New article on our blog! 🔥
Today you will learn how to recognize phishing sites and explore Shadow IT using Netlas.
👉🏻 Link: https://netlas.medium.com/how-to-detect-scam-and-shadow-it-domains-with-netlas-io-f72085e6f18b
👉🏻 Also read about phishing in our CookBook: https://nt.ls/cook
Good reading!
Today you will learn how to recognize phishing sites and explore Shadow IT using Netlas.
👉🏻 Link: https://netlas.medium.com/how-to-detect-scam-and-shadow-it-domains-with-netlas-io-f72085e6f18b
👉🏻 Also read about phishing in our CookBook: https://nt.ls/cook
Good reading!
Medium
How to detect scam and shadow IT domains with Netlas.io?
Phishing sites are a serious threat on the Internet. In this article I will tell you how to avoid them using Netlas.
👾4👍1🔥1
We continue to publish small cheat sheets for using Netlas 📄
Have you ever tried to use our search engine for entertainment? 🙃
👉🏻 Try now with example: https://nt.ls/RCpox
Have you ever tried to use our search engine for entertainment? 🙃
👉🏻 Try now with example: https://nt.ls/RCpox
👾6👏2
CVE-2023-4967: Sensitive information disclosure in Citrix NetScaler ADC/Gateway, 9.4 rating❗️
The vulnerability emerges from the return value of the snprintf function, which can lead to a buffer over-read if exploited. By this, the session token can be intercepted. Also, PoC is available now.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/5g7Md
👉🏻 Dork: http.noscript:"Netscaler Gateway" OR http.headers.x_powered_by:"Citrix ADC (formerly NetScaler)"
Read about PoC: https://www.bleepingcomputer.com/news/security/citrix-bleed-exploit-lets-hackers-hijack-netscaler-accounts/
Vendor's advisory: https://support.citrix.com/article/CTX579459
The vulnerability emerges from the return value of the snprintf function, which can lead to a buffer over-read if exploited. By this, the session token can be intercepted. Also, PoC is available now.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/5g7Md
👉🏻 Dork: http.noscript:"Netscaler Gateway" OR http.headers.x_powered_by:"Citrix ADC (formerly NetScaler)"
Read about PoC: https://www.bleepingcomputer.com/news/security/citrix-bleed-exploit-lets-hackers-hijack-netscaler-accounts/
Vendor's advisory: https://support.citrix.com/article/CTX579459
🔥4👾2
CVE-2023-46747: Auth Bypass in F5 BIG-IP, 9.8 rating 🔥
An attacker using undisclosed requests can bypass authentication and gain access to execute arbitrary commands on the victim system.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/OcYHT
👉🏻 Dork: http.headers.server:"BigIP"
You can also use the "f5_bigip" tag to get more results.
Vendor's advisory: https://my.f5.com/manage/s/article/K000137353
An attacker using undisclosed requests can bypass authentication and gain access to execute arbitrary commands on the victim system.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/OcYHT
👉🏻 Dork: http.headers.server:"BigIP"
You can also use the "f5_bigip" tag to get more results.
Vendor's advisory: https://my.f5.com/manage/s/article/K000137353
👾4👍2🔥1
Do you remember that Netlas can be used as an extension for Google Chrome?
Well, from today our plugin is also available for the Mozilla Firefox browser! 🦊
Now it's users can explore the site they are on at any time with a couple of clicks. Find out potential vulnerabilities, host data, and much more.
👉🏻 Read more (updated): https://netlas.medium.com/netlas-io-chrome-extension-65a8e3d03bc0
👉🏻 Add-on: https://addons.mozilla.org/en-GB/firefox/addon/netlas-io/
Well, from today our plugin is also available for the Mozilla Firefox browser! 🦊
Now it's users can explore the site they are on at any time with a couple of clicks. Find out potential vulnerabilities, host data, and much more.
👉🏻 Read more (updated): https://netlas.medium.com/netlas-io-chrome-extension-65a8e3d03bc0
👉🏻 Add-on: https://addons.mozilla.org/en-GB/firefox/addon/netlas-io/
Medium
Netlas.io Chrome extension
Extensions for Google Chrome are a very popular way to extend the functionality of the browser. Now Netlas has it too!
👾7👏2
CVE-2023-22518: Improper Authorization in Atlassian Confluence Data&Server, 9.1 rating 🔥
Not a very fresh vulnerability, but the recently released PoC makes it worthy of attention.
Search at Netlas.io:
👉🏻 Link (tag, more results): https://nt.ls/MwYfk
👉🏻 Link (no tag, less results): https://nt.ls/nysj9
👉🏻 Dork №1: tag.name:"atlassian_confluence"
👉🏻 Dork №2: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html
More about PoC: https://github.com/sanjai-AK47/CVE-2023-22518
Not a very fresh vulnerability, but the recently released PoC makes it worthy of attention.
Search at Netlas.io:
👉🏻 Link (tag, more results): https://nt.ls/MwYfk
👉🏻 Link (no tag, less results): https://nt.ls/nysj9
👉🏻 Dork №1: tag.name:"atlassian_confluence"
👉🏻 Dork №2: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/cve-2023-22518-improper-authorization-vulnerability-in-confluence-data-center-and-server-1311473907.html
More about PoC: https://github.com/sanjai-AK47/CVE-2023-22518
👾5👍1
ZDI-23-1578, 1579, 1580, 1581: 0-day vulnerabilities in Microsoft Exchange, 7.1-7.5 rating ❗️
These vulns require authorization to operate, which greatly reduces their threat, but ZDI researchers still recommend limiting access to Exchange servers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/t8cJK
👉🏻 Dork: tag.name:"microsoft_exchange"
Read more: https://www.zerodayinitiative.com/advisories/ZDI-23-1578/
These vulns require authorization to operate, which greatly reduces their threat, but ZDI researchers still recommend limiting access to Exchange servers.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/t8cJK
👉🏻 Dork: tag.name:"microsoft_exchange"
Read more: https://www.zerodayinitiative.com/advisories/ZDI-23-1578/
👾4👍1
CVE-2023-46849, -46850: DoS and use-after-free in OpenVPN Access Server ❗️
If the --fragment parameter is present in the target device's configuration, an attacker can crash the software by dividing by zero and also gain access to sensitive information.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/GpBD3
👉🏻 Dork: http.headers.server:"OpenVPN-AS"
Vendor's advisory: https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
If the --fragment parameter is present in the target device's configuration, an attacker can crash the software by dividing by zero and also gain access to sensitive information.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/GpBD3
👉🏻 Dork: http.headers.server:"OpenVPN-AS"
Vendor's advisory: https://openvpn.net/security-advisory/access-server-security-update-cve-2023-46849-cve-2023-46850/
👾4❤1👍1🔥1
New article on our blog. And this time with the fresh noscript 🔥
Today we will tell how you can use Netlas to search for potentially vulnerable objects in your attack surface. Do not miss the Github link at the end of the article!
👉🏻 Link: https://netlas.medium.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892
Today we will tell how you can use Netlas to search for potentially vulnerable objects in your attack surface. Do not miss the Github link at the end of the article!
👉🏻 Link: https://netlas.medium.com/how-to-find-probably-vulnerable-objects-in-your-own-surface-with-netlas-io-7f3448363892
Medium
How to find probably vulnerable objects in your own surface with Netlas.io?
Quickly and easily check organization’s surface for vulnerabilities using Netlas.io.
👾5🔥3
CVE-2023-49103: Exposure of Sensitive Information in ownCloud, 10.0 rating 🔥🔥🔥
Due to the owncloud/graphapi component, important configuration facts such as license keys, admin credentials may be exposed.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/Igs48
👉🏻 Dork: http.noscript:"ownCloud"
Vendor's advisory: https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/
Due to the owncloud/graphapi component, important configuration facts such as license keys, admin credentials may be exposed.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/Igs48
👉🏻 Dork: http.noscript:"ownCloud"
Vendor's advisory: https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/
👾6👍1
CVE-2023-48121: Auth Bypass in Hikvision, 8.2 rating ❗️
Some Hikvision products have been affected by an authentication bypass vulnerability in the Hik-Connect Module, which could allow remote attackers to consume services by sending crafted messages to the affected devices.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/hbCPs
👉🏻 Dork: http.favicon.hash_sha256:7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527
Vendor's advisory: https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
Some Hikvision products have been affected by an authentication bypass vulnerability in the Hik-Connect Module, which could allow remote attackers to consume services by sending crafted messages to the affected devices.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/hbCPs
👉🏻 Dork: http.favicon.hash_sha256:7d249b2fca8ab8d5ab373444732b8bc9104ab597976640f3441ddfd70148b527
Vendor's advisory: https://www.hikvision.com/hk/support/cybersecurity/security-advisory/security-vulnerability-in-some-hikvision-products/
👾4🔥3👍2
CVE-2023-34060: Authentication Bypass in VMware Cloud Director Appliance, 9.8 rating 🔥
Devices running version 10.5 and using authentication on ports 22 or 5480 may be vulnerable. The recommended protection method is to update to version 10.5.1.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/H5pYN
👉🏻 Dork: http.noscript:"Cloud Director"
Vendor's advisory: https://www.vmware.com/security/advisories/VMSA-2023-0026.html
Devices running version 10.5 and using authentication on ports 22 or 5480 may be vulnerable. The recommended protection method is to update to version 10.5.1.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/H5pYN
👉🏻 Dork: http.noscript:"Cloud Director"
Vendor's advisory: https://www.vmware.com/security/advisories/VMSA-2023-0026.html
🔥8👾3
CVE-2023-22522, -25524: Two RCE in Atlassian Confluence Data&Server, 9.0 rating 🔥
More problems with Atlassian software. This time, an authorized attacker (even an anonymous one) can inject code and achieve RCE. We recommend updating.
Search at Netlas.io:
👉🏻 Link (tag, more results): https://nt.ls/DZHaW
👉🏻 Link (no tag, less results): https://nt.ls/Siajm
👉🏻 Dork №1: tag.name:"atlassian_confluence"
👉🏻 Dork №2: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/december-2023-security-advisories-overview-1318892103.html
More problems with Atlassian software. This time, an authorized attacker (even an anonymous one) can inject code and achieve RCE. We recommend updating.
Search at Netlas.io:
👉🏻 Link (tag, more results): https://nt.ls/DZHaW
👉🏻 Link (no tag, less results): https://nt.ls/Siajm
👉🏻 Dork №1: tag.name:"atlassian_confluence"
👉🏻 Dork №2: http.meta:"confluence-base-url"
Vendor's advisory: https://confluence.atlassian.com/security/december-2023-security-advisories-overview-1318892103.html
👾4👍3🔥1
Full attack surface reconnaissance with reNgine & Netlas.io 🔥
New article on our blog, in which we will talk about using the reNgine intelligence framework in conjunction with Netlas.io. Subdomains, endpoints, OSINT information and much more will be found 🔍
👉 Read here: https://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495
Enjoy reading!
New article on our blog, in which we will talk about using the reNgine intelligence framework in conjunction with Netlas.io. Subdomains, endpoints, OSINT information and much more will be found 🔍
👉 Read here: https://netlas.medium.com/using-rengine-with-netlas-io-module-436e764a5495
Enjoy reading!
Medium
Using reNgine with Netlas.io module
reNgine is a fairly powerful intelligence framework. In this article I will tell you how to configure it for use in conjunction with…
👾5👍3🔥1
This media is not supported in your browser
VIEW IN TELEGRAM
Dear Netlas users,
We have been experiencing problems with the site for the last two days. We sincerely apologize for this.
This is because we are migrating our application to new hardware, doubling the computing power. We promise that after the move is completed, Netlas will work faster and more stable.
Thank you for your patience ❤️
We have been experiencing problems with the site for the last two days. We sincerely apologize for this.
This is because we are migrating our application to new hardware, doubling the computing power. We promise that after the move is completed, Netlas will work faster and more stable.
Thank you for your patience ❤️
💊12😭2
CVE-2023-45316, -45847, -46701 and other: Multiple vuln in Mattermost, 3.7 - 7.3 rating ❗️
DoS, Path Traversal, Improper Access Control and much more: seven fresh vulnerabilities in the Mattermost chat application.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/83sLi
👉🏻 Dork: http.meta:"mattermost"
Vendor's advisory: https://mattermost.com/security-updates/
DoS, Path Traversal, Improper Access Control and much more: seven fresh vulnerabilities in the Mattermost chat application.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/83sLi
👉🏻 Dork: http.meta:"mattermost"
Vendor's advisory: https://mattermost.com/security-updates/
👾4👍1
CVE-2023-42325, -42326, -42327: XSS and RCE in pfSense Security, 5.4 - 8.8 rating 🔥
By combining vulnerabilities, an attacker can force a user to activate XSS payload and thereby achieve RCE. pfSense CE 2.7.0 and below, pfSense Plus 23.05.1 and below are vulnerable.
Search at Netlas.io:
👉 Link (tag, more results): https://nt.ls/BRDDo
👉 Link (no tag): https://nt.ls/Mr8WD
👉 Dork: http.favicon.hash_sha256:b2dd935235013a51fde0a2afc12ba965952e384b7ab43fe1746cc21c7eafc38c
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc
By combining vulnerabilities, an attacker can force a user to activate XSS payload and thereby achieve RCE. pfSense CE 2.7.0 and below, pfSense Plus 23.05.1 and below are vulnerable.
Search at Netlas.io:
👉 Link (tag, more results): https://nt.ls/BRDDo
👉 Link (no tag): https://nt.ls/Mr8WD
👉 Dork: http.favicon.hash_sha256:b2dd935235013a51fde0a2afc12ba965952e384b7ab43fe1746cc21c7eafc38c
Vendor's advisory: https://docs.netgate.com/downloads/pfSense-SA-23_08.webgui.asc
👾6👍1
A great guide to using Netlas 🔥
A few days ago, ZeusCybersec released a cool article dedicated to our application 📖
For anyone who still doubts whether they should use Netlas, we recommend reading it!
Article: https://sparshjazz.medium.com/netlas-io-best-osint-tool-in-cybersecurity-industry-0e9e2e28bfee
A few days ago, ZeusCybersec released a cool article dedicated to our application 📖
For anyone who still doubts whether they should use Netlas, we recommend reading it!
Article: https://sparshjazz.medium.com/netlas-io-best-osint-tool-in-cybersecurity-industry-0e9e2e28bfee
Medium
Netlas.io — Best OSINT Tool in Cybersecurity Industry
Discover, research and monitor any assets available online!
👾4👍1
CVE-2023-35384, -36710: RCE and Bypass in Microsoft Outlook, 5.4 - 7.8 rating 🔥
Despite the fact that only one of the vulnerabilities has a Network attack vector, combining them could allow an attacker to carry out a full-fledged 0-click RCE against Outlook users.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/imL2R
👉🏻 Dork: http.favicon.hash_sha256:cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Read more: https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-one
Despite the fact that only one of the vulnerabilities has a Network attack vector, combining them could allow an attacker to carry out a full-fledged 0-click RCE against Outlook users.
Search at Netlas.io:
👉🏻 Link: https://nt.ls/imL2R
👉🏻 Dork: http.favicon.hash_sha256:cf0808a61ec571e0c4975663903b288009d55502ac0445d9948983b339a5cf6e
Read more: https://www.akamai.com/blog/security-research/chaining-vulnerabilities-to-achieve-rce-part-one
👾4👍2