{"uuid": "1b661354-7c7b-4180-b003-48370784b5e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-GW42-F939-FHVM", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3072", "content": "Tools - Hackers Factory \n\nLink-X \n\nA Hack-Via-Link ToolKit. Including: Camera, Voice, Location Etc*4\n\nhttps://github.com/Toxic-Noob/Link-X\n\n#infosec #pentesting #redteam\n\nStorm-Breaker\n\nSocial engineering tool [Access Webcam & Microphone & Location Finder] With Python.\n\nhttps://github.com/ultrasecurity/Storm-Breaker\n\n#infosec #pentesting #redteam\n\njsFinder\n\nA command-line tool written in Go that scans web pages to find JavaScript files linked in the HTML source code. It searches for any attribute that can contain a JavaScript file (e.g., src, href, data-main, etc.) and extracts the URLs of the files to a text file. The tool is designed to be simple to use, and it supports reading URLs from a file or from standard input.\n\nhttps://github.com/kacakb/jsfinder\n\n#infosec #pentesting #bugbounty\n\nCVE-2023-32315\n\nAdministration Console authentication bypass in openfire xmppserver.\n\nhttps://github.com/advisories/GHSA-gw42-f939-fhvm\n\n#cve #cybersecurity #infosec\n\nCrowdSec\n\nThe open-source and participative IPS able to analyze visitor behavior & provide an adapted response to all kinds of attacks. It also leverages the crowd power to generate a global CTI database to protect the user network.\n\nhttps://github.com/crowdsecurity/crowdsec\n\n#cybersecurity #infosec\n\nLookyloo \n\nLookyloo is a web interface that allows users to capture a website page and then display a tree of domains that call each other.\n\nhttps://github.com/Lookyloo/lookyloo\n\n#cybersecurity #infosec #pentesting\n\n\ud83e\udd96Velociraptor Docker\n\nDocker image for Velocidex Velociraptor.\n\nhttps://github.com/weslambert/velociraptor-docker\n\n#infosec #pentesting #bugbounty\n\nGato\n\nGitHub Attack Toolkit is an enumeration and attack tool that allows both blue teamers and offensive security practitioners to evaluate the blast radius of a compromised personal access token within a GitHub organization.\n\nhttps://github.com/praetorian-inc/gato\n\n#cybersecurity #infosec #pentesting\n\nOSINT QuickStart\n\nIncludes quick start guides for #Shodan and Censys #OSINT search engines.\n\nhttps://github.com/utilsec/osint\n\n#cybersecurity #infosec\n\nCookie-Graber-BOF\n\nC or BOF file to extract WebKit master key to decrypt user cookie. The C code can be used to compile an executable or a bof script for #CobaltStrike.\n\nhttps://github.com/Mr-Un1k0d3r/Cookie-Graber-BOF\n\n#infosec #pentesting #redteam\n\nGeacon\n\nPractice Go programming and implement #CobaltStrike's Beacon in Go\n\nhttps://github.com/darkr4y/geacon\n\n#infosec #pentesting #redteam\n\nRepeaterSearch\n\nThis #burpsuite plugin adds a search bar to Repeater that allows you to search Requests and/or Responses for a string. Regex is also supported.\n\nhttps://github.com/Static-Flow/RepeaterSearch\n\n#infosec #infosec #bugbounty\n\nPractical Windows Forensics\n\nA quick DIY approach for performing a digital forensic analysis on a Windows 10 system.\n\nhttps://github.com/bluecapesecurity/PWF\n\n#cybersecurity #infosec #forensic\n\nOWASP Domain Protect\n\nPrevent subdomain takeover...\n\nhttps://github.com/domain-protect/domain-protect\n\n#cybersecurity #infosec\n\nawesome-oracle-manipulation\n\nAwesome list of all things oracle manipulation. Creating to help spread a better understanding of oracles and oracle manipulation.\n\nhttps://github.com/0xcacti/awesome-oracle-manipulation\n\n#cybersecurity #infosec\n\nCheckov\n\nPrevent #cloud misconfigurations and find vulnerabilities during build-time in infrastructure as code, container images and open source packages with Checkov by Bridgecrew.\n\nhttps://github.com/bridgecrewio/checkov\n\n#cybersecurity #infosec\n\namd-lm32-smu-exploit\n\nGeneric #exploit for all version 7 (maybe others) LM32-based AMD SMU's used in APUs (and probably works on GPUs too)\n\nhttps://github.com/jevinskie/amd-lm32-smu-exploit\n\n#cybersecurity #infosec\n\nGretchen\n\nCisco TCL tool to stop Responder attacks.\n\nhttps://github.com/c4s73r/Gretchen\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-30T15:18:17.000000Z"}