{"uuid": "8f0fc1c5-4210-44f4-83cc-b07e6cecde11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2868", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3118", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - Hackers Factory\n\nWinsocky\n\nWinsocket implementation for #CobaltStrike. Used to communicate with the victim using winsockets instead of the traditional ways.\n\nhttps://github.com/WKL-Sec/Winsocky\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUseful #OSINT hints and links\n\nhttps://github.com/seintpl/osint\n\n#cybersecurity #infosec\n\n\u200b\u200bPyrrha\n\nA tool for firmware cartography.\n\nhttps://github.com/quarkslab/pyrrha\n\n#cybersecurity #infosec\n\n\u200b\u200bapk.sh\n\napk.sh makes #reverse engineering Android apps easier, automating some repetitive tasks like pulling, decoding, rebuilding and patching an APK.\n\nhttps://github.com/ax/apk.sh\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-3269 \n\nLinux kernel privilege escalation vulnerability.\n\nhttps://github.com/lrh2000/StackRot\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bmmdb-server\n\nFast API server to lookup IP addresses for their geographic location.\n\nhttps://github.com/adulau/mmdb-server\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-2868\n\nBarracuda ESG Command Injection\n\nhttps://github.com/cfielding-r7/poc-cve-2023-2868\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bDoge-COFFLdr\n\nIts a coff loader ported to go.\n\n\u2022 Ported to go\n\u2022 more opsec\n\u2022 support BeaconOutput\n\u2022 support other Beacon functions(todo)\n\nhttps://github.com/timwhitez/Doge-COFFLdr\n\n#infosec #pentesting #redteam\n\n\u200b\u200bSR-IOV Network Metrics Exporter\n\nExporter that reads metrics for SR-IOV Virtual Functions and exposes them in the Prometheus format.\n\nhttps://github.com/k8snetworkplumbingwg/sriov-network-metrics-exporter\n\n#cybersecurity #infosec\n\n\u200b\u200bnf-tables-lpe\n\nExploits of Team Orca from Sea Security and Qrious Secure for multiple vulnerabilities in Netfilter's nf_table module.\n\nhttps://github.com/kungfulon/nf-tables-lpe\n\n#cybersecurity #infosec\n\n\u200b\u200broute-detect\n\nFind authentication (authn) and authorization (authz) security bugs in web application routes.\n\nhttps://github.com/mschwager/route-detect\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bjava-gate\n\nJava JNI HellsGate/HalosGate/TartarusGate/RecycledGate/SSN Syscall/Many Shellcode Loaders.\n\nhttps://github.com/4ra1n/java-gate\n\napk.sh makes reverse engineering Android apps easier, automating  some repetitive tasks like pulling, decoding, rebuilding and patching an  APK.\n\nhttps://github.com/ax/apk.sh\n\n#infosec \n\nStackRot (CVE-2023-3269): Linux kernel privilege escalation vulnerability\n\nhttps://github.com/lrh2000/StackRot\n\n#infosec #cybersecurity \n\nChecklist for investigating the provenance and ownership of websites.\n\nhttps://github.com/jonkeegan/behind-this-website\n\n#infosec \n\nA C# Command & Control framework\n\nhttps://github.com/DragoQCC/HardHatC2\n\n#infosec #cybersecurity \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-07T18:06:56.000000Z"}