Private Bug Hunting Methodology
https://github.com/WadQamar10/My-Hunting-Methodology-/tree/main
https://github.com/WadQamar10/My-Hunting-Methodology-/tree/main
GitHub
GitHub - wadgamaraldeen/My-Hunting-Methodology-: My Private Bug Hunting Methodology
My Private Bug Hunting Methodology . Contribute to wadgamaraldeen/My-Hunting-Methodology- development by creating an account on GitHub.
Forwarded from Sputnik Brasil
🚨📱Mídia: PF apreende celulares e notebooks pertencentes a Abin na casa do ex-diretor Ramagem
A Polícia Federal apreendeu seis celulares e quatro notebooks no apartamento funcional do deputado federal Alexandre Ramagem (PL-RJ), sendo que um notebook e um celular encontrados sob posse do parlamentar ainda pertencem à Agência Brasileira de Inteligência (Abin).
A informação foi noticiada pelo jornal O Globo nesta quinta-feira (25). Também foram apreendidos 20 pen-drives e documentos relacionados à agência na residência, além de computadores e documentos no gabinete do parlamentar que também é ex-diretor-geral da Abin.
Mas cedo, de acordo com a PF, também foram feitas buscas em domicílios de servidores suspeitos de envolvimento em atividades de espionagem ilegal. Ao todo foram cumpridas 21 mandados de busca e apreensão em Brasília-DF (18), Juiz de Fora-MG (1), São João Del Rei-MG (1) e Rio de Janeiro-RJ (1).
Siga a @sputnikbrasil no Telegram e tenha acesso a temas não abordados pela grande mídia brasileira
A Polícia Federal apreendeu seis celulares e quatro notebooks no apartamento funcional do deputado federal Alexandre Ramagem (PL-RJ), sendo que um notebook e um celular encontrados sob posse do parlamentar ainda pertencem à Agência Brasileira de Inteligência (Abin).
A informação foi noticiada pelo jornal O Globo nesta quinta-feira (25). Também foram apreendidos 20 pen-drives e documentos relacionados à agência na residência, além de computadores e documentos no gabinete do parlamentar que também é ex-diretor-geral da Abin.
Mas cedo, de acordo com a PF, também foram feitas buscas em domicílios de servidores suspeitos de envolvimento em atividades de espionagem ilegal. Ao todo foram cumpridas 21 mandados de busca e apreensão em Brasília-DF (18), Juiz de Fora-MG (1), São João Del Rei-MG (1) e Rio de Janeiro-RJ (1).
Siga a @sputnikbrasil no Telegram e tenha acesso a temas não abordados pela grande mídia brasileira
Windows CLFS Driver Privilege Escalation
This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.
Affects version:
— Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
— Windows 11 22H2;
— Windows 10 21H2;
— Windows 10 22H2;
— Windows Server 2022.
Research:
https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability
Exploit:
https://github.com/duck-sec/CVE-2023-28252-Compiled-exe
This vulnerability targets the Common Log File System (CLFS) and allows attackers to escalate privileges and potentially fully compromise an organization’s Windows systems. In April 2023, Microsoft released a patch for this vulnerability and the CNA CVE-2023-28252 was assigned.
Affects version:
— Windows 11 21H2 (clfs.sys version 10.0.22000.1574);
— Windows 11 22H2;
— Windows 10 21H2;
— Windows 10 22H2;
— Windows Server 2022.
Research:
https://www.coresecurity.com/core-labs/articles/analysis-cve-2023-28252-clfs-vulnerability
Exploit:
https://github.com/duck-sec/CVE-2023-28252-Compiled-exe
Malware and cryptography 24: encrypt/decrypt file via Madryga
https://cocomelonc.github.io/malware/2024/01/16/malware-cryptography-24.html
https://cocomelonc.github.io/malware/2024/01/16/malware-cryptography-24.html
Vulnerabilidades executadas em Bug Bounty
1️⃣ Remote Code Execution através de Local File Inclusion
2️⃣ Reflected XSS em um subdomínio da American Airlines
3️⃣ Stored XSS no site da Microsoft
@HackingBRA
1️⃣ Remote Code Execution através de Local File Inclusion
2️⃣ Reflected XSS em um subdomínio da American Airlines
3️⃣ Stored XSS no site da Microsoft
@HackingBRA
Breaking Bitlocker - Bypassing the Windows Disk Encryption
https://www.youtube.com/watch?v=wTl4vEednkQ
https://www.youtube.com/watch?v=wTl4vEednkQ
YouTube
Breaking Bitlocker - Bypassing the Windows Disk Encryption
In this video we will use a hardware attack to bypass TPM-based Bitlocker encryption as used on most Microsoft Windows devices.
Errata:
- PIN can also be enabled using manage-bde, not just using group policies
Questions:
- Does this work on TPM2.0? Yes…
Errata:
- PIN can also be enabled using manage-bde, not just using group policies
Questions:
- Does this work on TPM2.0? Yes…
- exploit
CVE-2024-23208:
Apple tvOS Memory Corruption
https://github.com/hrtowii/CVE-2024-23208-test
CVE-2023-35759:
WhatsUp Gold 2022 22.1.0 - XSS
https://packetstormsecurity.com/files/176978/WhatsUp-Gold-2022-22.1.0-Build-39-Cross-Site-Scripting.html
IOS screentime remover using the KFD exploit (WIP)
https://github.com/cintagram/ScreenTimeRemover
CVE-2024-23208:
Apple tvOS Memory Corruption
https://github.com/hrtowii/CVE-2024-23208-test
CVE-2023-35759:
WhatsUp Gold 2022 22.1.0 - XSS
https://packetstormsecurity.com/files/176978/WhatsUp-Gold-2022-22.1.0-Build-39-Cross-Site-Scripting.html
IOS screentime remover using the KFD exploit (WIP)
https://github.com/cintagram/ScreenTimeRemover
MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
https://github.com/Xre0uS/MultiDump
This is a post-exploitation tool written in C for dumping and extracting LSASS memory discreetly. MultiDump supports LSASS dump via ProcDump.exe or Comsvc.dll, it offers two modes: a local mode that encrypts and stores the dump file locally, and a remote mode that sends the dump to a handler for decryption and analysis
https://github.com/Xre0uS/MultiDump
MediaTek WLAN Driver Memory Corruption
https://packetstormsecurity.com/files/177011/MediaTek-WLAN-Driver-Memory-Corruption.html
CVE-2023-5178:
NVMe-oF TCP vulnerability
https://github.com/rockrid3r/CVE-2023-5178
https://packetstormsecurity.com/files/177011/MediaTek-WLAN-Driver-Memory-Corruption.html
CVE-2023-5178:
NVMe-oF TCP vulnerability
https://github.com/rockrid3r/CVE-2023-5178
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
https://github.com/vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
GitHub
GitHub - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC: Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386)
Apache Solr Backup/Restore APIs RCE Poc (CVE-2023-50386) - vvmdx/Apache-Solr-RCE_CVE-2023-50386_POC
1. Using form hijacking to bypass CSP
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
2. Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
https://portswigger.net/research/using-form-hijacking-to-bypass-csp
2. Bypassing EDRs With EDR-Preloading
https://malwaretech.com/2024/02/bypassing-edrs-with-edr-preload.html
This is a proof of concept for #CVE-2024-25153, a Remote Code Execution vulnerability in Fortra FileCatalyst Workflow 5.x, before 5.1.6 Build 114.
https://github.com/nettitude/CVE-2024-25153
https://github.com/nettitude/CVE-2024-25153
GitHub
GitHub - nettitude/CVE-2024-25153: Proof-of-concept exploit for CVE-2024-25153.
Proof-of-concept exploit for CVE-2024-25153. Contribute to nettitude/CVE-2024-25153 development by creating an account on GitHub.
Infosec Awesome.
- Um repositório com vários materiais e ferramentas de segurança da informação. Você pode encontrar informações úteis para todos os gostos e cores:
• Adversary Simulation & Emulation;
• Application Security;
• Binary Analysis;
• Cloud Security;
• Courses;
• Cryptography;
• Data Sets;
• Digital Forensics and Incident Response;
• Exploits;
• Hardening;
• Hardware;
• Malware Analysis;
• Mobile Security;
• Network Security;
• Open-source Intelligence (OSINT);
• Password Cracking and Wordlists;
• Social Engineering;
• Smart Contract;
• Vulnerable.
@hackingbra
- Um repositório com vários materiais e ferramentas de segurança da informação. Você pode encontrar informações úteis para todos os gostos e cores:
• Adversary Simulation & Emulation;
• Application Security;
• Binary Analysis;
• Cloud Security;
• Courses;
• Cryptography;
• Data Sets;
• Digital Forensics and Incident Response;
• Exploits;
• Hardening;
• Hardware;
• Malware Analysis;
• Mobile Security;
• Network Security;
• Open-source Intelligence (OSINT);
• Password Cracking and Wordlists;
• Social Engineering;
• Smart Contract;
• Vulnerable.
@hackingbra
Proof of Concept (PoC) for #CVE-2024-23334, demonstrating how #malicious actors can exploit vulnerabilities in aiohttp using #LFI .
https://github.com/jhonnybonny/CVE-2024-23334
https://github.com/jhonnybonny/CVE-2024-23334
Fiz esse vídeo sem muita firula, apenas para trazer conteúdos em português sobre o Flipper Zero. Quem puder estar se inscrevendo e curtindo o vídeo, vai ajudar bastante.
https://www.youtube.com/watch?v=O1wZ0PST6Xc
https://www.youtube.com/watch?v=O1wZ0PST6Xc
YouTube
Instalando o firmware Xtreme no Flipper Zero
Neste vídeo eu mostro como instalar o firmware Xtreme no Flipper Zero. Abaixo estarei deixando os links citados no vídeos.
🔴 Xtreme Firmware: https://github.com/Flipper-XFW/Xtreme-Firmware/releases
🔴 Instagram: https://www.instagram.com/hackingbrasil/
🔴…
🔴 Xtreme Firmware: https://github.com/Flipper-XFW/Xtreme-Firmware/releases
🔴 Instagram: https://www.instagram.com/hackingbrasil/
🔴…