CVE-2023-28760.py
10 KB
Pwning the TP-Link AX1800 WiFi 6 Router: Uncovered and Exploited a Memory Corruption Vulnerability(CVE-2023-28760, critical RCE vulnerability in TP-Link AX1800 Wi-Fi 6 Routers).
https://www.tecsecurity.io/blog/tp-link_ax1800
Exploit for CVE-2023-28760
https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760
https://www.tecsecurity.io/blog/tp-link_ax1800
Exploit for CVE-2023-28760
https://github.com/TecR0c/exploits/tree/main/CVE-2023-28760
🔥3
ROPfuscator is a fine-grained code obfuscation framework for C/C++ programs using ROP (return-oriented programming)
https://pepe.runas.rocks/papers/ROPfuscator-WOOT23.pdf
https://github.com/ropfuscator/ropfuscator
https://pepe.runas.rocks/papers/ROPfuscator-WOOT23.pdf
https://github.com/ropfuscator/ropfuscator
Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test
https://github.com/ryh04x/CEH-Exam-Questions
https://github.com/ryh04x/CEH-Exam-Questions
GitHub
GitHub - ryh04x/CEH-Exam-Questions: Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and…
Planning To Take Certified Ethical Hacker (CEH)? Here are github repo with 125 questions and answers to help you prep for the test - ryh04x/CEH-Exam-Questions
Acunetix v15.5 - 28 Mar 2023
Windows: https://www.mirrored.to/files/U6ARSI5A/Acunetix-v15.5-Windows-Pwn3rzs-CyberArsenal.7z_links
Linux: https://www.mirrored.to/files/X2X422VE/Acunetix-v15.5-Linux-Pwn3rzs-CyberArsenal.7z_links
Password: Pwn3rzs
Changelog:
Too long for post, refer here:
https://www.acunetix.com/changelogs/acunetix-premium/v15-5-28-march-2023/
Windows: https://www.mirrored.to/files/U6ARSI5A/Acunetix-v15.5-Windows-Pwn3rzs-CyberArsenal.7z_links
Linux: https://www.mirrored.to/files/X2X422VE/Acunetix-v15.5-Linux-Pwn3rzs-CyberArsenal.7z_links
Password: Pwn3rzs
Changelog:
Too long for post, refer here:
https://www.acunetix.com/changelogs/acunetix-premium/v15-5-28-march-2023/
Ultimate XXE Beginner Guide
https://thexssrat.medium.com/ultimate-xxe-beginner-guide-f3bd123b1f4a
https://thexssrat.medium.com/ultimate-xxe-beginner-guide-f3bd123b1f4a
Medium
Ultimate XXE Beginner Guide
What is it
👏1
WinRAR SFX archives can run PowerShell without being detected
https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/
https://www.crowdstrike.com/blog/self-extracting-archives-decoy-files-and-their-hidden-payloads/
❤3
Potato privilege escalation in Windows Server 2012 - 2022, Windows 8 - 11
https://github.com/BeichenDream/GodPotato
https://github.com/BeichenDream/GodPotato
GitHub
GitHub - BeichenDream/GodPotato
Contribute to BeichenDream/GodPotato development by creating an account on GitHub.
❤1👍1
XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected/persistent XSS
https://github.com/EmperialX/XSS-Automation-Tool
https://github.com/EmperialX/XSS-Automation-Tool
GitHub
GitHub - EmperialX/XSS-Automation-Tool: "XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities…
"XSS automation tool helps hackers identify and exploit cross-site scripting vulnerabilities in web apps. Tests for reflected and persistent XSS. Customize request headers, cookies, proxie...
🔥4
DJI Mavic 3 Drone Research Part 1: Firmware Analysis
https://www.nozominetworks.com/blog/dji-mavic-3-drone-research-part-1-firmware-analysis/
https://www.nozominetworks.com/blog/dji-mavic-3-drone-research-part-1-firmware-analysis/
Nozominetworks
DJI Mavic 3 Drone Research Part 1: Firmware Analysis
Nozomi Networks Labs recently conducted firmware analysis on a DJI Mavic 3 Series drone. Learn more about their findings.
❤2
OWASP Web Application Pentesting Checklist
https://github.com/Hari-prasaanth/Web-App-Pentest-Checklist
https://github.com/Hari-prasaanth/Web-App-Pentest-Checklist
GitHub
GitHub - Hari-prasaanth/Web-App-Pentest-Checklist: A OWASP Based Checklist With 500+ Test Cases
A OWASP Based Checklist With 500+ Test Cases. Contribute to Hari-prasaanth/Web-App-Pentest-Checklist development by creating an account on GitHub.
👍1
burpgpt - Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities, and enables running traffic-based analysis of any type
https://github.com/aress31/burpgpt
https://github.com/aress31/burpgpt
GitHub
GitHub - aress31/burpgpt: A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering…
A Burp Suite extension that integrates OpenAI's GPT to perform an additional passive scan for discovering highly bespoke vulnerabilities and enables running traffic-based analysis of any ty...
decentralising the Ai Industry, just some language model api's...
https://github.com/xtekky/gpt4free
https://github.com/xtekky/gpt4free
GitHub
GitHub - xtekky/gpt4free: The official gpt4free repository | various collection of powerful language models | opus 4.6 gpt 5.3…
The official gpt4free repository | various collection of powerful language models | opus 4.6 gpt 5.3 kimi 2.5 deepseek v3.2 gemini 3 - xtekky/gpt4free
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API
https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api
https://www.akamai.com/blog/security-research/important-outlook-vulnerability-bypass-windows-api
Akamai
From One Vulnerability to Another: Outlook Patch Analysis Reveals Important Flaw in Windows API | Akamai
Akamai researchers explore a new critical vulnerability in Windows that could lead to a bypass of CVE-2023-23397’s mitigation.
Babuk Source Code Sparks 9 Different Ransomware Strains Targeting VMware ESXi Systems
https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html
https://thehackernews.com/2023/05/babuk-source-code-sparks-9-new.html
👍1