Coustom Bash – A Tool To Automate Penetration Testing Tasks

Custom bash scripts have emerged as powerful tools for automating a range of penetration testing tasks, from reconnaissance to payload creation. Tailored specifically for use with Kali Linux, these scripts streamline activities like scanning, enumeration, and the generation of malicious payloads using Metasploit. This article delves into the intricacies of setting up and leveraging such […]

September 7, 2023
Read More >>

CVE-2023-29360: Kernel DMA Exploit For Direct R/W Access To kernel Virtual Memory

When looking for vulnerabilities of interest, it’s always a good option to look for vulnerabilities used at pwn2own. Indeed, these vulnerabilities are exploited during the competition, meaning they have a practical impact. Finding The Root Cause  Starting with the ZDI’s advisory of the vulnerability, it is possible to get enough details to look for the root cause. […]

September 7, 2023
Read More >>

Avred – Antivirus Red Teaming Unleashed

Antivirus REDucer for Antivirus REDteaming. Avred tries to provide as much context and information about each match as possible when identifying which portions of a file an antivirus has identified. Avred is a new tool that breaks down how antivirus programs work and shows exactly which parts of a file cause antivirus alerts. This tool […]

September 6, 2023
Read More >>

AppleConnect – Streamlining Local Network With Bonjour

AppleConnect is a small Swift wrapper around a Network TCP stream on the local network (using Bonjour for discovery). Even though the transport is two-way, the API is built around a “service” that is offered by a single server and to which many clients can connect. Usage Setup for servers differs a little bit from […]

September 5, 2023
Read More >>

Jormungandr – Unveiling The Kernel Power Of COFF Loading

Jormungandr is a kernel implementation of a COFF loader, allowing kernel developers to load and execute their COFFs in the kernel. The only supported type of COFF is an x64 kernel COFF (meaning a COFF that uses functions from either NTOSKRNL or SSDT). This project is not supported to run with VBS enabled because it is using pools with execute permissions […]

September 5, 2023
Read More >>