{"uuid": "3e0f8837-9dbf-4270-a91d-f85334d93f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28303", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/28343", "content": "media.io\n\nThe easiest to use free online video editor. Allows you to quickly edit a video from several video and audio files, add text, graphics, subtitles and voiceover. Almost all functions are free (except for voiceovers over 2000 characters), but a watermark is added to the finished video (small and in the corner).\n\nAn online tool for visualizing connections between various investigation entry points (domains, phone numbers, emails, people's names, etc.). It can be called a simplified analogue of Maltego.\n\nFree (requests to netlas.io are partially paid, but you can benefit from the tool without them)\n\nhttps://app.netlas.io/asd/\n\nhttps://ohmyswift.ru/\n\nA huge database of Swift transfers (collected mostly by Russian and Russian-speaking users). There you can check whether transfers are currently successful in a specific bank, between two banks, what working methods there are to transfer money between two countries, etc. The site also has a blog with articles on solving various problems related to Swift transfers.\n\nOne of the most comprehensive collections of resources and tools for gathering information in Australia (archives, dating sites, car registration information, webcams and much more) \n\nhttps://github.com/DFW1N/DFW1N-OSINT\n\nA large selection of Python code examples using the Netlas API (50 requests per day for free) to automate various tasks related to OSINT and pentesting.\n\nhttps://github.com/netlas-io/netlas-cookbook\n\nIt will also be useful for automating work with other IP search engines (Shodan, Censys, Fofa), and, in general, with a wide variety of REST APIs.\n\n\u2014 This repository includes around a thousand Unix/Linux commands and 55 programming languages.\n\nhttps://github.com/chubin/cheat.sh?tab=readme-ov-file\n\nRepository: RedTiger - Penetration Testing and Hacking Tool\n\nRedTiger is a free multi-tool with a variety of cybersecurity and hacking features.\n\n\u2014 This tool allows you to carry out and implement various attacks, such as SQL injections, extract information via email, etc.\n\nhttps://github.com/loxy0dev/RedTiger-Tools\n\nLazyXss - Cross site scriptiong Testing Automation Tool v1.2\n\nhttp://github.com/iamunixtz/LazyXss\n\nPANO - Advanced OSINT Investigation Platform Combining Graph Visualization, Timeline Analysis, And AI Assistance To Uncover Hidden Connections In Data\n\nGetting Started\n\ngit clone https://github.com/ALW1EZ/PANO.git\n\nFinalRecon | All-in-one #OSINT web reconnaissance tool\n\nFinalRecon is an automated web reconnaissance tool written in Python. The goal of FinalRecon is to provide an overview of the target in a short period while maintaining result accuracy. Instead of running multiple tools one after another, it can provide similar results while keeping dependencies small and simple.\nhttps://github.com/thewhiteh4t/finalrecon\n\nSnipRecover CLI\n\nDetection and restoration of Windows Snipping Tool PNG captures vulnerable to CVE-2023-28303\n\nSnipRecover CLI is a minimal, dependency-free command-line utility designed to:\n\nDetect PNG files modified by the Windows Snipping Tool vulnerability (CVE-2023\u201128303).\n\nRestore the original image by recovering compressed data appended after the IEND chunk.\n\nBy default, restored images use RGBA and a resolution of 1920 \u00d7 1080, and if no output path is specified, the tool writes to restored-.png.\n\nLink: https://github.com/m31r0n/SnipRecover-CL\n\nA tool to remotely extract and copy sensitive Windows files (SAM, LSA) without saving a disk\n\nip\n-Target-IP\n-aes -key\n-DUMP\n-Sam\n--lsa\n-DCC2\n--relay\n-Relay-port\n\nhttps://github.com/jfjallid/go-secdump\nhttps://github.com/jfjallid/go-secdump/releases\n\n#soft #golang #redteam #gosecdump\n\nPoC to record audio from a Bluetooth device\nhttps://github.com/TarlogicSecurity/BlueSpy\n\nSSRFUtility - SSRF Exploitation Tool\n\nhttps://ssrf.cvssadvisor.com\n\nNuclei Templates for a Custom Scanner\nHere you can download the templates for the nuclei tool with more than 1244 files focused on finding SQLi and XSS vulnerabilities \u2014 templates commonly used by bug bounty hunters.\n\n#GrayHats", "creation_timestamp": "2025-04-18T20:05:59.000000Z"}