old
[Tool] Hidviz
https://github.com/ondrejbudai/hidviz/ Hidviz is a GUI application for in-depth analysis of USB HID class devices. The 2 main usecases of this aplication are reverse-engineering existing devices and developing new USB HID devices.USB HID class consists of many possible devices, e.g. mice, keyboards, joysticks and gamepads. But that's not all! There are more exotic HID devices, e.g. weather stati..
[Tool] 리눅스 프로세스 숨김
https://n0where.net/linux-covert-execution-mimic/ What is “Linux covert execution”?Covert execution is the art of hiding a process. In this case, mimic hides the process in plain sight. mimic can launch any program and make it look like any other program. Any user can use it. It does not require special permissions. It does not require special binaries. It does not require a root kit.What?! No s..
[자료] 80 Linux Monitoring Tools
80 Linux Monitoring ToolsIt’s hard work monitoring and debugging Linux performance problems, but it’s easier with the right tools at the right time. Here’s the most comprehensive list of Linux Monitoring Tools on the Internet.Command Line ToolsTopThis is a small tool which is pre-installed on many unix systems. When you want an overview of all the processes or threads running in the system: top ..
[Tool] InfectPE
http://www.kitploit.com/2017/04/infectpe-inject-custom-code-into-pe-file.html Inject Custom Code into PE File
[자료] Windows Privilege Escalation
https://github.com/netbiosX/Checklists/blob/master/Windows-Privilege-Escalation.md WPE-01 - Stored CredentialsWPE-02 - Windows KernelWPE-03 - DLL InjectionWPE-04 - Weak Service PermissionsWPE-05 - DLL HijackingWPE-06 - Hot PotatoWPE-07 - Group Policy PreferencesWPE-08 - Unquoted Service PathWPE-09 - Always Install ElevatedWPE-10 - Token ManipulationWPE-11 - Secondary Logon HandleWPE-12 - Insecur..
[자료] How to: Install Fuzzbunch
down : https://github.com/x0rz/EQGRP_Lost_in_Translation What are Fuzzbunch & DanderSpritz?Fuzzbunch is what Metasploit is to penetration testers. It is an an easy to use framework written in Python, that allows you to launch exploits and interact with different supported implants. DanderSpritz is a Java based management command & control console to administer compromised computers. Think of it ..
[자료] LFI 설명
IntroductionThe intent of this document is to help penetration testers and students identify and test LFI vulnerabilities on future pen testing engagements by consolidating research for local file inclusion LFI testing techniques. LFI vulnerabilities are typically discovered during web app pen tests using the techniques contained within this document. Additionally, some of the techniques mention..
