List of @Mohadsec discoveries, CVEs, PoCs, and write-ups.
Studying Sysmon’s Ability to Detect Process Injections Using Different Configuration Schemas
Ansible playbook designed to configure and deploy rsyslog, Wazuh, Kolide Fleet launcher, OSquery, and Winlogbeat for Windows and Linux (Blue-Team)
It's ours now” is a C# tool that collects unpacked/downloaded files using Windows event handlers (Malware-analysis)
Playbook that randomly selects malware and deploys it to add a layer of difficulty when practicing IR & Threat Hunting (Blue-Team)
Unquoted service path on Veyon Microsoft Windows LPE CVE-2020-15261
Machine Learning Approach to Guess Passwords via Microphones Write-up & PoC (Red-Team)
Developing Use Cases That Nefariously Utilize Twitter’s API For The Purpose of Building Covert Communications Talk & Paper (Red-Team)
Malicious patch for Pfsense router to perform Red Team activities Bfsense (Red-Team)
RosarioSIS 6.7.2 Reflected Cross-Site Scripting CVE-2020-15718, CVE-2020-15717, CVE-2020-15716, CVE-2020-15721
RosarioSIS < 6.5.1 Reflected Cross-Site Scripting CVE-2020-13278
Scalable infrastructures for Red/Blue/Gray-Team themed competitions Stateless (IaC)
Google Chrome Extension Automates Testing Fundamental Web Problems (Pentesting)
In-memory implant that uses C# techniques to bypasses Windows Firewall and Defender C2 (Red-Team)
Processes To Watch For Unwanted & Unexpected Blue Team Actions Windows Persistence (Red-Team)
rConfig Network Device Configuration Management 3.9.5 RCE CVE-2020-15715
rConfig Network Device Configuration Management 3.9.5 SQLi CVE-2020-15714, CVE-2020-15713
rConfig Network Device Configuration Management 3.9.5 LFI CVE-2020-15712
Integrated Windows rootkit projects and persistence techniques Nemo (Red-Team)
Post-exploitation C2 that targets browsers Write-up & tool (Red-Team)
Malicious process monitors and infects specific kinds of files (Red-Team)
Admidio version 3.3.13 Unauthenticated SQLi CVE-2020-11004
C2 project controls a self-propagating MS17-010 worm M-Botnet (Red-Team)
CellTower is credentials, events, and any data logging tool QSearchSploit (Red-Team)
Leantime management system < 2.0.15 BSQL Injection CVE-2020-5292
Customizing Searchsploit outputs from Kali Linux QSearchSploit (Tool)
Preparation material to prepare for AWAE course (Resources)
Information theft through covert channel by exploiting HTTP Post method (PoC)
PWNDashboard, Engagements and competitions dashboard (Red-Team)
Ansible playbook to customize Kali Linux Kai-TX (Tool)
Clearview, Web Application Challenge (Education)
BlueDucky, Creates a list of USB-Rubber-Ducky instructions (Blue-Team)
DHCP Starvation & DHCP Spoofing attacks On Cisco Network Switches (Infrastructure Security)
Integrating C3 With Cobalt Strike via ExternalC2 And Studying Their Behavior
Windows Exploit Development: Egg Hunting
Windows Exploit Development: Unicode and Venetian shellcode techniques
Exploit Development: Utilizing imported functions
Exploit Development: Manually Encode Bytes & Shellcode Carving
Windows Exploit Development: Structured Exception Handler Exploitation
TorMultiplier creates multiple Tor sockets PoC
Simple CLI web Intruder that uses Netcat