A critical vulnerability (CVE-2022-36804) in Atlassian Bitbucket Server and Data Center could be exploited by unauthorized attackers to execute malicious code on vulnerable instances.
https://github.com/CEOrbey/CVE-2022-36804-MASS-RCE
https://github.com/CEOrbey/CVE-2022-36804-MASS-RCE
DrayTek unauthenticated remote code execution vulnerability (CVE-2022-32548) in /cgi-bin/wlogin.cgi via username field
https://github.com/rftg1000/CVE-2022-32548-RCE-POC
https://github.com/rftg1000/CVE-2022-32548-RCE-POC
Another Windows Local Privilege Escalation from Service Account to System
https://github.com/antonioCoco/JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
#LPE #Windows
https://github.com/antonioCoco/JuicyPotatoNG
https://decoder.cloud/2022/09/21/giving-juicypotato-a-second-chance-juicypotatong/
#LPE #Windows
GitHub
GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System
Another Windows Local Privilege Escalation from Service Account to System - GitHub - antonioCoco/JuicyPotatoNG: Another Windows Local Privilege Escalation from Service Account to System
Loading Fileless Remote PE from URI to memory with argument passing and ETW patching and NTDLL unhooking and No New Thread technique
https://github.com/D1rkMtr/FilelessRemotePE
https://github.com/D1rkMtr/FilelessRemotePE
The OWASSRF + TabShell exploit chain (CVE-2022-41076)
detailes:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
POC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#Tabshell #exchange
detailes:
https://blog.viettelcybersecurity.com/tabshell-owassrf/
POC:
https://gist.github.com/testanull/518871a2e2057caa2bc9c6ae6634103e
#Tabshell #exchange
Invicti-Professional-v23-1-0-Pwn3rzs-CyberArsenal.rar
278.1 MB
Password:Pwn3rzs
certsync is tool for Dumping NTDS with golden certificates and UnPAC the hash and Base on Certipy =>https://github.com/ly4k/Certipy
https://github.com/zblurx/certsync
https://github.com/zblurx/certsync
GitHub
GitHub - ly4k/Certipy: Tool for Active Directory Certificate Services enumeration and abuse
Tool for Active Directory Certificate Services enumeration and abuse - ly4k/Certipy
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
https://github.com/hacksysteam/CVE-2023-21608
https://github.com/hacksysteam/CVE-2023-21608
GitHub
GitHub - hacksysteam/CVE-2023-21608: Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit
Adobe Acrobat Reader - CVE-2023-21608 - Remote Code Execution Exploit - hacksysteam/CVE-2023-21608
CVE-2023-0179-PoC affecting all Linux versions from 5.5 to 6.2-rc3, although the exploit was tested on 6.1.6
https://github.com/TurtleARM/CVE-2023-0179-PoC
#LPE
https://github.com/TurtleARM/CVE-2023-0179-PoC
#LPE
GitHub
GitHub - TurtleARM/CVE-2023-0179-PoC
Contribute to TurtleARM/CVE-2023-0179-PoC development by creating an account on GitHub.