IT Security News Bulletin #104

Latest Infosec News and Articles Clone a voice in 5 seconds to generate arbitrary speech in real-time https://github.com/CorentinJ/Real-Time-Voice-Cloning letme.go – A minimalistic Meterpreter stager written in Go https://security.humanativaspa.it/letme-go-a-minimalistic-meterpreter-stager-written-in-go/ Exploitation of CVE--2021-21220 from

IT Security News Bulletin #106

IT Security News Bulletin #106

Latest Infosec News and Articles A cheat sheet that contains advanced queries for SQL Injection of all types. https://github.com/kleiton0x00/Advanced-SQL-Injection-Cheatsheet ipsourcebypass: bypass IP source restrictions using HTTP headers https://securityonline.info/ipsourcebypass-bypass-ip-source-restrictions-using-http-headers/ Reverse Engineering Resources About

IT Security News Bulletin #105

IT Security News Bulletin #105

Latest Infosec News and Articles proxylogon, proxyshell, proxyoracle and proxytoken full chain exploit tool  https://github.com/FDlucifer/Proxy-Attackchain A Log4j PoC written in PowerShell https://github.com/aalex954/Log4PowerShell How to exploit Log4j vulnerabilities in VMWare vCenter  https://www.sprocketsecurity.com/blog/how-to-exploit-log4j-vulnerabilities-in-vmware-vcenter Detecting Log4j

IT Security News Bulletin #103

IT Security News Bulletin #103

Latest Infosec News and Articles Researcher publishes PoC for Active Directory Domain Services Elevation of Privilege Vulnerability (CVE-2021-42287, CVE-2021-42278) https://securityonline.info/researcher-publishes-poc-for-active-directory-domain-services-elevation-of-privilege-vulnerability-cve-2021-42287-cve-2021-42278/ How i was able to bypass Cloudflare WAF for SQLi payload 

IT Security News Bulletin #102

IT Security News Bulletin #102

Latest Infosec News and Articles Best of Red Team Cheatsheet https://github.com/imran-parray/Mind-Maps/tree/master/Red%20Teaming%20Mind%20Map%20from%20The%20Hacker%20Playbook%203 BLint: check the security properties, and capabilities in your executables https://securityonline.info/blint-check-the-security-properties-and-capabilities-in-your-executables/ This cheasheet is aimed at the CTF Players and Beginners

IT Security News Bulletin #101

IT Security News Bulletin #101

Latest Infosec News and Articles The Shadow Attack Framework https://gitlab.com/JoelGMSec/AutoRDPwn The Invisible JavaScript Backdoor https://certitude.consulting/blog/en/invisible-backdoor/ Python3 o365 User Enumeration Tool  https://github.com/dievus/Oh365UserFinder Execute ELF files without dropping them on disk https://github.com/nnsee/fileless-elf-exec dep-scan: Fully open-source security

IT Security News Bulletin #100

IT Security News Bulletin #100

Latest Infosec News and Articles DNS Over HTTPS for Cobalt Strike https://www.blackhillsinfosec.com/dns-over-https-for-cobalt-strike/ SillyRAT - A Cross Platform Multifunctional (Windows/Linux/Mac) RAT https://www.kitploit.com/2021/11/sillyrat-cross-platform-multifunctional.html Exploiting OAuth: Journey to Account Takeover  https://blog.dixitaditya.com/2021/11/19/account-takeover-chain.html 4-ZERO-3: Tool to bypass 403/401

IT Security News Bulletin #99

IT Security News Bulletin #99

Latest Infosec News and Articles [PowerShell Commands] https://themayor.notion.site/53512dc072c241589fc45c577ccea2ee?v=7b908e7e76a9416f98f40d9d3843d3cb CVE-2021-34866 Writeup https://blog.hexrabbit.io/2021/11/03/CVE-2021-34866-writeup/ Skrull: run malware on the victim using the Process Ghosting technique https://securityonline.info/skrull-run-malware-on-the-victim-using-the-process-ghosting-technique/ toutatis: extract information from instagrams accounts such as e-mails, phone

IT Security News Bulletin #98

IT Security News Bulletin #98

Latest Infosec News and Articles Apache HTTP Server 2.4.50 Remote Code Execution https://cxsecurity.com/issue/WLB-2021100131 RedTeam Toolkit: the useful offensive tools https://securityonline.info/redteam-toolkit-the-useful-offensive-tools/ This is how I bypassed almost every EDR! https://medium.com/@omribaso/this-is-how-i-bypassed-almost-every-edr-6e9792cf6c44 DLLHijackingScanner: bypassing UAC using

>