{"uuid": "e51f9899-9bd9-4e2e-a44e-727119dc5988", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2283", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3080", "content": "30 Tools \ud83d\udd27 \ud83d\udee0\ud83e\ude9b\ud83d\udd28 - Hackers Factory \n\nBREAD\n\nBREAD (BIOS Reverse Engineering &amp; Advanced Debugging) is an 'injectable' real-mode x86 debugger that can debug arbitrary real-mode code (on real HW) from another PC via serial cable.\n\nhttps://github.com/Theldus/bread\n\n#cybersecurity #infosec #reverse\n\n\u200b\u200bGTScan \u2014 The Nmap Scanner for Telco\n\nGTScan relies on using empty TCAP layers as probes to detect listening subsystem numbers (i.e application port numbers like 80 for http, 443 for https but for telecom nodes) on the respective global titles. With this way will be able to map the network and use the results to conduct targeted direct attacks to the respective nodes.\n\nhttps://github.com/SigPloiter/GTScan\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bYAWNING-TITAN\n\nYAWNING-TITAN (YT) is an abstract, graph based cyber-security simulation environment that supports the training of intelligent agents for autonomous cyber operations. YAWNING-TITAN currently only supports defensive autonomous agents who face off against probabilistic red agents.\n\nhttps://github.com/dstl/Yawning-Titan\n\n#cybersecurity #infosec\n\n\u200b\u200bIRCP\n\nA robust information gathering tool for large scale reconnaissance on Internet Relay Chat servers.\n\nhttps://github.com/internet-relay-chat/IRCP\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bTinyCheck\n\nTinyCheck allows you to easily capture network communications from a smartphone or any device which can be associated to a Wi-Fi access point in order to quickly analyze them. This can be used to check if any suspect or malicious communication is outgoing from a smartphone, by using heuristics or specific Indicators of Compromise (IoCs).\n\nhttps://github.com/KasperskyLab/TinyCheck\n\n#cybersecurity #infosec\n\n\u200b\u200bDropSpawn\n\nA #CobaltStrike BOF used to spawn additional Beacons via a relatively unknown method of DLL hijacking. Works x86-x86, x64-x64, and x86-x64/vice versa. Use as an alternative to process injection.\n\nhttps://github.com/Octoberfest7/DropSpawn_BOF\n\n#infosec #pentesting #redteam\n\n\u200b\u200bInstagram-Lookup\n\nThis script allows you to search for an Instagram profile using user ID or retrieve a profile's ID by username. It utilizes the Instagram API to retrieve profile information based on the provided input.\n\nhttps://github.com/AyalX/Instagram-Lookup\n\n#OSINT #recon #infosec\n\n\u200b\u200bScreenshotBOFPlus\n\nTake a screenshot without injection for #CobaltStrike. I only made minor optimizations to the existing code, and made it support the ability to get a complete screenshot when global scaling is initiated on Windows.\n\nhttps://github.com/baiyies/ScreenshotBOFPlus\n\n#infosec #pentesting #redteam\n\n\u200b\u200bBytesafe\n\nSecurity platform that protects organizations from open source software supply chain attacks.\n\nhttps://github.com/bitfront-se/bytesafe-ce\n\n#cybersecurity #infosec\n\n\u200b\u200bSignatureGate\n\nWeaponized version of HellsGate, bypassing AV/EDR/EPPs by abusing opt-in-fix CVE-2013-3900. \n\nhttps://github.com/florylsk/SignatureGate\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bCVE-2023-33829\n\nSCM Manager XSS\n\nhttps://github.com/CKevens/CVE-2023-33829-POC\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bBypassNeo-reGeorg\n\nAnti-kill version Neo-reGeorg.\n\nhttps://github.com/r00tSe7en/BypassNeo-reGeorg\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUTopia\n\nA tool for automatically generating fuzz drivers from unit tests.\n\nhttps://github.com/Samsung/UTopia\n\n#cybersecurity #infosec\n\n\u200b\u200bShellcode PageSplit\n\nSplitting and executing shellcode across multiple pages.\n\nhttps://github.com/x0reaxeax/PageSplit\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-2283\n\nAuthentication bypass vulnerability in libssh, which, under certain conditions, may enable a remote attacker to gain unauthorized access to another user\u2019s account via ssh login.\n\nhttps://github.com/github/securitylab/tree/1786eaae7f90d87ce633c46bbaa0691d2f9bf449/SecurityExploits/libssh/pubkey-auth-bypass-CVE-2023-2283\n\n#cybersecurity #infosec\n\n\u200b\u200bIndoXploit-Shell \n\nhttps://github.com/flux10n/IndoXploit-WebShell\n\n#infosec #pentesting #redteam\n\n\u200b\u200b1/2", "creation_timestamp": "2023-06-10T10:53:16.000000Z"}