.webp "Arena-Hard-Auto : Advancing LLM Evaluation With Style Control Integration")
.webp "How To Install/Run – Streamlining OSINT Workflows For Enhanced Capabilities")
CVE-2024-38063 : A Deep Dive Into Remote Code Execution In tcpip.sys
This is a (rather flaky) poc for CVE-2024-38063, a RCE in tcpip.sys patched on August 13th 2024. I didn't find and report this vuln, that would be Wei. Requirements pip3 install scapy pip3 install scapy python3 cve-2024-38063.py The easiest way to reproduce the vuln is by using bcdedit /set debug on on the target system and restarting the machine/VM. This makes the default network adapter driver kdnic.sys, which is...
CompTIA – Understanding Techniques, Threats, And Cybersecurity Defenses
Explore the essential concepts, techniques, and security challenges covered in the CompTIA Security+ certification 1.1 - Compare And Contrast Different Types Of Social Engineering Techniques Typosquatting - URL Hijacking eg: google.com vs g00gle.com Pretexting - Lying to get your info; actor and a story Pharming - Poisoned DNS server, redirects a legit website to a bogus site Vishing - Voice phishing, often spoofed numbers Smishing - SMS phishing, spoofing here...
LiteSpeed Cache Privilege Escalation PoC – CVE-2024-28000
This repository contains a Proof of Concept (PoC) script for exploiting a privilege escalation vulnerability in the LiteSpeed Cache WordPress plugin. The vulnerability, identified as CVE-2024-28000, allows unauthenticated users to gain Administrator-level access to a WordPress site by brute-forcing a weak security hash used in the plugin. Vulnerability Overview The LiteSpeed Cache plugin's user simulation feature is protected by a weak security...
MagiskEoP – Unpacking The Silent Root Exploit In Magisk
This is an exploit for a vulnerability in Magisk app that allows a local app to silently gain root access without user consent. Vulnerability was initially reported by @vvb2060 and PoC-ed by @canyie. It has been fixed in Canary 27007. Demo video for exploit this vulnerability to silently obtaining root privileges and granting root to any Steps to reproduce this vulnerability: Install vulnerable Magisk app...
VeilTransfer – Mastering Data Exfiltration Simulation For Enhanced Cybersecurity
.webp "VeilTransfer – Mastering Data Exfiltration Simulation For Enhanced Cybersecurity"){kind=spacer}
VeilTransfer is a data exfiltration utility designed to test and enhance the detection capabilities. This tool simulates real-world data exfiltration techniques used by advanced threat actors, allowing organizations to evaluate and improve their security posture. By leveraging multiple exfiltration methods such as MEGA, Github, SFTP, WebDAV, and more, VeilTransfer helps identify gaps in your defenses and ensures your security...
Deep-HLR : Harnessing The Power Of Defastra For Comprehensive Phone Number Analysis
This script uses the Defastra Deep Phone HLR Check API, aiming to be a tool in fraud prevention and osint research scenarios. The following data points are obtained: retrieves social media accounts suscribed to the number (Amazon, Badoo, Bumble, Microsoft, Skype, Telegram, Twitter, Uber, Xiaomi, Bukalapak, Google Duo, Kakaotalk, TikTok, Google Account, Linkedin, Battlenet, Instagram, CallerID, Yandex, VK, Economic...
Windows Downdate – Mastering The Art Of OS Downgrade Attacks
A tool that takes over Windows Updates to craft custom downgrades and expose past fixed vulnerabilities. Presented at Black Hat USA 2024 Briefings and DEFCON 32 under the title "Windows Downdate: Downgrade Attacks Using Windows Updates". Using Windows Downdate you can downgrade critical OS components, DLLs, Drivers, the NT kernel, the Secure Kernel, the Hyper-V hypervisor, Credential Guard and much...
3proxy – Features, Installation, And Usage Guide
The versatile capabilities of 3proxy, a robust and lightweight proxy server designed for a variety of network tasks. From basic HTTP, SOCKS, and FTP proxy functionalities to advanced features like traffic control, authentication, and encryption, 3proxy offers extensive tools for network security and management. This guide delves into the installation, configuration, and usage of 3proxy, providing a thorough overview...
JYso – A Comprehensive Guide To Advanced JNDI And Serialization Exploits
JYso is a tool that can be used as both ysoserial and JNDIExploit. It also has bypass functions of multiple JNDI high versions, WAF, and RASP. Getting Started Guide Please be sure to take a moment to read this document, which will help you quickly become familiar with JYso! Use documentation Wiki. Download the latest version of Releases. Features JNDI account activation JNDI routing hidden or encrypted JNDI high version...
Findsploit – The Ultimate Tool For Exploit Discovery And Management
Finsploit is a simple bash script to quickly and easily search both local and online exploit databases. This repository also includes "copysploit" to copy any exploit-db exploit to the current directory and "compilesploit" to automatically compile and run any C exploit (ie. ./copysploit 1337.c && ./compilesploit 1337.c). For updates to this script, type findsploit update INSTALLATION ./install.sh USAGE Search for all exploits and modules using...
