Browsing tag
UAC-A-Mola is a tool that allows security researchers to investigate new UAC bypasses, in addition to detecting and exploiting known bypasses. UAC-A-mola has modules to carry out the protection and mitigation of UAC bypasses. The strong point of uac-a-mola is that it was created so that other researchers can carry out the work and process […]
Researchers discovered 2 new hacking tools called BOOSTWRITE and RDFSNIFFER that were added in FIN7 groups malware arsenal with sophisticated capabilities and techniques. FireEye Mandiant investigators uncovered that these new hacking tools were added for hijacking the DLL load order of the legitimate Aloha utility and load the malware. The Tool named BOOSTWRITE is a […]
The SupportAssist software comes pre-loaded on most Dell laptops and desktops. It’s used to check for different hardware and software issues that could arise over the course of time on Dell machines. For example, it can be used to test whether the battery is in a healthy condition or not. Unfortunately, the innocent-looking SupportAssist could […]
Microsoft signed DLL for the ActiveDirectory PowerShell module Just a backup for the Microsoft’s ActiveDirectory PowerShell module from Server 2016 with RSAT and module installed. The DLL is usually found at this path: C:WindowsMicrosoft.NETassemblyGAC_64Microsoft.ActiveDirectory.Management and the rest of the module files at this path: C:WindowsSystem32WindowsPowerShellv1.0ModulesActiveDirectory Usage You can copy this DLL to your machine and […]
Injects C# EXE or DLL Assembly into any CLR runtime and AppDomain of another process. The injected assembly can then access static instances of the injectee process’s classes and therefore affect it’s internal state. Usageclrinject-cli.exe -p <processId/processName> -a <assemblyFile> Opens process with id <processId> or name <processName>, inject <assemblyFile> EXE and execute Main method. Additional […]
The script will use msfvenom (metasploit) to generate shellcode in diferent formats ( c | python | ruby | dll | msi | hta-psh ) injects the shellcode generated into one template (example: python) “the python funtion will execute the shellcode into ram” and uses compilers like gcc (gnu cross compiler) or mingw32 or pyinstaller […]
roxysploit is a community-supported, open-source and penetration testing suite that supports attacks for numerous scenarios. conducting attacks in the field. Some containing Plugins in roxysploit Scan is a automated Information gathering plugin it gives the user the ability to have a rest while the best Information gathering plugin can be executed. Jailpwn is a useful plugin for […]
One of the biggest lottery scams in the history of the US is coming to a close as the mastermind behind the operation has pleaded guilty in an Iowa court, at the end of last month. Eddie Tipton, 54, admitted to creating malware in the form of a DLL file, which he loaded on the […]
No admin privileges are required to run the attack. Clever hackers can bypass Microsoft’s Windows AppLocker security feature by abusing a hidden trait of the Regsvr32 command-line utility that’s normally used to register DLLs on a Windows computer. AppLocker is a security feature introduced with Windows 7 and Windows Server 2008 R2 that helps administrators specify […]
Lottery boss wins $16.5 million in six years by tampering random number generator. According to The Des Moines Register, in a case from last year, new details have been disclosed that tells how the boss of a US lottery used malicious DLLs to manipulate and foretell winning ticket numbers on special days of the year. The […]