{"uuid": "fbf608f5-f5b4-453a-850f-a28360e9c441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3082", "content": "Tools \ud83d\udd27 \ud83d\udd28  \ud83d\udd27 -  Hackers Factory\n\n\u200b\u200bspraycharles\n\nLow and slow password spraying tool, designed to spray on an interval over a long period of time.\n\nhttps://github.com/Tw1sm/spraycharles\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCloudflare Tunnel Ingress Controller\n\nTLDR; This project simplifies exposing Kubernetes services to the internet easily and securely using Cloudflare Tunnel.\n\nhttps://github.com/STRRL/cloudflare-tunnel-ingress-controller\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-25157\n\nThis is a simple Python Script to Find the Latest GeoServer SQL Injection Vulnerability. You can use the Scripts on hosts to check for infected path.\n\nhttps://github.com/0x2458bughunt/CVE-2023-25157\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-0630\n\nSlimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n#cve #cybersecurity #infosec\n\nStolen-CVE-2022\n\nArbitrary File Delete Elevation of Privilege through Operating System Check of HP Support Assistant.\n\nhttps://github.com/sp3arm4n/Stolen-CVE-2022\n\n#cybersecurity #infosec\n\n\u200b\u200btoxssin \n\nPenetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js).\n\nThis project started as (and still is) a research-based creative endeavor to explore the exploitability depth that an XSS vulnerability may introduce by using vanilla JavaScript, trusted certificates and cheap tricks.\n\nhttps://github.com/t3l3machus/toxssin\n\n#infosec #pentesting #redteam\n\n\u200b\u200bonedrive_user_enum v2.00\n\nPentest tool to enumerate valid o365 users.\n\nhttps://github.com/nyxgeek/onedrive_user_enum\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bModuleShifting\n\nStealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes.\n\nhttps://github.com/naksyn/ModuleShifting\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-12T12:46:44.000000Z"}