WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
https://github.com/iamnihal/warf
https://github.com/iamnihal/warf
GitHub
GitHub - iamnihal/warf: WARF is a Web Application Reconnaissance Framework that helps to gather information about the target.
WARF is a Web Application Reconnaissance Framework that helps to gather information about the target. - iamnihal/warf
❤2
PetitPotato-master.zip
1.5 MB
Local privilege escalation via PetitPotam (perfectly on Windows 21H2 10.0.20348.1547)
https://github.com/wh0amitz/PetitPotato
#LPE
https://github.com/wh0amitz/PetitPotato
#LPE
CVE-2023-23397:
Microsoft Outlook EoP Vulnerability
https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability
0-day: https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY
Microsoft Outlook EoP Vulnerability
https://www.mdsec.co.uk/2023/03/exploiting-cve-2023-23397-microsoft-outlook-elevation-of-privilege-vulnerability
0-day: https://github.com/sqrtZeroKnowledge/CVE-2023-23397_EXPLOIT_0DAY
MDSec
Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability - MDSec
Date: 14th March 2023 Today saw Microsoft patch an interesting vulnerability in Microsoft Outlook. The vulnerability is described as follows: Microsoft Office Outlook contains a privilege escalation vulnerability that allows...
Producing a PoC for CVE-2022-42475 (Fortinet RCE)
https://blog.scrt.ch/2023/03/14/producing-a-poc-for-cve-2022-42475-fortinet-rce
https://blog.scrt.ch/2023/03/14/producing-a-poc-for-cve-2022-42475-fortinet-rce
Multiple Internet to Baseband RCE Vulnerabilities in Samsung Exynos Modems
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
https://googleprojectzero.blogspot.com/2023/03/multiple-internet-to-baseband-remote-rce.html
projectzero.google
Multiple Internet to Baseband Remote Code Execution Vulnerabilities in Exynos Modems - Project Zero
Posted by Tim Willis, Project Zero In late 2022 and early 2023, Project Zero reported eighteen 0-day vulnerabilities in Exynos Modems produced by Samsung S...
👍2
👎1
Exploiting Node.js deserialization bug for RCE
https://sking7.github.io/articles/1601216121.html
https://sking7.github.io/articles/1601216121.html
Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-23415
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
https://github.com/XaFF-XaFF/Cronos-Rootkit
https://github.com/XaFF-XaFF/Cronos-Rootkit
GitHub
GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate…
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation. - GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 rin...
CVE-2023-28760.py
10 KB
Pwning the TP-Link AX1800 WiFi 6 Router: Uncovered and Exploited a Memory Corruption Vulnerability(CVE-2023-28760, critical RCE vulnerability in TP-Link AX1800 Wi-Fi 6 Routers).
https://www.tecsecurity.io/blog/tp-link_ax1800
Exploit for CVE-2023-28760
https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760
https://www.tecsecurity.io/blog/tp-link_ax1800
Exploit for CVE-2023-28760
https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760
🔥3
ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming)
https://pepe.runas.rocks/papers/ROPfuscator-WOOT23.pdf
https://github.com/ropfuscator/ropfuscator
https://pepe.runas.rocks/papers/ROPfuscator-WOOT23.pdf
https://github.com/ropfuscator/ropfuscator
Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test
https://github.com/ryh04x/CEH-Exam-Questions
https://github.com/ryh04x/CEH-Exam-Questions
GitHub
GitHub - ryh04x/CEH-Exam-Questions: Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and…
Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test - ryh04x/CEH-Exam-Questions
Acunetix v15.5 - 28 Mar 2023
Windows: https://www.mirrored.to/files/U6ARSI5A/Acunetix-v15.5-Windows-Pwn3rzs-CyberArsenal.7z_links
Linux: https://www.mirrored.to/files/X2X422VE/Acunetix-v15.5-Linux-Pwn3rzs-CyberArsenal.7z_links
Password: Pwn3rzs
Changelog:
Too long for post, refer here:
https://www.acunetix.com/changelogs/acunetix-premium/v15-5-28-march-2023/
Windows: https://www.mirrored.to/files/U6ARSI5A/Acunetix-v15.5-Windows-Pwn3rzs-CyberArsenal.7z_links
Linux: https://www.mirrored.to/files/X2X422VE/Acunetix-v15.5-Linux-Pwn3rzs-CyberArsenal.7z_links
Password: Pwn3rzs
Changelog:
Too long for post, refer here:
https://www.acunetix.com/changelogs/acunetix-premium/v15-5-28-march-2023/
Ultimate XXE Beginner Guide
https://thexssrat.medium.com/ultimate-xxe-beginner-guide-f3bd123b1f4a
https://thexssrat.medium.com/ultimate-xxe-beginner-guide-f3bd123b1f4a
Medium
Ultimate XXE Beginner Guide
What is it
👏1
WinRAR SFX archives can run PowerShell without being detected
https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/
https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/
❤3
Potato privilege escalation in Windows Server 2012 - 2022, Windows 8 - 11
https://github.com/BeichenDream/GodPotato
https://github.com/BeichenDream/GodPotato
GitHub
GitHub - BeichenDream/GodPotato
Contribute to BeichenDream/GodPotato development by creating an account on GitHub.
❤1👍1
XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected/persistent XSS
https://github.com/EmperialX/XSS-Automation-Tool
https://github.com/EmperialX/XSS-Automation-Tool
GitHub
GitHub - EmperialX/XSS-Automation-Tool: "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities…
"XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persistent XSS. Customize request headers, cookies, proxie...
🔥4