ByeIntegrity-UAC – Bypass UAC By Hijacking A DLL Located In The Native Image Cache

Bypass User Account Control (UAC) to gain elevated (Administrator) privileges to run any program at a high integrity level.  Requirements Administrator account UAC notification level set to default or lower How it works ByeIntegrity hijacks a DLL located in the Native Image Cache (NIC). The NIC is used by the .NET Framework to store optimizedRead More

Terrascan – Detect Compliance And Security Violations Across Infrastructure As Code To Mitigate Risk Before Provisioning Cloud Native Infrastructure

Detect compliance and security violations across Infrastructure as Code to mitigate risk before provisioning cloud native infrastructure. GitHub Repo: https://github.com/accurics/terrascan Documentation: https://docs.accurics.com Discuss: https://community.accurics.com Features 500+ Policies for security best practices Scanning of Terraform 12+ (HCL2) Scanning of Kubernetes (JSON/YAML), Helm v3, and Kustomize v3 Support for AWS, Azure, GCP, Kubernetes and GitHub Installing Terrascan’sRead More

paradoxiaRAT – Native Windows Remote Access Tool

Paradoxia Remote Access Tool.  Features Paradoxia Console Feature Description Easy to use Paradoxia is extremely easy to use, So far the easiest rat! Root Shell – Automatic Client build Build Paradoxia Client easily with or without the icon of your choice. Multithreaded Multithreaded Console server, You can get multiple sessions. Toast Notifications Desktop notification onRead More

IIS-Raid – A Native Backdoor Module For Microsoft IIS (Internet Information Services)

IS Raid is a native IIS module that abuses the extendibility of IIS to backdoor the web server and carry out custom actions defined by an attacker. DocumentationWhen installed, IIS-Raid will process every request and method, check if the X-Password header exists and compare it against the hardcoded value. In case the value specified byRead More

MemoryMapper – Lightweight Library Which Allows The Ability To Map Both Native And Managed Assemblies Into Memory

Memory Mapper is a lightweight library which allows the ability to map both native and managed assemblies into memory by either using process injection of a process specified by the user or self-injection; the technique of injecting an assembly into the currently running process attempting to do the injection. The library comes with tools notRead More

Lunar – A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory

A lightweight native DLL mapping library that supports mapping directly from memory Features Imports and delay imports are resolved Relocations are performed Image sections are mapped with the correct page protection Exception handlers are initialised A security cookie is generated and initialised DLL entry point and TLS callbacks are called Getting startedThe example below demonstratesRead More

X