 h00die
|
a0222d0783
|
rework windows service persistence
|
2025-11-17 19:02:53 -05:00 |
|
|
h00die
|
92e1720ad5
|
fix docs
|
2025-11-17 19:02:53 -05:00 |
|
|
h00die
|
450e1df340
|
windows service now with persistence mixin
|
2025-11-17 19:02:50 -05:00 |
|
|
Diego Ledda
|
c007d3a89f
|
Merge pull request #20674 from msutovsky-r7/exploit/win/cve-2025-59287
Adds module for unauthenticated deserialization in WSUS (CVE-2025-59287)
|
2025-11-12 12:40:32 +01:00 |
|
|
Diego Ledda
|
29088b4712
|
Merge pull request #20576 from msutovsky-r7/modules/persistence/linqpad_deserialization
Moves LINQPad module into persistence category
|
2025-11-11 16:41:12 +01:00 |
|
|
Martin Sutovsky
|
6aeb81a499
|
Adds MITRE reference, updates docs
|
2025-11-10 18:32:13 +01:00 |
|
|
h00die
|
b646e0e044
|
docs editing for consistency
|
2025-11-07 15:42:27 -05:00 |
|
|
h00die
|
fb02ec4554
|
remove 4 space indents in options
|
2025-11-07 15:42:27 -05:00 |
|
|
h00die
|
caa2873a14
|
more adjustments
|
2025-11-07 15:42:27 -05:00 |
|
|
h00die
|
d8c73f6684
|
replace bold options with h3
|
2025-11-07 15:42:23 -05:00 |
|
|
Diego Ledda
|
110cb837aa
|
Merge pull request #20672 from h00die-gr3y/centreon_auth_rce
Centreon authenticated command injection leading to RCE via broker engine "reload" parameter [CVE-2025-5946]
|
2025-11-05 16:29:29 +01:00 |
|
|
Martin Sutovsky
|
5ad76f82d1
|
Adds more docs, adds description
|
2025-11-04 13:49:43 +01:00 |
|
|
Martin Sutovsky
|
98467f3a21
|
Adds msf payload to module, adds docs
|
2025-11-04 12:28:03 +01:00 |
|
|
h00die-gr3y
|
408eceb2d9
|
small update documentation
|
2025-11-03 10:27:44 +00:00 |
|
|
h00die-gr3y
|
85b4233345
|
updated module based on review comments and added documentation
|
2025-11-03 10:21:31 +00:00 |
|
|
Diego Ledda
|
13dc61e2e8
|
Merge pull request #20523 from h00die/modern_persistence_upstart
update upstart to persistence mixin
|
2025-10-31 12:28:59 +01:00 |
|
|
msutovsky-r7
|
af5baeb3c6
|
Land #20660, adds windows task scheduler persistence module
Windows task scheduler persistence
|
2025-10-31 10:16:19 +01:00 |
|
|
msutovsky-r7
|
c804e5fb55
|
Land #20643, expands diamorphine privilege escalation module to other rootkits
Add Rootkit Privilege Escalation Signal Hunter
|
2025-10-31 10:00:21 +01:00 |
|
|
bcoles
|
676a2ed4b1
|
Add Rootkit Privilege Escalation Signal Hunter
|
2025-10-31 17:22:19 +11:00 |
|
|
msutovsky-r7
|
09f1d1ae57
|
Land #20650, adds module for NCR Command Center Agent unauthenticated RCE (CVE-2021-3122)
Add NCR Command Center Agent Unauthenticated RCE (CVE-2021-3122)
|
2025-10-30 08:26:42 +01:00 |
|
|
msutovsky-r7
|
56480df99f
|
Land #20662, adds windows startup folder persistence module
windows persistence: startup folder
|
2025-10-29 13:23:35 +01:00 |
|
|
Martin Sutovsky
|
44c3d9b5db
|
Fixes documentation, removes unused parameters, code cleanup
|
2025-10-29 07:58:47 +01:00 |
|
|
Martin Sutovsky
|
5bf842c15e
|
Moves module to persistence category, docs reformat
|
2025-10-29 07:57:19 +01:00 |
|
|
h00die
|
c0b3f40b3e
|
upstart review
|
2025-10-27 19:45:38 -04:00 |
|
|
h00die
|
fd04f465eb
|
windows persistence: startup folder
|
2025-10-27 15:35:52 -04:00 |
|
|
msutovsky-r7
|
d839a84a12
|
Land #20631, moves windows registry module into persistence category
update windows registry to persistence mixin
|
2025-10-27 14:57:48 +01:00 |
|
|
h00die
|
c210a897ac
|
windows persistence: task scheduler
|
2025-10-26 16:17:16 -04:00 |
|
|
Muhammad Daffa
|
af2b2cc40f
|
Add documentation for NCR Command Center Agent RCE
|
2025-10-24 16:15:11 +07:00 |
|
|
bcoles
|
52b7f1ff25
|
Deprecate exploit/linux/local/diamorphine_rootkit_signal_priv_esc
|
2025-10-24 17:05:10 +11:00 |
|
|
h00die
|
0f26c9316a
|
registry persistence peer review
|
2025-10-23 17:44:22 -04:00 |
|
|
adfoster-r7
|
f24552cdfd
|
Merge pull request #20632 from h00die/linqpad_cleanup
Linqpad cleanup
|
2025-10-22 13:23:32 +01:00 |
|
|
vognik
|
74c7f98ad9
|
code review changes from @msutovsky-r7
|
2025-10-20 09:00:24 -07:00 |
|
|
h00die
|
8490ce844d
|
linqpad persistence cleanup
|
2025-10-19 10:08:33 -04:00 |
|
|
h00die
|
287cba7436
|
linqpad persistence cleanup
|
2025-10-19 10:05:36 -04:00 |
|
|
h00die
|
2575a9ad03
|
windows registry persistence doc update
|
2025-10-19 09:45:06 -04:00 |
|
|
h00die
|
bc9bd4b62c
|
windows registry persistence mixin conversion
|
2025-10-19 09:36:59 -04:00 |
|
|
vognik
|
9ad83f6454
|
Add Vvveb CMS Authenticated RCE (CVE-2025-8518)
|
2025-10-18 17:12:05 -07:00 |
|
|
Diego Ledda
|
644bcfabbb
|
Merge pull request #20522 from h00die/modern_persistence_sysvinit
update systemvinit to persistence mixin
|
2025-10-16 16:35:16 +02:00 |
|
|
h00die
|
55583bd2c8
|
review for sysv persistence
|
2025-10-14 19:30:06 -04:00 |
|
|
h00die
|
1e9dd04505
|
update periodic_script to new persistence mechanism
|
2025-10-13 17:48:00 -04:00 |
|
|
h00die
|
058e858e82
|
update systemvinit to persistence mixin
|
2025-10-13 13:42:41 -04:00 |
|
|
Brendan
|
91c0adb17f
|
Merge pull request #20585 from vognik/CVE_2025_60787
Add MotionEye Authenticated RCE (CVE-2025-60787)
|
2025-10-09 13:50:25 -05:00 |
|
|
Vognik
|
267a26b763
|
code review changes from smcintyre-r7@
|
2025-10-09 21:51:31 +04:00 |
|
|
Vognik
|
c05a9d3f7f
|
code review changes from @bwatters-r7
|
2025-10-07 03:07:26 +04:00 |
|
|
jheysel-r7
|
dbf84abec3
|
Merge pull request #20586 from bcoles/windows_script_host_wsf
Add Malicious Windows Script Host Script File (.wsf) module
|
2025-10-06 13:21:56 -07:00 |
|
|
Vognik
|
25624e9ae0
|
code review changes
|
2025-10-06 15:46:59 +04:00 |
|
|
bcoles
|
9a8d1473d8
|
Add Malicious Windows Script Host Script File (.wsf) module
|
2025-10-05 20:16:00 +11:00 |
|
|
Vognik
|
6d295b993a
|
Add MotionEye Unauthenticated RCE (CVE-2025-60787)
|
2025-10-05 05:32:32 +04:00 |
|
|
msutovsky-r7
|
a23473a103
|
Land #20565, moves image exec module to persistence category and mixin
Modern persistence image exec
|
2025-09-29 09:32:25 +02:00 |
|
|
msutovsky-r7
|
79ff667d5e
|
Land #20538, adds systemd override persistence module
persistence: systemd service override
|
2025-09-26 15:57:31 +02:00 |
|