The DDE attack with PowerShell Empire allows for weaponizing a Word document with a PowerShell Empire-based payload, leveraging the Microsoft DDE exploit to execute code in MS Word and other Microsoft products. For more information, refer to the original research at: https://sensepost.com/blog/2017/macro-less-code-exec-in-msword/ To execute this attack, ensure you have set up an Empire listener.
FEATURES
ALTERNATIVES
A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.
Collection of URLs for vulnerable web applications and systems for cybersecurity practice.
A tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) for offensive security purposes.
Parrot Security OS is a comprehensive, secure, and customizable operating system for cybersecurity professionals, offering over 600+ tools and utilities for red and blue team operations.
An open source network penetration testing framework with automatic recon and scanning capabilities.
A front-end JavaScript toolkit for creating DNS rebinding attacks
Pupy is a cross-platform C2 and post-exploitation framework for remote access and control of compromised systems across various operating systems.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Fabric Platform by BlackStork
Fabric Platform is a cybersecurity reporting solution that automates and standardizes report generation, offering a private-cloud platform, open-source tools, and community-supported templates.
Mandos Brief Newsletter
Stay ahead in cybersecurity. Get the week's top cybersecurity news and insights in 8 minutes or less.
Wiz
Wiz Cloud Security Platform is a cloud-native security platform that enables security, dev, and devops to work together in a self-service model, detecting and preventing cloud security threats in real-time.
RoboShadow
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
Adversa AI
Adversa AI is a cybersecurity company that provides solutions for securing and hardening machine learning, artificial intelligence, and large language models against adversarial attacks, privacy issues, and safety incidents across various industries.