Preface

What is this and why does it exist?

All links, the content behind and the opinions there are not mine.
If you follow an external link, it is your problem, not mine if you do not like, what you find there.
Please be aware, that this is just a list of topics I find interesting.

All mentioned security tools can be found here: https://github.com/MrMarco74/security-geraffel



Tools

Powershell module to get the NetNTLMv2 hash of the current user
–> Get-NetNTLM - github <–

Generate XML file for “immediate scheduled task” GPO configuration
–> schtask_now - github <–

Source code of an old fuzzer, pe-afl, which applies static binary instrumentation, aka binary rewriting, on PE file
–> pe-afl - github <–

Covenant is a .NET command and control framework that aims to highlight the attack surface of .NET, make the use of offensive .NET tradecraft easier, and serve as a collaborative command and control platform for red teamers
–> Covenant - github <–

A quick and dirty way to bypass encrypted EPA to connect to a NetScaler Gateway
–> NetScalerEPABypass - github <–



Talks & Knowledge

Attacking-Edge-Through-the-JavaScript-Compiler
–> Attacking-Edge-Through-the-JavaScript-Compiler - github <–

How the $LogFile works?
–> How the $LogFile works? - DFIR Blog <–

Advanced Techniques to Bypass & Defeat XSS Filters, Part 1
–> Bypass & Defeat XSS Filters - Null-Byte Wonder HowTo <–

How McSema Handles C++ Exceptions
–> C++ Exceptions - Trail of Bits Blog <–

A collection of awesome lists, manuals, blogs, hacks, one-liners, cli/web tools and more
–> the-book-of-secret-knowledge - github <–



Threats

Famous Uploader CracksNow Banned from Torrents for Distributing GrandCrab Ransomware
–> CracksNow Distributing GrandCrab - HackRead <–

This malware turns ATM hijacking into a slot machine game
–> WinPot - ZDNet <–