Autoenum – Automatic Service Enumeration Script

Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during CTFs and pen testing environments (i.e. HTB, VulnHub, OSCP) and draws a bit from a number of existing tools including AutoRecon (https://github.com/Tib3rius/AutoRecon), Auto-Recon (https://github.com/Knowledge-Wisdom-Understanding/Auto-Recon), and nmapautomator (https://github.com/21y4d/nmapAutomator). Could also be used in a real-life pentestingRead More

Faxhell – A Bind Shell Using The Fax Service And A DLL Hijack

A Proof-of-Concept bind shell using the Fax service and a DLL hijack based on Ualapi.dll.See our writeup at: https://windows-internals.com/faxing-your-way-to-system/How to use Build Ualapi.dll and place in c:windowssystem32 Start the Fax service, which will load the DLL and call the export UalStart. UalStart will queue a thread pool work item that will open a handle toRead More

How AI and Voice Technology is Similar to a Service Dog

Can a more complex comparison be made? AI and voice assistance are similar to a seeing-eye dog. Throwing the duties of a service dog into the same court as technology is outlandish as things get, even in the middle of an ever-shifting pandemic. But with retail software development services working toward a new shopping experience,Read More

UsoDllLoader – Windows – Weaponizing Privileged File Writes With The Update Session Orchestrator Service

2020-06-06 Update: this trick no longer works on the latest builds of Windows 10 Insider Preview. This means that, although it still works on the mainstream version of Windows 10, you should expect it to be patched in the coming months. DescriptionThis PoC shows a technique that can be used to weaponize privileged file writeRead More

Vault – A Tool For Secrets Management, Encryption As A Service, And Privileged Access Management

Please note: We take Vault’s security and our users’ trust very seriously. If you believe you have found a security issue in Vault, please responsibly disclose by contacting us at security@hashicorp.com. Website: https://www.vaultproject.io IRC: #vault-tool on Freenode Announcement list: Google Groups Discussion list: Google Groups Documentation: https://www.vaultproject.io/docs/ Tutorials: HashiCorp’s Learn Platform Certification Exam: Vault AssociateRead More

Pwndrop – Self-Deployable File Hosting Service For Red Teamers, Allowing To Easily Upload And Share Payloads Over HTTP And WebDAV

pwndrop is a self-deployable file hosting service for sending out red teaming payloads or securely sharing your private files over HTTP and WebDAV.If you’ve ever needed to quickly set up an nginx/apache web server to host your files and you were never happy with the limitations of python -m SimpleHTTPServer, pwndrop is definitely for you!Read More

X