CVE-2023-22515 Scanner – Detecting Atlassian Confluence Vulnerability
.webp "CVE-2023-22515 Scanner – Detecting Atlassian Confluence Vulnerability")
This is simple scanner for CVE-2023-22515, a critical vulnerability in Atlassian Confluence Data Center and Server that is actively being exploited in the wild by threat actors in order "to create unauthorized Confluence administrator accounts and access Confluence instances". The vulnerability was initially described as a "privilege escalation" issue, but Atlassian later changed the classification to "broken access control" in...
Msprobe – On-Prem Microsoft Solutions Discovery For Security
.webp "Msprobe – On-Prem Microsoft Solutions Discovery For Security")
Discovering and securing on-premises Microsoft solutions is paramount in today's cybersecurity landscape. In this article, we delve into 'msprobe,' a powerful tool designed to aid in the identification of on-prem Microsoft products. With its versatile modules, 'msprobe' empowers security professionals to pinpoint and assess potential vulnerabilities, ensuring robust protection for organizations. About Installing Usage Examples Coming Soon Acknowledgements About Finding all things on-prem Microsoft for password spraying...
Aftermath – Swift-Powered Incident Response And Data Analysis
.webp "Aftermath – Swift-Powered Incident Response And Data Analysis")
Aftermath is a Swift-based, open-source incident response framework. Aftermath can be leveraged by defenders in order to collect and subsequently analyze the data from the compromised host. Aftermath can be deployed from an MDM (ideally), but it can also run independently from the infected user's command line. Aftermath first runs a series of modules for collection. The output of this will...
Dangerzone – Safely Convert Risky Documents Into Secure PDFs
.webp "Dangerzone – Safely Convert Risky Documents Into Secure PDFs")
Take potentially dangerous PDFs, office documents, or images and convert them to a safe PDF. Dangerzone works like this: You give it a document that you don't know if you can trust (for example, an email attachment). Inside of a sandbox, Dangerzone converts the document to a PDF (if it isn't already one), and then converts the PDF...
Nord Stream – Uncovering Secrets With A CICD Exploitation Toolkit
.webp "Nord Stream – Uncovering Secrets With A CICD Exploitation Toolkit")
Nord Stream is a tool that allows you extract secrets stored inside CI/CD environments by deploying malicious pipelines. It currently supports Azure DevOps, GitHub and GitLab. Table Of Contents Nord Stream Table of Contents Installation Usage General usage Describe token Build YAML YAML Clean logs Signing commits Azure DevOps Service connections Help GitHub List protections Disable protections Force Azure OIDC AWS OIDC Help GitLab List secrets YAML List protections Help TODO Contact Installation $ pip3 install -r requirements.txt git is also required and must exist in your PATH. Usage General Usage Describe Token The --describe-token option can be used to display...
Ghidra Script Mastery – Managing And Automating With GhidraScripts For Golang
Scripts to run within Ghidra, maintained by the Trellix ARC team. Ghidra, the open-source software reverse engineering tool, is known for its flexibility and extensibility. In this article, we delve into the world of GhidraScripts, providing you with insights on how to effectively manage and utilize these scripts for Golang-related tasks. Whether you're a seasoned Ghidra user or just...
CVE-2023-36723 – Windows Sandbox Directory Creation Vulnerability
.webp "CVE-2023-36723 – Windows Sandbox Directory Creation Vulnerability")
This is PoC for arbitrary directory creation bug in Container Manager service. This PoC is not thoroughly tested so it may not even work most of the time (it was enough for msrc to confirm vulnerability). In order to exploit this vulnerability a Windows Sandbox feature have to be installed on windows host. When Windows Sandbox feature is installed a set...
The Elastic Container Project – Streamlining Security Research With A Quick Setup Guide
.webp "The Elastic Container Project – Streamlining Security Research With A Quick Setup Guide")
Stand up a 100% containerized Elastic stack, TLS secured, with Elasticsearch, Kibana, Fleet, and the Detection Engine all pre-configured, enabled and ready to use, within minutes. If you're interested in more details regarding this project and what to do once you have it running, check out our blog post on the Elastic Security Labs site. This is not an Elastic created, sponsored, or...
Coerced Potato – Windows Privilege Escalation
.webp "Coerced Potato – Windows Privilege Escalation")
In the realm of cybersecurity, understanding the vulnerabilities within operating systems is paramount. "Coerced Potato" delves into the intricate world of Windows 10, Windows 11, and Server 2022, shedding light on privilege escalation through SeImpersonatePrivilege. Join us as we explore the intricacies of this exploit and unveil the potential risks it poses, providing valuable insights into securing your Windows...
G3nius Tools Sploit – Your Ultimate Guide To Advanced Penetration Testing
G3nius Tools Sploit is a penetration testing tool with a lot of plugins for advanced cybersecurity attacks. User-friendly, Easy and modular!. In an age where cybersecurity is paramount, the quest for safeguarding digital systems has never been more critical. Enter G3nius Tools Sploit, a powerful penetration testing tool armed with an arsenal of plugins designed for advanced cybersecurity assessments. This...
