What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here:


This project is just a dumping ground for random scripts
–> GDA - github <–

Grep Extractor a Burp Extender
–> Grep Extractor - Geeks rejoice <–

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs
–> Ketshash - github <–

Azure Security Center cmdlets. Allows managing and monitoring the security posture of your resources
–> Microsoft Azure PowerShell - PowerShell Gallery <–

Snort 3 beta available now
–> Snort 3 Beta - Snort <–

A set of tools for graph layout and viewing
–> automatic-graph-layout - github <–

Intercepter-NG is a multi functional network toolkit including an Android app for hacking, the main purpose is to recover interesting data from the network stream and perform different kinds of MiTM attacks
–> Intercepter-NG - IntercepterNG <–

A cat(1) clone with wings
–> bat - github <–

A Tool for Dumping Credentials from Azure Subscriptions
–> Get-AzurePasswords - NETSPI <–

Monitoring ‘DNS’ inside the Tor network
–> tor-dns - github <–

Talks & Knowledge

Convert Executable to PowerShell
–> Convert Executable to PowerShell - Remko’s Blog <–

A Bad Dream: Subverting Trusted Platform Module While You Are Sleeping
–> CVE-2018-6622/CVE-2017-16837 - usenix <–

The Advanced Exploitation of 64-bit Edge Browser Use-After-Free Vulnerability on Windows 10
–> Win 10 Edge UAF Exploit - github <–

Introducing the Tink cryptographic software library
–> Tink crypto lib - Google Security Blog <–

Google ‘Titan Security Key’ Is Now On Sale For $50
–> Titan Security Key - The Hacker News <–

Injecting .Net Assemblies Into Unmanaged Processes
–> Injecting .Net Assemblies - CodeProject <–

DEFCON 2018 - Ring 0/-2 Rootkits: Compromising Defenses
–> Ring 0/2 Rootkits - Blackstorm Securit <–

Monitoring ‘DNS’ inside the Tor network
–> TOR osint - 0x3a <–


From Compiler Optimization to Code Execution - VirtualBox VM Escape
–> CVE-2018-2844 - voidsecurity <–

Telegram starts to play nice with security agencies over user data, but not in Russia
–> Telegram follows court orders in the future - ZDNet <–

Android OS API-Breaking Flaw Offers Up Useful WiFi Data to Bad Actors
–> CVE-2018-9489 - ThreatPost <–

Wireshark can be crashed via malicious packet trace files
–> CVE-2018-16056, CVE-2018-16057, CVE-2018-16058 - Help Net Security <–

VirtualBox 3D exploits & PoCs
–> 3dpwn - github <–

Technical Advisory: Bypassing Workflows Protection Mechanisms - Remote Code Execution on SharePoint
–> CVE-2018-8284 - nccgroup <–

Thousands of MikroTik Routers Hacked to Eavesdrop On Network Traffic - Winbox Any Directory File Read
–> CVE-2018-14847 - The Hacker News <–