Sign in to follow this
Followers
0
-
Similar Content
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. KratosKnife is a Advanced BOTNET Written in python 3 for Windows OS. Comes With Lot of Advanced Features such as Persistence & VM Detection Methods, Built-in Binder, etc
Generator Features
Encrypt Source Code Using AES 256 Bit Encryption
Encrypt Source Code Using Base64 Encryption
Packing Evil Exe Using UPX Packer
Interactive Mode [Generator Ask Required Parameter]
Debug Mode [Can Be Used In Debugging Payload]
Persistence Payload
3 Powerfull Methods to Detect/Bypass VM (such as VirtualBox, VMware, Sandboxie)
Built-in File Binder
Useful Icons Inside icon Folder
Virtual Machine Bypass Methods Includes
Registry Check
Processes and Files Check
MAC Adderess Check
Disclaimer
💻 This project was created only for good purposes and personal use.
THIS SOFTWARE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. YOU MAY USE THIS SOFTWARE AT YOUR OWN RISK. THE USE IS COMPLETE RESPONSIBILITY OF THE END-USER. THE DEVELOPERS ASSUME NO LIABILITY AND ARE NOT RESPONSIBLE FOR ANY MISUSE OR DAMAGE CAUSED BY THIS PROGRAM.
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content. Jquery Keywords Generator, Keywords Finder. 100% clients script to retreive a list of a long tail keywords
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. Combo List Generator for Android Devices (Termux)
v4.0 Release Notes
Google Scraping Fixed.
Added Login & Authentication System.
Major Bug Fixes.
Stability & Performance Improvements.
Combo List Generator v4.0 (Updated on 03/01/2021 02:15 IST)
Hidden Content
Give reaction to this post to see the hidden content. -
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. What you'll learn
How to use multiple methods to escalate privleges on modern versions of Windows 10
How to escalate privleges in CTFs such as HackTheBox, TryHackMe and more
How to succeed in CTF style exams such as the OSCP, eCPPT and CEH
How to level up your ethical hacking, penetration testing and red teaming skills to earn more money in your career
Requirements
A HackTheBox VIP Subscription is Required
Basic knowledge of virtual machines
Description
New Launch for Spring 2021!
This is a 100% hands on course as you will be using the same tradecraft and techniques Red Teamer's and advanced adversaries use to escalate privileges on Windows endpoints after they have gained initial access and established a foothold. This course is not "death by PowerPoint", in fact there is not a single Powerpoint slide in the course. This course is aimed for intermediate to advanced users who are hungry to know how to discover and exploit novel escalation paths on patched fully patched Windows 10 endpoints. Everything is carefully, explained - step-by-step.
Additionally, although Metasploit is used in some attacks, we will be using less Metasploit and more manual walk-throughs because I wanted to take the time to carefully explain WHY each method works and detail how common misconfigurations happen in enterprise environments.
Where Metasploit is used, everything is carefully explained and deconstructed so you can understand why and how it works. Exploits start easy and escalate in difficulty as you progress through the course.
The Techniques
You will quickly learn and execute the following escalation of privilege techniques across 5 vulnerable machines
Windows Kernel Exploits
Weak Registry Permissions
Token Manipulation
CVE Exploits
DPAPI Abuse (Three New Lectures Just Added January 2021!)
The Tools
You will use msfvenom, BC Security PowerShell Empire, CrackMapExec, netcat, smbserver, wfuzz, gobuster, dirsearch, sqlmap, Mimikatz, Burp Suite (advanced features), Python 3, Powershell 7 on Linux and more. You will learn IIS 10 Server Administration, how to threat hunt for SQLi attacks in web logs and much much more.
My dream for you
By the end of this course you should be able to use these techniques in:
Your day to day work
OSCP preparation
CTF hacking
About the lab
There are 10 vulnerable machines.
No lab setup is required as the entire environment is already established in HackTheBox VIP labs
I wanted to make this course as realistic as possible while removing as many barriers to entry as possible so I've partnered with HackTheBox VIP labs to make it as easy as possible to get started.
Yes, HackTheBox is an additional charge but it offers hundreds of pre-configured vulnerable machines in a lab which is accessible via a VPN connection. This means you can get started right away and don't have to waste time fumbling with VirtualBox and VMWare settings on your local system. Most of the systems are also licensed which provides the best environment for realistic exploitation.
Tip:
I made these videos so all commands are zoomed in close so you can watch on a mobile phone if desired. I hate watching videos on my smartphone and squinting at the command prompt or terminal. Never again will that happen.
Who this course is for:
Students interested in how attackers escalate privileges on modern Windows endpoints
Beginning and Intermediate cyber security students.
Students looking for OCSP practice
Hidden Content
Give reaction to this post to see the hidden content.
Hidden Content
Give reaction to this post to see the hidden content.
-
By itsMe
Hidden Content
Give reaction to this post to see the hidden content. EXCELntDonut
EXCELntDonut is an XLM (Excel 4.0) macro generator. Start with C# source code (EXE) and end with an XLM (Excel 4.0) macro that will execute your code in memory. XLM (Excel 4.0) macros can be saved in .XLS files.
How it works
You provide a C# file containing your payload (like an EXE with the main method that executes a cobalt strike beacon payload). That C# file is compiled using MCS into two .NET assemblies: x86 and x64. After compilation, the awesome tools Donut (for x86) and CLRvoyance (for x64) convert each assembly into position independent shellcode. Next, all null bytes are removed, since XLM (Excel 4.0) macros don’t play nicely with null bytes and the payload is chunked into lines with no more than 255 characters (for x86) or 10 characters (for x64).
Once the shellcode is prepared, it’s combined with basic process injection functions (VirtualAlloc, WriteProcessMemory, and CreateThread) as well as an architecture check function to determine which payload (x86 or x64) to run on the target system. If you elect to execute sandbox checks or basic obfuscation, then those functions will update your macro. Finally, the output is placed in a CSV file (saved as .txt).
Hidden Content
Give reaction to this post to see the hidden content.
-