Search the Community

[Hidden Content]

[Hidden Content]

The Pycript extension for Burp Suite is a valuable tool for penetration testing and security professionals. It enables easy encryption and decryption of requests during testing, which can help evade detection and bypass security measures. The extension also offers the ability to customize the encryption and decryption process by writing custom logic using JavaScript and Node.js, making it a highly adaptable tool for various needs. Additionally, it supports both manual and automated testing, as well as custom encryption/decryption plugins, making it a versatile solution for different penetration testing scenarios. Features Encrypt & Decrypt the Selected Strings from Request Response View and Modify the encrypted request in plain text Decrypt Multiple Requests Perform Burp Scanner, Sql Map, Intruder Bruteforce, or any Automation in Plain Text Auto Encrpyt the request on the fly Complete freedom for encryption and decryption logic Ability to handle encryption and decryption even with Key and IV in Request Header or Body [Hidden Content]

Freeze is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze utilizes multiple techniques to not only remove Userland EDR hooks but to also execute shellcode in such a way that it circumvents other endpoint monitoring controls. Creating A Suspended Process When a process is created, Ntdll.dll is the first DLL that is loaded. This happens before any EDR DLLs are loaded. This means that there is a bit of a delay before an EDR can be loaded and start hooking and modifying the assembly of system DLLs. In looking at Windows syscalls in Ntdll.dll, we can see that nothing is hooked yet. If we create a process in a suspended state (one that is frozen in time), we can see that no other DLLs are loaded, except for Ntdll.dll. You can also see that no EDR DLLs are loaded, meaning that the syscalls located in Ntdll.dll are unmodified. [hide][Hidden Content]]

Go script for bypassing 403 forbidden Update V1.1.1 Changing some color [hide][Hidden Content]]

The phases of the development that will be described in detail are: set up the development environment with Mingw-w64 and LLVM shellcode injection with syscall inlining via NTDLL in-memory scraping (x86-64 only) user-land hooks removal from in-memory NTDLL to retrieve correct syscall numbers upgrade the shellcode injector to a full PE packer with Donut ensure the produced shellcode is always different at each build with sgn ensure the compiled loader is always different at each build with LLVM obfuscation implement some simple anti-debug tricks for the initial loader For the details of the techniques, please read the blog. [hide][Hidden Content]]

Tutorial regarding ways of bypassing Cloudflare security [HIDE][Hidden Content]]