Forwarded from 卩ro 爪Cracker
Aerleon a vendor agnostic firewall management system
https://ift.tt/5L72C9O
Submitted January 20, 2023 at 12:19AM by ankenyr
via reddit https://ift.tt/TFMavi7
https://ift.tt/5L72C9O
Submitted January 20, 2023 at 12:19AM by ankenyr
via reddit https://ift.tt/TFMavi7
GitHub
GitHub - aerleon/aerleon: Multi-platform ACL generation system
Multi-platform ACL generation system. Contribute to aerleon/aerleon development by creating an account on GitHub.
Forwarded from 卩ro 爪Cracker
How to completely own an airline in 3 easy steps
https://ift.tt/DsZiIY6
Submitted January 20, 2023 at 07:48AM by _vavkamil_
via reddit https://ift.tt/CoDSNga
https://ift.tt/DsZiIY6
Submitted January 20, 2023 at 07:48AM by _vavkamil_
via reddit https://ift.tt/CoDSNga
maia :3
how to completely own an airline in 3 easy steps
and grab the TSA nofly list along the way
Forwarded from 卩ro 爪Cracker
Gold Digger
Gold Digger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test.
https://github.com/ustayready/golddigger
Gold Digger is a simple tool used to help quickly discover sensitive information in files recursively. Originally written to assist in rapidly searching files obtained during a penetration test.
https://github.com/ustayready/golddigger
Forwarded from 卩ro 爪Cracker
spray.js
1.1 KB
Forwarded from 卩ro 爪Cracker
Android Exploit to get a System based shell (UID 1000) on ANY Samsung Mobile Device based on CVE-2019-16253
1) Downgrade to vulnerable SamsungTTS app
2) Install exploit APK
3) Exploit vulnerability to achieve System rights
https://forum.xda-developers.com/t/system-shell-exploit-all-samsung-mobile-devices-no-bl-unlock-required.4543071/
1) Downgrade to vulnerable SamsungTTS app
2) Install exploit APK
3) Exploit vulnerability to achieve System rights
https://forum.xda-developers.com/t/system-shell-exploit-all-samsung-mobile-devices-no-bl-unlock-required.4543071/
XDA Forums
***LOCKED UNTIL FURTHER NOTICE*** System Shell Exploit - ALL...
***MODERATOR ANNOUNCEMENT: THREAD CLOSED***
@K0mraid3 you are hereby required to provide proper credit in your OP as follows:
Link the assigned CVE for this exploit as it mentions the author's...
@K0mraid3 you are hereby required to provide proper credit in your OP as follows:
Link the assigned CVE for this exploit as it mentions the author's...
⚡1
#exploit
1. CVE-2022-47966:
RCE vulnerability in multiple ManageEngine (Apache Santuario (xmlsec) <=1.4.1) products
https://github.com/horizon3ai/CVE-2022-47966
]-> https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive
2. CVE-2022-39955:
Charset confusion + WAF bypasses via 0days
https://terjanq.medium.com/waf-bypasses-via-0days-d4ef1f212ec
3. Microsoft Teams RCE
https://blog.pksecurity.io/2023/01/16/2022-microsoft-teams-rce.html
1. CVE-2022-47966:
RCE vulnerability in multiple ManageEngine (Apache Santuario (xmlsec) <=1.4.1) products
https://github.com/horizon3ai/CVE-2022-47966
]-> https://www.horizon3.ai/manageengine-cve-2022-47966-technical-deep-dive
2. CVE-2022-39955:
Charset confusion + WAF bypasses via 0days
https://terjanq.medium.com/waf-bypasses-via-0days-d4ef1f212ec
3. Microsoft Teams RCE
https://blog.pksecurity.io/2023/01/16/2022-microsoft-teams-rce.html
#Threat_Research
#Malware_analysis
1. Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
2. Batloader Malware
https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
#Malware_analysis
1. Way Into Creating a Polymorphic Malware using ChatGPT
https://www.cyberark.com/resources/threat-research-blog/chatting-our-way-into-creating-a-polymorphic-malware
2. Batloader Malware
https://www.trendmicro.com/en_us/research/23/a/batloader-malware-abuses-legitimate-tools-uses-obfuscated-javasc.html
#Offensive_security
In-Memory-Only ELF Execution (Without tmpfs)
https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html
In-Memory-Only ELF Execution (Without tmpfs)
https://magisterquis.github.io/2018/03/31/in-memory-only-elf-execution.html
#Blue_Team_Techniques
1. YARA/Sigma rule to detect the exploitation of ManageEngine ServiceDesk CVE-2022-47966
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_manageengine_jan23.yar
https://github.com/SigmaHQ/sigma/pull/3935/files
2. Investigate malicious Windows logon by visualizing and analyzing Windows event log
https://github.com/JPCERTCC/LogonTracer
1. YARA/Sigma rule to detect the exploitation of ManageEngine ServiceDesk CVE-2022-47966
https://github.com/Neo23x0/signature-base/blob/master/yara/expl_manageengine_jan23.yar
https://github.com/SigmaHQ/sigma/pull/3935/files
2. Investigate malicious Windows logon by visualizing and analyzing Windows event log
https://github.com/JPCERTCC/LogonTracer
#tools
#Cloud_Security
Gold Digger - tool used to help quickly discover sensitive information in files recursively
https://github.com/ustayready/golddigger
#Cloud_Security
Gold Digger - tool used to help quickly discover sensitive information in files recursively
https://github.com/ustayready/golddigger
FRAMESHIFTER.pdf
721.1 KB
#Research
"FRAMESHIFTER: Security Implications of HTTP/2-to-HTTP/1 Conversion Anomalies", 2022.
"FRAMESHIFTER: Security Implications of HTTP/2-to-HTTP/1 Conversion Anomalies", 2022.
Поисковая система You.com запустила чат-бота с искусственным интеллектом, под названием youChat 💻
Чат-бот способен отвечать на вопросы, и вести разговоры, на подобии с ботом ChatGPT, хотя и имеет значительно меньший функционал, относительно последнего. Разработчики заявляют, что добавление youChat значительно расширяет возможности поиска нужной информации в Интернете.
Так, он в состоянии помочь с простыми ответами на общие вопросы, предложением идей, перевода, обобщении текста, составлении электронных писем, а также написании кода. Тем не менее система пока находится в бета-тестировании, и разработчики не рекомендуют принимать на веру все ответы, что выдаёт бот.
Чат-бот способен отвечать на вопросы, и вести разговоры, на подобии с ботом ChatGPT, хотя и имеет значительно меньший функционал, относительно последнего. Разработчики заявляют, что добавление youChat значительно расширяет возможности поиска нужной информации в Интернете.
Так, он в состоянии помочь с простыми ответами на общие вопросы, предложением идей, перевода, обобщении текста, составлении электронных писем, а также написании кода. Тем не менее система пока находится в бета-тестировании, и разработчики не рекомендуют принимать на веру все ответы, что выдаёт бот.
#tools
#Cloud_Security
1. Kubernetes exploitation tool
https://github.com/Rolix44/Kubestroyer
2. Azure Attack Paths Management
https://sofblocks.github.io/azure-attack-paths
#Cloud_Security
1. Kubernetes exploitation tool
https://github.com/Rolix44/Kubestroyer
2. Azure Attack Paths Management
https://sofblocks.github.io/azure-attack-paths
#exploit
1. CVE-2022-41033:
Type confusion in Windows COM+ Event System Service
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41033.html
2. CVE-2022-34718:
Dissecting and Exploiting TCP/IP RCE Vulnerability "EvilESP"
https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp
3. CVE-2023-0297:
Pre-auth RCE in pyLoad
https://github.com/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad
1. CVE-2022-41033:
Type confusion in Windows COM+ Event System Service
https://googleprojectzero.github.io/0days-in-the-wild//0day-RCAs/2022/CVE-2022-41033.html
2. CVE-2022-34718:
Dissecting and Exploiting TCP/IP RCE Vulnerability "EvilESP"
https://securityintelligence.com/posts/dissecting-exploiting-tcp-ip-rce-vulnerability-evilesp
3. CVE-2023-0297:
Pre-auth RCE in pyLoad
https://github.com/bAuh0lz/CVE-2023-0297_Pre-auth_RCE_in_pyLoad
#Threat_Research
Exploiting null-dereferences in the Linux kernel
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
Exploiting null-dereferences in the Linux kernel
https://googleprojectzero.blogspot.com/2023/01/exploiting-null-dereferences-in-linux.html
#WebApp_Security
1. Hacking Salesforce-backed WebApps
https://www.hypn.za.net/blog/2022/11/12/Hacking-Salesforce-backed-WebApps
2. GUID: Attacking Password Reset Functionality
https://www.intruder.io/research/in-guid-we-trust
3. Prototype bugs explained
https://www.jerkeby.se/newsletter/posts/prototype-poisoning
1. Hacking Salesforce-backed WebApps
https://www.hypn.za.net/blog/2022/11/12/Hacking-Salesforce-backed-WebApps
2. GUID: Attacking Password Reset Functionality
https://www.intruder.io/research/in-guid-we-trust
3. Prototype bugs explained
https://www.jerkeby.se/newsletter/posts/prototype-poisoning