SpoofThatMail - Bash Script To Check If A Domain Or List Of Domains Can Be Spoofed Based In DMARC Records  https://www.kitploit.com/2022/01/spoofthatmail-bash-script-to-check-if.html  Exploit Kits vs. Google Chrome  https://decoded.avast.io/janvojtesek/exploit-kits-vs-google-chrome/ Espoofer - An Email Spoofing

Latest Infosec News and Articles A cheat sheet that contains advanced queries for SQL Injection of all types. https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet ipsourcebypass: bypass IP source restrictions using HTTP headers https://securityonline.info/ipsourcebypass-bypass-ip-source-restrictions-using-http-headers/ Reverse Engineering Resources About

Latest Infosec News and Articles proxylogon, proxyshell, proxyoracle and proxytoken full chain exploit tool  https://github.com/FDlucifer/Proxy-Attackchain A Log4j PoC written in PowerShell https://github.com/aalex954/Log4PowerShell How to exploit Log4j vulnerabilities in VMWare vCenter  https://www.sprocketsecurity.com/blog/how-to-exploit-log4j-vulnerabilities-in-vmware-vcenter Detecting Log4j

Latest Infosec News and Articles Researcher publishes PoC for Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2021-42287, CVE-2021-42278) https://securityonline.info/researcher-publishes-poc-for-active-directory-domain-services-elevation-of-privilege-vulnerability-cve-2021-42287-cve-2021-42278/ How i was able to bypass Cloudflare WAF for SQLi payload 

Latest Infosec News and Articles Best of Red Team Cheatsheet https://github.com/imran-parray/Mind-Maps/tree/master/Red%20Teaming%20Mind%20Map%20from%20The%20Hacker%20Playbook%203 BLint: check the security properties, and capabilities in your executables https://securityonline.info/blint-check-the-security-properties-and-capabilities-in-your-executables/ This cheasheet is aimed at the CTF Players and Beginners

Latest Infosec News and Articles The Shadow Attack Framework https://gitlab.com/JoelGMSec/AutoRDPwn The Invisible JavaScript Backdoor https://certitude.consulting/blog/en/invisible-backdoor/ Python3 o365 User Enumeration Tool  https://github.com/dievus/Oh365UserFinder Execute ELF files without dropping them on disk https://github.com/nnsee/fileless-elf-exec dep-scan: Fully open-source security

Latest Infosec News and Articles DNS Over HTTPS for Cobalt Strike https://www.blackhillsinfosec.com/dns-over-https-for-cobalt-strike/ SillyRAT - A Cross Platform Multifunctional (Windows/Linux/Mac) RAT https://www.kitploit.com/2021/11/sillyrat-cross-platform-multifunctional.html Exploiting OAuth: Journey to Account Takeover  https://blog.dixitaditya.com/2021/11/19/account-takeover-chain.html 4-ZERO-3: Tool to bypass 403/401

Latest Infosec News and Articles [PowerShell Commands] https://themayor.notion.site/53512dc072c241589fc45c577ccea2ee?v=7b908e7e76a9416f98f40d9d3843d3cb CVE-2021-34866 Writeup https://blog.hexrabbit.io/2021/11/03/CVE-2021-34866-writeup/ Skrull: run malware on the victim using the Process Ghosting technique https://securityonline.info/skrull-run-malware-on-the-victim-using-the-process-ghosting-technique/ toutatis: extract information from instagrams accounts such as e-mails, phone

Latest Infosec News and Articles Apache HTTP Server 2.4.50 Remote Code Execution https://cxsecurity.com/issue/WLB-2021100131 RedTeam Toolkit: the useful offensive tools https://securityonline.info/redteam-toolkit-the-useful-offensive-tools/ This is how I bypassed almost every EDR! https://medium.com/@omribaso/this-is-how-i-bypassed-almost-every-edr-6e9792cf6c44 DLLHijackingScanner: bypassing UAC using