PoC for CVE-2022-21974 and CVE-2022-21971 Roaming Security Rights Management Services Remote Code Execution Vulnerability"
https://github.com/0vercl0k/CVE-2022-21971
https://github.com/0vercl0k/CVE-2022-21974
#RTF #wordpad #OFFICE #RCE
https://github.com/0vercl0k/CVE-2022-21971
https://github.com/0vercl0k/CVE-2022-21974
#RTF #wordpad #OFFICE #RCE
GitHub
GitHub - 0vercl0k/CVE-2022-21971: PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability"
PoC for CVE-2022-21971 "Windows Runtime Remote Code Execution Vulnerability" - 0vercl0k/CVE-2022-21971
کلیه اطلاعاتی که لیک شده اند:
https://share.vx-underground.org/Conti/
فقط دکریپتور:
https://anonfiles.com/l3b7n7L6xc/conti_locker_7z
لاکر با پسورد
https://anonfiles.com/lfV7c2L8xa/conti_locker_v2_zip
#conti
https://share.vx-underground.org/Conti/
فقط دکریپتور:
https://anonfiles.com/l3b7n7L6xc/conti_locker_7z
لاکر با پسورد
https://anonfiles.com/lfV7c2L8xa/conti_locker_v2_zip
#conti
Conti TTP
https://github.com/Res260/conti_202202_leak_procedures
https://github.com/soufianetahiria/ContiLeaks/blob/main/cobaltsrike_lolbins
https://github.com/Res260/conti_202202_leak_procedures
https://github.com/soufianetahiria/ContiLeaks/blob/main/cobaltsrike_lolbins
GitHub
GitHub - Res260/conti_202202_leak_procedures: This repository contains procedures found in the Feb 2022 conti leaks. They were…
This repository contains procedures found in the Feb 2022 conti leaks. They were taken from the "manual_teams_c" rocketchat channel in the leak and posted on may 10th, 2021 in the...
An unexpected Redis sandbox escape affecting only Debian, Ubuntu, and other derivatives
https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
https://www.ubercomp.com/posts/2022-01-20_redis_on_debian_rce
A newly discovered #vulnerability (CVE-2022-25636) in the Netfilter #firewall module of #Linux kernel could be exploited to gain root privileges on vulnerable systems, escape containers or cause a kernel panic.
https://github.com/Bonfee/CVE-2022-25636
https://github.com/Bonfee/CVE-2022-25636
GitHub
GitHub - Bonfee/CVE-2022-25636: CVE-2022-25636
CVE-2022-25636. Contribute to Bonfee/CVE-2022-25636 development by creating an account on GitHub.
RCE exploit for dompdf
https://positive.security/blog/dompdf-rce
https://github.com/positive-security/dompdf-rce
https://positive.security/blog/dompdf-rce
https://github.com/positive-security/dompdf-rce
positive.security
From XSS to RCE (dompdf 0day) | Positive Security
Using a still unpatched vulnerability in the PHP library dompdf (used for rendering PDFs from HTML), we achieved RCE on a web server with merely a reflected XSS vulnerability as entry point.
CVE-2022-0337 System environment variables leak on Google Chrome, Microsoft Edge and Opera
https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
https://github.com/Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera
GitHub
GitHub - Puliczek/CVE-2022-0337-PoC-Google-Chrome-Microsoft-Edge-Opera: 🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera…
🎩 🤟🏻 [P1-$10,000] Google Chrome, Microsoft Edge and Opera - vulnerability reported by Maciej Pulikowski - System environment variables leak - CVE-2022-0337 - Puliczek/CVE-2022-0337-PoC-Google-Chrom...
Top Search Engines for Cyber Security ⚡️📜
1️⃣http://censys.io – Censys Search Engine
2️⃣http://shodan.io – Search engine for Internet-connected devices
3️⃣http://viz.greynoise.io – GreyNoise Visualizer
4️⃣http://zoomeye.org – Cyberspace Search Engine
5️⃣http://onyphe.io – Cyber Defense Search Engine
6️⃣http://wigle.net – Wireless Network Mapping
7️⃣http://intelx.io – Intelligence X
8️⃣http://fofa.so – Cyberspace Security Search Engine
9️⃣http://hunter.io – OSINT Search Engine
🔟http://zorexeye.com – Hacker’s Search Engine
https://twitter.com/HackerGautam/status/1506932786435100674?s=20&t=ZF5EObm8IZSuBqzRZU1sJA
1️⃣http://censys.io – Censys Search Engine
2️⃣http://shodan.io – Search engine for Internet-connected devices
3️⃣http://viz.greynoise.io – GreyNoise Visualizer
4️⃣http://zoomeye.org – Cyberspace Search Engine
5️⃣http://onyphe.io – Cyber Defense Search Engine
6️⃣http://wigle.net – Wireless Network Mapping
7️⃣http://intelx.io – Intelligence X
8️⃣http://fofa.so – Cyberspace Security Search Engine
9️⃣http://hunter.io – OSINT Search Engine
🔟http://zorexeye.com – Hacker’s Search Engine
https://twitter.com/HackerGautam/status/1506932786435100674?s=20&t=ZF5EObm8IZSuBqzRZU1sJA
Censys
Censys | The Authority for Internet Intelligence and Insights
Censys empowers security teams with the most comprehensive, accurate, and up-to-date map of the internet to defend attack surfaces and hunt for threats.
Utility to craft HTML smuggled files for Red Team engagements
https://github.com/surajpkhetani/AutoSmuggle
https://github.com/surajpkhetani/AutoSmuggle
GitHub
GitHub - surajpkhetani/AutoSmuggle: Utility to craft HTML or SVG smuggled files for Red Team engagements
Utility to craft HTML or SVG smuggled files for Red Team engagements - surajpkhetani/AutoSmuggle
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation.
https://github.com/XaFF-XaFF/Cronos-Rootkit
https://github.com/XaFF-XaFF/Cronos-Rootkit
GitHub
GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate…
Cronos is Windows 10/11 x64 ring 0 rootkit. Cronos is able to hide processes, protect and elevate them with token manipulation. - GitHub - XaFF-XaFF/Cronos-Rootkit: Cronos is Windows 10/11 x64 rin...
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
https://github.com/Sh0ckFR/DLLirant
https://github.com/Sh0ckFR/DLLirant
GitHub
GitHub - Sh0ckFR/DLLirant: DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary.
DLLirant is a tool to automatize the DLL Hijacking researches on a specified binary. - Sh0ckFR/DLLirant
LPE exploit targets Ubuntu 21.10 with kernel 5.13.0-37.
https://github.com/Bonfee/CVE-2022-0995
This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component. It uses the same technique described in https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html.
https://github.com/Bonfee/CVE-2022-0995
This is my exploit for CVE-2022-0995, an heap out-of-bounds write in the watch_queue Linux kernel component. It uses the same technique described in https://google.github.io/security-research/pocs/linux/cve-2021-22555/writeup.html.
GitHub
GitHub - Bonfee/CVE-2022-0995: CVE-2022-0995 exploit
CVE-2022-0995 exploit. Contribute to Bonfee/CVE-2022-0995 development by creating an account on GitHub.
CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7
https://github.com/RICSecLab/CVE-2019-0708
https://github.com/RICSecLab/CVE-2019-0708
GitHub
GitHub - RICSecLab/CVE-2019-0708: CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7
CVE-2019-0708 (BlueKeep) proof of concept allowing pre-auth RCE on Windows7 - RICSecLab/CVE-2019-0708