Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

Robber is open source tool for finding executables prone to DLL hijacking
–> Robber - github.io <–

Privates, verschlüsseltes Austauschen von Dateien
–> Send Firefox Test Pilot - firefox.com <–

Nano is a family of PHP web shells which are code golfed for stealth
–> nano - github <–

A collection of Burpsuite Intruder payloads, fuzz lists and file uploads
–> IntruderPayloads - github <–

GyoiThon - A Growing Penetration Test Tool Using Machine Learning
–> gyoithon - kitploit <–

Collect NTFS forensic information with osquery
–> osquery - Trail of Bits Blog <–



Talks & Knowledge

“Patch” Windows Server to get multi admin rdp…
–> mimikatz - github <–

Gain a better understanding of user roles and entitlements
–> Visual Identity Suite - CORE Security <–

Data Exfiltration via Formula Injection
–> Data Exfiltration via Formula Injection - Not so Secure <–

A curated list of resources (books, tutorials, courses, tools and vulnerable applications) for learning about Exploit Development
–> awesome-exploit-development - github <–



Threats

Spectre, what else ;)