​​Commix

Automated All-in-One OS Command Injection Exploitation Tool.

https://github.com/commixproject/commix

#best #redteam

​​Awesome ADB

The Android Debug Bridge (ADB) is a toolkit included in the Android SDK package, it is not only a powerful tool for Android developers and testers, but also a good toy for Android fans.

https://github.com/mzlogin/awesome-adb/blob/master/README.en.md

​​Graphcat

Generate graphs and charts based on password cracking result. Simple script to generate graphs and charts on hashcat (and john) potfile and ntds.

https://github.com/Orange-Cyberdefense/graphcat

​​CeWL

Custom Word List generator

Based on a discussion on PaulDotCom (episode 129) about creating custom word lists spidering a targets website and collecting unique words I decided to write CeWL, the Custom Word List generator. CeWL is a ruby app which spiders a given URL to a specified depth, optionally following external links, and returns a list of words which can then be used for password crackers such as John the Ripper.

By default, CeWL sticks to just the site you have specified and will go to a depth of 2 links, this behaviour can be changed by passing arguments. Be careful if setting a large depth and allowing it to go offsite, you could end up drifting on to a lot of other domains. All words of three characters and over are output to stdout. This length can be increased and the words can be written to a file rather than screen so the app can be automated.

https://github.com/digininja/CeWL

🔥🔥🔥Fortinet FortiNAC CVE-2022-39952 Deep-Dive, PoC and IOCs
An external control of file name or path vulnerability [CWE-73] in FortiNAC webserver may allow an unauthenticated attacker to perform arbitrary write on the system.

🔖PoC exploit here

A blog on Nmap

Let's learn how to use Nmap.

Nmap commands
Nmap cheat sheet
Nmap techniques

Here is a link to the blog

https://techofide.com/blogs/nmap-commands-how-to-use-nmap-tool-nmap-cheat-sheet/

Join our group for more exclusive cyber security content

t.me/ethicalhackingtechofide

BREAKING: Russian hacker group Phoenix announces hacking major ministries of Pakistan Govt.

The group called the hack "hacking the whole Pakistan."

ब्रेकिंग: रूसी हैकर समूह फीनिक्स ने पाकिस्तान सरकार के प्रमुख मंत्रालयों को हैक करने की घोषणा की।

समूह ने हैक को "पूरे पाकिस्तान को हैक करना" कहा।

https://twitter.com/_treeni/status/1628089198929670150

🔺Just In: @AngrySaffron

💥PS script to exploit ESC1/retrieve your own NTLM password hash using only built-in Windows binaries to generate the PFX.

Download: https://system32.ink/news-feed/p/248/

Hi Everyone!

A new Blog on Burp Suite.

Let's learn how to use it like a Cyber Security Professional

A beginners blog to take your first step towards Burp Suite

Here is the link 🔗

https://techofide.com/blogs/what-is-burp-suite-how-to-use-burp-suite-burp-suite-tutorial-for-beginners/

Join our group for such exclusive content

t.me/ethicalhackingtechofide

Link updated...
CVE-2023-0754
PTC Thingworx Edge C-SDK twHeader_fromStream Integer Overflow RCE Vulnerability

CVE-2023-0755
PTC Thingworx Edge C-SDK mulitpartMessageStoreEntry_Create Array Indexing OOB Write RCE Vulnerability

Download POC exploit: https://system32.ink/news-feed/p/249/