Ferramenta para realizar diversos ataques WIFI: https://github.com/0x90/wifi-arsenal
Bad-PDF create malicious PDF file to steal NTLM(NTLMv1/NTLMv2)
https://github.com/deepzec/Bad-Pdf
https://github.com/deepzec/Bad-Pdf
RAT multiplataforma baseado em Telegram que se comunica via Telegram para contornar restrições de rede.
https://github.com/machine1337/TelegramRAT
https://github.com/machine1337/TelegramRAT
#exploit
#CVE-2023-34039:
VMWare Aria Operations for Networks Static SSH key RCE
https://github.com/sinsinology/CVE-2023-34039
#CVE-2023-34039:
VMWare Aria Operations for Networks Static SSH key RCE
https://github.com/sinsinology/CVE-2023-34039
#exploit
#CVE-2023-34039:
Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks
https://github.com/Cyb3rEnthusiast/CVE-2023-34039
#CVE-2023-34039:
Critical Authentication Bypass Vulnerability in VMware Aria Operations for Networks
https://github.com/Cyb3rEnthusiast/CVE-2023-34039
An all-in-one hacking tool written in Python to remotely exploit Android devices using #ADB (Android Debug Bridge) and #Metasploit-Framework.
https://github.com/AzeemIdrisi/PhoneSploit-Pro
https://github.com/AzeemIdrisi/PhoneSploit-Pro
GitHub
GitHub - AzeemIdrisi/PhoneSploit-Pro: An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework…
An all-in-one hacking tool to remotely exploit Android devices using ADB and Metasploit-Framework to get a Meterpreter session. - AzeemIdrisi/PhoneSploit-Pro
Nightmangle is post-exploitation Telegram Command and Control (C2/C&C) Agent
https://github.com/1N73LL1G3NC3x/Nightmangle
https://github.com/1N73LL1G3NC3x/Nightmangle
GitHub
GitHub - 1N73LL1G3NC3x/Nightmangle
Contribute to 1N73LL1G3NC3x/Nightmangle development by creating an account on GitHub.
This media is not supported in your browser
VIEW IN TELEGRAM
Reprodução da CVE-2023–29357 e CVE-2023–24955 no Microsoft SharePoint.
A chain permite que usuários não autenticados executem comandos arbitrários no servidor.
Atualize seu software o mais rápido possível!
A chain permite que usuários não autenticados executem comandos arbitrários no servidor.
Atualize seu software o mais rápido possível!
Forwarded from Fearless John - @European_dissident
■ Historic picture. Jewish refugees sailing to Palestine.
■ The placard says: "The Germans have annihilated our families, don't annihilate our last hope"...
■ The Palestinians didn't even think about how that would end for them...
■ Follow @UkraineHumanRightsAbuses
■ The placard says: "The Germans have annihilated our families, don't annihilate our last hope"...
■ The Palestinians didn't even think about how that would end for them...
■ Follow @UkraineHumanRightsAbuses
☠️Cache poisoning in Drupal core
According to the CVE-2023-5256 disclosure, you can cache admin session cookies by causing a 4xx response when visiting a crafted URL in JSON:API.
You can lure an admin using a link, steal his session cookies and gain administrative access to the website. In this way, an attacker can completely compromise the confidentiality, integrity and availability of the website.
PoC
/jsonapi/user/user?filter[a-labex][condition][path]=cachingyourcookie
#web #cve #cache #drupal
According to the CVE-2023-5256 disclosure, you can cache admin session cookies by causing a 4xx response when visiting a crafted URL in JSON:API.
You can lure an admin using a link, steal his session cookies and gain administrative access to the website. In this way, an attacker can completely compromise the confidentiality, integrity and availability of the website.
PoC
/jsonapi/user/user?filter[a-labex][condition][path]=cachingyourcookie
#web #cve #cache #drupal
Extreme Privacy - Mobile Devices.pdf
2.1 MB
Extreme Privacy: Mobile Devices - Digital Edition (2023)
Version : 2023.06.18
Info : https://inteltechniques.com/book7a.html
@hackingbra
Version : 2023.06.18
Info : https://inteltechniques.com/book7a.html
@hackingbra