⚙️shodanIDB is a command-line tool to fetch data (open ports, CVEs, CPEs, ...) from Shodan internetDB API.

⚠️NO API key required!

https://iknowwhatyoudownload.com/
220vk.com
searchcode.com
vkpt.info/
https://snradar.azurewebsites.net https://check.torproject.org/torbulkexitlist
https://regvk.com/id/
http://ininterests.com/

#OSINT

#Research
"Counting in Regexes Considered Harmful: Exposing ReDoS Vulnerability of Nonbacktracking Matchers", 2022.

]-> Tool to perform static analysis on regexes to determine whether they are vulnerable to ReDoS:
https://github.com/NicolaasWeideman/RegexStaticAnalysis

#exploit
1. Workaround for CVE-2022-41923: Privilege Management Vulnerability
https://github.com/grails/GSSC-CVE-2022-41923

2. CVE-2022-32060:
Snipe-IT v.6.0.2 - arbitrary file upload
https://github.com/bypazs/CVE-2022-32060

3. CVE-2022-45472:
DOM Based XSS
https://github.com/nicbrinkley/CVE-2022-45472

#Threat_Research
"Code Execution and Content Spoofing: The First Comprehensive Analysis of OpenDocument Signatures", 2022.

#Offensive_security
1. Linux Password Mining
https://medium.com/@tinopreter/linux-password-mining-58e341635f1c
2. Bypassing Intel DCM’s Authentication by Spoofing Kerberos and LDAP Responses (CVE-2022-33942)
https://www.rcesecurity.com/2022/11/from-zero-to-hero-part-1-bypassing-intel-dcms-authentication-cve-2022-33942

#tools
#Blue_Team_Techniques
1. PassFiltEx - Active Directory Password Filter
https://github.com/ryanries/PassFiltEx
2. Administrative tools and logon types
https://learn.microsoft.com/en-us/windows-server/identity/securing-privileged-access/reference-tools-logon-types

#exploit
JavaScript Engine Exploitation Primitives
https://www.madstacks.dev/posts/V8-Exploitation-Series-Part-6/#writing-an-exploit
]-> V8 Exploitation Series:
https://www.madstacks.dev/categories/v8-series

#Research
"SARA: Secure Android Remote Authorization", 2022.
]-> Repo: https://github.com/purseclab/SARA-Secure-Android-Remote-Authorization

#Threat_Research
1. Android SharkBot Droppers on Google Play
https://www.bitdefender.com/blog/labs/android-sharkbot-droppers-on-google-play-underlines-platforms-security-needs
2. Cryptonite Ransomware
https://www.fortinet.com/blog/threat-research/Ransomware-Roundup-Cryptonite-Ransomware

#Malware_analysis
Malware Analysis Series (MAS) - Article 6, November/24/2022, rev: A.1.

#Offensive_security
1. Fetch data (open ports, CVEs, CPEs, ...) from shodan internetDB API
https://github.com/s4hm4d/shodanidb
2. Find MS Exchange instance for a given domain and identify the exact version
https://github.com/mhaskar/ExchangeFinder

#Red_Team_Tactics
1. Header spoofing via a hidden parameter in Facebook Batch GraphQL APIs
https://feed.bugs.xdavidhu.me/bugs/0017
2. UAC Bypass On Windows Defender For Endpoint With HighBorn
https://assume-breach.medium.com/home-grown-red-team-uac-bypass-on-windows-defender-for-endpoint-with-highborn-e9ea16546029

#hardening
"Defending against automatization using NGINX", 2022.

]-> Nginx Bad Bot and User-Agent Blocker, Spam Referrer Blocker, Anti DDOS, Bad IP Blocker, Wordpress Theme Detector Blocker:
https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker

#OpSec
JustEvadeBro, a cheat sheet which will aid you through AMSI/AV evasion & bypasses
https://github.com/sinfulz/JustEvadeBro

#Research
"Nessie: Automatically Testing JavaScript APIs with Asynchronous Callbacks", 2022.
]-> https://zenodo.org/record/5874851#.Y4Gx7aSOFSA

#exploit
1. CVE-2022-32898:
ANE_ProgramCreate() multiple kernel memory corruption
https://0x36.github.io/CVE-2022-32898

2. CVE-2022-43781:
Command injection vulnerability using environment variables in Bitbucket Server/Data Center
https://petrusviet.medium.com/cve-2022-43781-32bc29de8960

3. CVE-2022-38374:
XSS in Fortinet FortiADC 7.0.0 - 7.0.2, 6.2.0 - 6.2.4
https://github.com/azhurtanov/CVE-2022-38374

#Offensive_security
"Understanding and Re-creating Process Injection Techniques through Nimjector", 2022.
]-> https://github.com/cybernomad1/NimJection