{"uuid": "78aba1c1-c91e-43f9-92b1-5984c0310d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-0045", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2308", "content": "#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\n\u200b\u200bCVE-2023-0045\n\nBypassing Spectre-BTI User Space Mitigations on Linux\n\nhttps://github.com/es0j/CVE-2023-0045\n\n#cve\n\n\u200b\u200bTLDbrute\n\nA simple utility to generate domain names with all possible TLDs\n\nhttps://github.com/Sybil-Scan/TLDbrute\n\n\u200b\u200bAMSI_patch\n\nPatching AmsiOpenSession by forcing an error branching.\n\nInside AmsiOpenSession, there is a TEST instruction that sets the zero flag (ZF) , when the result of the AND operation is zero, and if the zero flag is 1 it will take the error branch because of the JZ instruction that will jump if ZF is 1, but if everything is ok the error branching will never took , so what about forcing it by patching JZ to JNZ.\n\nhttps://github.com/TheD1rkMtr/AMSI_patch\n\n\u200b\u200bShrewdEye\n\nShrewdEye (sheye) is a set of utilities bundled into a single automated workflow to improve, simplify, and speed up resource discovery and vulnerabilities finding.\n\nhttps://github.com/zzzteph/sheye\n\n#pentesting #bugbounty #redteam\n\n\u200b\u200bDLL Sideload without DLL Main\n\nhttps://github.com/shantanu561993/DLL-Sideload\n\nDetails:\nhttps://www.redteam.cafe/red-team/dll-sideloading/dll-sideloading-not-by-dllmain\n\n#pentesting #redteam #hackers #inject\n\n\u200b\u200bPractical #CyberSecurity Resources \ud83c\udf1f\n\nhttps://github.com/brcyrr/PracticalCyberSecurityResources/blob/main/README.md\n\n\u200b\u200bIoTSecurity101\n\nA Curated list of IoT Security Resources\n\nhttps://github.com/V33RU/IoTSecurity101\n\n\u200b\u200bAzure AD - Attack and Defense Playbook\n\nThis publication is a collection of various common attack scenarios on Azure Active Directory and how they can be mitigated or detected.\n\nhttps://github.com/Cloud-Architekt/AzureAD-Attack-Defense\n\n\u200b\u200bHiSilicon DVR hack\n\nThis report discloses serious vulnerabilities (with proof of concept (PoC) code) of DVR/NVR devices built using the HiSilicon hi3520d and similar system on a chip (SoC). Exploiting the vulnerabilities lead to unauthorized remote code execution (RCE) using only the web interface, causing full takeover of the exploited device. Due to lack of upgraded firmwares, using these devices is not recommended. Contacted the vendor before Dec 2016, but still no response. The release date of the disclosure is Feb 2017.\n\nhttps://github.com/tothi/pwn-hisilicon-dvr\n\n\u200b\u200bDyld-DeNeuralyzer\n\nA simple set of POCs to demonstrate in-memory loading of Mach-O's.\n\n\u25ab\ufe0f Method 1 - Patch up dyld for in-memory loading of Mach-O bundles.\n\u25ab\ufe0f Method 2 - Use a custom in-memory loader for loading Mach-O bundles.\n\nhttps://github.com/xpn/DyldDeNeuralyzer\n\nBTC:\nbc1q62lwma4r3w3klq4mcn5hys9nps5h40qmafrc8e\n\n#Tools\u00a0 \ud83d\udee0\ufe0f \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\nwww.ghostclan.org", "creation_timestamp": "2023-02-21T11:10:14.000000Z"}