{"vulnerability": "CVE-2024-5836", "sightings": [{"uuid": "dec76524-97a3-4511-8982-e55dae138f2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "Telegram/CVvl4yAxD11343Smp8Poq2G7FUDQCjpXFFsP9PDh3yduS2g", "content": "", "creation_timestamp": "2024-10-20T18:42:21.000000Z"}, {"uuid": "dd7d186a-31c1-4bcb-a6d6-814065c6fd2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8764", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. \nURL\uff1ahttps://github.com/ading2210/CVE-2024-6778-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-17T05:21:34.000000Z"}, {"uuid": "ce0dc9ba-6229-425f-93cc-973b10bf6459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7639", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-5836\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Inappropriate Implementation in DevTools in Google Chrome prior to 126.0.6478.54 allowed an attacker who convinced a user to install a malicious extension to execute arbitrary code via a crafted Chrome Extension. (Chromium security severity: High)\n\ud83d\udccf Published: 2024-06-11T20:58:10.427Z\n\ud83d\udccf Modified: 2025-03-14T18:59:21.278Z\n\ud83d\udd17 References:\n1. https://chromereleases.googleblog.com/2024/06/stable-channel-update-for-desktop.html\n2. https://issues.chromium.org/issues/341875171\n3. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7VXA32LXMNK3DSK3JBRLTBPFUH7LTODU/\n4. https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MPU7AB53QQVNTBPGRMJRY5SXJNYWW3FX/", "creation_timestamp": "2025-03-14T19:45:08.000000Z"}, {"uuid": "719553f3-0844-4e4a-ba01-123ed5e6a0b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13779", "content": "\u2744 Escaping the Chrome Sandbox Through DevTools.\n\nhttps://ading.dev/blog/posts/chrome_sandbox_escape.html\n\n\ud83d\udcf1 A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension.\n\nhttps://github.com/ading2210/CVE-2024-6778-POC", "creation_timestamp": "2024-10-22T15:51:10.000000Z"}, {"uuid": "1c6a10f9-bfb2-430d-9a20-8eadb9e0afe1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1134", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:23:04.000000Z"}, {"uuid": "f14cfa79-c364-4ebd-ac41-ffad28c46522", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1126", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T04:21:04.000000Z"}, {"uuid": "f00ed29c-467e-4151-8034-8fde85537610", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1109", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T04:37:04.000000Z"}, {"uuid": "541cf5af-2a7a-4752-8606-a7868d22b0a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24248", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:11.000000Z"}, {"uuid": "8bbda203-77b5-471b-9e3b-12f856dc0de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24234", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:38:00.000000Z"}, {"uuid": "48b352a4-c834-4aa2-8e30-4d0a32379e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24202", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:16.000000Z"}, {"uuid": "e1e4a96f-d9a6-491f-b987-02e6082788b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7569", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:04.000000Z"}, {"uuid": "39f59665-3892-4df1-88de-9dde78ad6908", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7561", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:37:42.000000Z"}, {"uuid": "11d50918-c98d-485e-bde9-ff252478c6f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8943", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:04.000000Z"}, {"uuid": "652b3b8f-299f-4b32-bc86-39dc6c0897d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8916", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:12.000000Z"}, {"uuid": "2c285d87-c707-40d9-bc36-835e6d9ebe26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8935", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:37:42.000000Z"}, {"uuid": "92e08f07-89c6-4779-ad32-8f9672b23f74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7542", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:12.000000Z"}, {"uuid": "9314d1cc-afab-4420-b7e5-593381446d0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/577", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:16.000000Z"}, {"uuid": "b58dd067-8664-4ff0-a2ce-1608f7fded34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3816", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T04:37:05.000000Z"}, {"uuid": "04823cde-9cdc-41fd-b037-a7e33d2cf08a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3840", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T05:23:04.000000Z"}, {"uuid": "1012b079-bafa-4b24-b62e-5073279c9f0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3833", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T04:21:05.000000Z"}, {"uuid": "04866ad9-bc62-43f7-a496-542098023d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/601", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:11.000000Z"}, {"uuid": "0e78e187-569f-4714-b2f5-e1fe9c70308c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/593", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:38:00.000000Z"}, {"uuid": "2088df4b-a0f8-4295-9fbe-1b44e7328ebe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5836", "type": "seen", "source": "", "content": "", "creation_timestamp": "2024-10-18T12:32:20.467002Z"}]}