All posts in Uncategorized

Stealing the Bitlocker key from a TPM. https://astralvx.com/stealing-the-bitlocker-key-from-a-tpm/ https://t.me/cKure/13409

■■■■□ Mobile pentesting basics. https://pentestguy.com/ssl-pinning-bypass-using-frida-and-objection/ https://t.me/cKure/13408

■■■■□ Data-Leak: A Threat Actor referring to himself as Ignacio, also humorously calling himself “the McFlurry Bandit”, compromised McDonalds git repo. It contains a large quantity of source code. https://t.me/cKure/13405

■■■■□ Data-Leak from Israel as pro Palestine hacker groups target identities of Jewish (alleged Zionists). Doxxing of multiple individuals happening on telegram and deep web by the groups. https://t.me/cKure/13404

■■■■■ [Tool] SSH-Snake: A self-propagating, self-replicating, file-less script that automates the post-exploitation task of SSH private key and host discovery. https://github.com/MegaManSec/SSH-Snake https://t.me/cKure/13402

■■□□□ Zero-Day: Interesting thread on email leak in Edge browser (corner case). https://twitter.com/shhnjk/status/1743341965947932913 https://t.me/cKure/13401

■■■■■ AD-AssesmentKit: Contains a collection of Bash scripts designed for comprehensive security audits and network mapping of #ActiveDirectory (AD) environments. The scripts automate various tasks including LDAP querying, Kerberos ticket analysis, SMB enumeration, and exploitation of known vulnerabilities like Zerologon and PetitPotam. https://github.com/emrekybs/AD-AssessmentKit https://t.me/cKure/13400

■■□□□ Moonwalk-back: Cover your tracks during Linux Exploitation. https://github.com/Aditya-dom/moonwalk-back https://t.me/cKure/13399

WMIProcessWatcher: A CIA tradecraft technique to asynchronously detect when a process is created using WMI. https://github.com/hackerhouse-opensource/WMIProcessWatcher https://t.me/cKure/13397

■■■■□ ASLR bypass without infoleak. https://github.com/nick0ve/how-to-bypass-aslr-on-linux-x86_64 https://t.me/cKure/13396