshttps://pinboard.in/u:asteroza/b:808631842d32/GitHub - authomize/okta_scim_attack_tool2023-02-27T06:25:49+00:00
https://github.com/authomize/okta_scim_attack_tool
asterozaPoC okta security hacking pentestinghttps://pinboard.in/u:asteroza/b:ffa60363800b/Fantastic RPC Interfaces and How to Find Them | Akamai2023-02-27T06:25:02+00:00
https://www.akamai.com/blog/security-research/rpc-toolkit-fantastic-interfaces-how-to-find
asterozaRPC interface vulnerability windows security hacking pentesting researchhttps://pinboard.in/u:asteroza/b:d85994aee219/GitHub - LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection: This novel way of using NtQueueApcThreadEx by abusing the ApcRoutine and SystemArgument[0-3] parameters by passing a random pop r32; ret gadget can be used for stealthy code injection.2023-02-22T07:46:50+00:00
https://github.com/LloydLabs/ntqueueapcthreadex-ntdll-gadget-injection
asterozawindows security hacking pentesting process injection ROP gadget shellcodehttps://pinboard.in/u:asteroza/b:7e5bb52c8b76/Network-based Web blocking techniques (and evading them)2023-02-15T05:55:00+00:00
https://educatedguesswork.org/posts/web-filtering/
asterozanetwork block evasion security hacking pentestinghttps://pinboard.in/u:asteroza/b:f9c345b75d86/Wargames – UTW2023-02-15T05:26:49+00:00
https://underthewire.tech/wargames
asterozaonline pentesting education learning sandbox tutorial security CTF hackinghttps://pinboard.in/u:asteroza/b:fcade9f0ee67/GitHub - cyberark/PipeViewer: A tool that shows detailed information about named pipes in Windows2023-02-06T06:20:59+00:00
https://github.com/cyberark/PipeViewer
asterozawindows named pipe security hacking pentestinghttps://pinboard.in/u:asteroza/b:ca6187d1ddf6/akamai-security-research/PoCs/CVE-2022-34689 at main · akamai/akamai-security-research · GitHub2023-02-01T08:04:56+00:00
https://github.com/akamai/akamai-security-research/tree/main/PoCs/CVE-2022-34689
asterozawindows vulnerability cryptoAPI certificate index hash MD5 security hacking pentesting PoChttps://pinboard.in/u:asteroza/b:5c9d2f905aa1/Exploiting a Critical Spoofing Vulnerability in Windows CryptoAPI | Akamai2023-02-01T08:04:27+00:00
https://www.akamai.com/blog/security-research/exploiting-critical-spoofing-vulnerability-microsoft-cryptoapi
asterozawindows vulnerability cryptoAPI certificate index hash MD5 security hacking pentesting PoChttps://pinboard.in/u:asteroza/b:57df69146097/GitHub - 0xdea/tactical-exploitation: Modern tactical exploitation toolkit.2023-02-01T08:02:17+00:00
https://github.com/0xdea/tactical-exploitation
asterozasecurity hacking pentesting toollesshttps://pinboard.in/u:asteroza/b:ce8aa2cef0d8/GitHub - 0xdea/exploits: A handy collection of my public exploits, all in one place.2023-01-31T02:10:41+00:00
https://github.com/0xdea/exploits
asterozaexploit security hacking pentestinghttps://pinboard.in/u:asteroza/b:519397b35b08/Hiding In PlainSight - Indirect Syscall is Dead! Long Live Custom Call Stacks2023-01-31T02:05:36+00:00
https://0xdarkvortex.dev/hiding-in-plainsight/
asterozaEDR evasion call stack trace obfuscation security hacking pentestinghttps://pinboard.in/u:asteroza/b:8cd815004f88/GitHub - An00bRektn/gopher47: A third-party Gopher Assassin for the Havoc Framework.2023-01-25T07:40:35+00:00
https://github.com/An00bRektn/gopher47
asterozasecurity hacking pentesting C2https://pinboard.in/u:asteroza/b:4e8a6bf2dfc6/GitHub - fox-it/dissect: This project is a meta package, it will install all other Dissect modules with the right combination of versions.2023-01-19T07:40:57+00:00
https://github.com/fox-it/dissect
asterozaDFIR incident response python framework forensic artifact opensource security hacking pentestinghttps://pinboard.in/u:asteroza/b:89c65b044f57/Dissect Overview - Fox IT2023-01-19T07:39:31+00:00
https://www.fox-it.com/nl-en/dissect/
asterozaDFIR incident response python framework forensic artifact opensource security hacking pentestinghttps://pinboard.in/u:asteroza/b:284c5e5ef4eb/Known Exploited Vulnerabilities Catalog | CISA2023-01-16T04:15:26+00:00
https://www.cisa.gov/known-exploited-vulnerabilities-catalog
asterozavulnerability exploit reference information search security hacking pentestinghttps://pinboard.in/u:asteroza/b:dedb2583f016/GitHub - xaitax/cisa-catalog-known-vulnerabilities2023-01-16T04:14:52+00:00
https://github.com/xaitax/cisa-catalog-known-vulnerabilities
asterozavulnerability exploit reference information search security hacking pentestinghttps://pinboard.in/u:asteroza/b:612544078ebf/GitHub - SpiderLabs/scavenger: scavenger : is a multi-threaded post-exploitation scanning tool for scavenging systems, finding most frequently used files and folders as well as "interesting" files containing sensitive information.2023-01-16T04:10:17+00:00
https://github.com/SpiderLabs/scavenger
asterozasecurity hacking pentesting shared network folder drive scanning search password redteamhttps://pinboard.in/u:asteroza/b:271180f899d2/CVE-2022-41099 - Security Update Guide - Microsoft - BitLocker Security Feature Bypass Vulnerability2023-01-11T21:47:17+00:00
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-41099
asterozasysadmin tips tricks windows security vulnerability WinRE microsoft hacking pentestinghttps://pinboard.in/u:asteroza/b:84a2c77f9ca1/GlobalSecurityDatabase2022-12-26T01:00:53+00:00
https://globalsecuritydatabase.org/
asterozavulnerability ID database security hacking pentestinghttps://pinboard.in/u:asteroza/b:9a5dce622271/Autodial(DLL)ing Your Way - MDSec2022-12-26T00:00:37+00:00
https://www.mdsec.co.uk/2022/10/autodialdlling-your-way/
asterozapersistance lateral movement autodial DLL registry windows security hacking pentestinghttps://pinboard.in/u:asteroza/b:d3097b3908e0/binderlabs/DirCreate2System: Weaponizing to get NT SYSTEM for Privileged Directory Creation Bugs with Windows Error Reporting2022-12-16T02:03:46+00:00
https://github.com/binderlabs/DirCreate2System
asterozawindows security LPE vulnerability PoC hacking pentestinghttps://pinboard.in/u:asteroza/b:37d2eff86098/Hooking System Calls in Windows 11 22H2 like Avast Antivirus. Research, analysis and bypass | the-deniss.github.io2022-12-08T23:27:05+00:00
https://the-deniss.github.io/posts/2022/12/08/hooking-system-calls-in-windows-11-22h2-like-avast-antivirus.html
asterozawindows 11 system kernel call intercept hook vulnerability security hacking pentestinghttps://pinboard.in/u:asteroza/b:16961957d61d/Pre-Auth RCE with CodeQL in Under 20 Minutes | Frycos Security Diary2022-12-05T02:57:04+00:00
https://frycos.github.io/vulns4free/2022/12/02/rce-in-20-minutes.html
asterozaPostgreSQL pgAdmin CodeQL vulnerability security hacking pentestinghttps://pinboard.in/u:asteroza/b:92c43efb1e6a/klezVirus/SilentMoonwalk: PoC Implementation of a TRUE call stack spoofer2022-12-05T01:41:47+00:00
https://github.com/klezVirus/SilentMoonwalk
asterozaPoC call stack spoof hacking securitty pentestinghttps://pinboard.in/u:asteroza/b:13049cd9e0ce/lordx64 on Twitter: "You can generate post exploitation payloads using openAI and you can be specific on how/what the payload should do. This is the CyberWar I signed for https://t.co/UIkYloCKgN" / Twitter2022-12-02T05:32:28+00:00
https://twitter.com/lordx64/status/1598023663328014336
asterozaGPT-3 nocode security hacking pentestinghttps://pinboard.in/u:asteroza/b:55faf1ac9089/Tool Release – Web3 Decoder Burp Suite Extension – NCC Group Research2022-11-11T08:14:31+00:00
https://research.nccgroup.com/2022/11/10/tool-release-web3-decoder-burp-suite-extension/
asterozaBurpSuite Web3 decoder plugin security hacking pentestinghttps://pinboard.in/u:asteroza/b:32f798381a68/How to Solve the Blindspots of Event-Driven Detection – Comae - The Future Of Cybersecurity2022-11-07T23:32:52+00:00
https://www.comae.com/posts/how-to-solve-the-blindspots-of-event-driven-detection/
asterozaEDR bypass security research hacking pentestinghttps://pinboard.in/u:asteroza/b:4c73dce6eb9d/GitHub - p0dalirius/Coercer: A python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 9 methods.2022-11-07T01:05:48+00:00
https://github.com/p0dalirius/Coercer
asterozawindows security hacking pentesting NTLM coercion authenticationhttps://pinboard.in/u:asteroza/b:a61d9b5eb467/Justin Elze on Twitter: "Everyone uses the same recon playbook https://t.co/6XdeuBc80W https://t.co/KROx3P33Jj" / Twitter2022-11-04T12:02:10+00:00
https://twitter.com/HackingLZ/status/1588164931366559744
asterozahumor malware recon playbook security hacking pentesting IoChttps://pinboard.in/u:asteroza/b:f6bff1bff018/GitHub - mahaloz/decomp2dbg: A plugin to introduce interactive symbols into your debugger from your decompiler2022-11-04T02:14:48+00:00
https://github.com/mahaloz/decomp2dbg
asterozadebugging symbol decompiler programming development reverse engineering security hacking pentestinghttps://pinboard.in/u:asteroza/b:e091e1b9c215/GitHub - ustayready/wnfexec: WNF Code Execution Library Using C#2022-11-02T00:20:56+00:00
https://github.com/ustayready/wnfexec
asterozaWNF subscription callback overwrite EDR bypass security hacking pentestinghttps://pinboard.in/u:asteroza/b:565568e6ae61/GitHub - numencyber/VulnerabilityPoC2022-10-31T02:59:33+00:00
https://github.com/numencyber/VulnerabilityPoC
asterozawindows vulnerability PoC security hacking pentestinghttps://pinboard.in/u:asteroza/b:81be5852e904/Stranger Strings: An exploitable flaw in SQLite | Trail of Bits Blog2022-10-27T10:08:56+00:00
https://blog.trailofbits.com/2022/10/25/sqlite-vulnerability-july-2022-library-api/
asterozaSQLite vulnerability security hacking pentestinghttps://pinboard.in/u:asteroza/b:e5057bd4eff0/[2210.03688] A Wolf in Sheep's Clothing: Spreading Deadly Pathogens Under the Disguise of Popular Music2022-10-27T02:09:14+00:00
https://arxiv.org/abs/2210.03688
asterozabiolab negative air pressure room sensor attack biosafety security hacking pentesting sound audio music resonant frequency cyberterrorism bioterrorismhttps://pinboard.in/u:asteroza/b:e429e31f0e8f/