{"uuid": "c4ea3d32-d1f1-4433-8ef4-ad728780f9c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-20421", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3039", "content": "Tools - Hackers Factory \n\nEndpoints Explorer\n\nA Python script that employs multiple bypass rules to discover sensitive endpoints.\n\nhttps://github.com/wzqs/endpoints_explore\n\n#infosec #pentesting #bugbount\n\n\u200b\u200bCoercer\n\nA python script to automatically coerce a Windows server to authenticate on an arbitrary machine through 12 methods.\n\nhttps://github.com/p0dalirius/Coercer\n\n#infosec #pentesting #redteam\n\n\u200b\u200bdirsearch_bypass403\n\nDirectory scanning + extraction of URLs/subdomains from JS files + 403 status bypass + fingerprinting.\n\nhttps://github.com/lemonlove7/dirsearch_bypass403\n\n#infosec #pentesting #redteam\n\n\u200b\u200bDarc Viewpoint\n\nCybersecurity Assets & Threats Modeling analysis.\n\nhttps://github.com/eclipse/capella-cybersecurity\n\n#cybersecurity #infosec\n\n\u200b\u200bBug Bounty Dork\n\nThis will output all the google results for each of the tasks so you can hopefully find a vunerability. 503 error means you need a new IP as google knows your up to something! This will output the results to files and then you cna browse and see what you have found.\n\nhttps://github.com/random-robbie/bugbountydork\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bHypervisor\n\nThe most comprehensive resource for Virtualization with a focus on Cybersecurity, Learn, exploit, read, and create let's make the industry safer by sharing and learning.\n\nhttps://github.com/AtonceInventions/Hypervisor\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bBug Bounty Reports Templates\n\nList of reporting templates I have used since I started doing BBH.\n\nhttps://github.com/pdelteil/BugBountyReportTemplates\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2022-20421\n\nPrivilege escalation exploit from unstrusted_app for Android Binder vulnerability (CVE-2022-20421). The vulnerability is patched on Android's Security Bulletin of October 2022.\n\nhttps://github.com/0xkol/badspin\n\n#cve #infosec #exploit\n\n\u200b\u200bNetSec\n\nA tool to analyze devices connecting to the router and alert accordingly when a new device is connected. This app can display and store intruders' IP address, MAC address, and Block the device.\n\nhttps://github.com/thevickypedia/NetSec\n\n#cybersecurity #infosec\n\n\u200b\u200bAISec\n\nCybersecurity of Machine Learning and Artificial Intelligence Implementations.\n\nhttps://github.com/sdnewhop/AISec\n\n#cybersecurity #infosec\n\n\u200b\u200bProcessInjection\n\nThe program is designed to perform process injection. Currently the tool supports 5 process injection techniques.\n\nhttps://github.com/3xpl01tc0d3r/ProcessInjection\n\n#infosec #pentesting #redteam\n\n\u200b\u200bAADAppAudit\n\nThis tool was initially developed to analyze possible illicit consent grant attacks & in help of analyzing Azure AD consent grant framework but has been developed further since to provide answers to the most typical security related questions around Azure AD integrated apps and permissions.\n\nhttps://github.com/jsa2/AADAppAudit\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-06-25T11:12:20.000000Z"}