{"uuid": "2e1f70c8-89e9-4030-a665-09d46097d732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21554", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3040", "content": "Tools - Hackers Factory \n\n\u200b\u200bInvoke-GPTObfuscation\n\nA PowerShell Obfuscator that utilizes OpenAI (and other APIs) to obfuscate your PowerShell penetration testing code, malware, or any other sensitive script.\n\nhttps://github.com/hwvs/Invoke-GPTObfuscation\n\n#infosec \n\n\u200b\u200bSubreconGTP\n\nThis (VERY BETA) Python script performs AI-assisted subdomain discovery. It takes a list of subdomains as input, generates similar subdomains using the OpenAI GPT-3 model, and attempts to resolve these subdomains.\n\nhttps://github.com/jhaddix/SubreconGTP\n\n#infosec #pentesting #bugbounty\n\nHarden Windows Safely \n\nSecurely using Official Supported Microsoft methods with proper explanation | Always up-to-date and works with the latest build of Windows.\n\nhttps://github.com/HotCakeX/Harden-Windows-Security\n\n#cybersecurity #infosec\n\n\u200b\u200bxurlfind3r\n\nA CLI utility to find domain's known URLs passively from AlienVault's Open Threat Exchange, Common Crawl, Github, Intelligence X, URLScan, and the Wayback Machine.\n\nhttps://github.com/hueristiq/xurlfind3r\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bCVE-2023-21554\n\nPoC CVE-2023-21554 Windows MessageQueuing.\n\nhttps://github.com/zoemurmure/CVE-2023-21554-PoC\n\n#cve #poc #infosec\n\n\u200b\u200bLoki\n\nSimple IOC and YARA Scanner.\n\nhttps://github.com/Neo23x0/Loki\n\n#cybersecurity #infosec #malware\n\n\u200b\u200bPeExports\n\nThis simple multithreaded tool is for collecting PE exports to help with API hashing when reverse engineering.\n\nhttps://github.com/c3rb3ru5d3d53c/peexports\n\n#cybersecurity #infosec\n\n\u200b\u200bNoCrypt AntiRansomware Linux\n\nTool to prevent #ransomware attacks on Linux systems. The module hooks the system call\u00a0sys_rename\u00a0using ftrace to monitor all the files renamed on the system.\n\nhttps://github.com/niveb/NoCrypt\n\n#cybersecurity #infosec #ransom\n\n\u200b\u200bFnord\n\nFnord is a pattern extractor for obfuscated code.\n\nhttps://github.com/Neo23x0/Fnord\n\n#cybersecurity #infosec\n\n\u200b\u200bCritical Sandbox Escape Vulnerability in VM2\n\nA sandbox escape vulnerability exists in vm2 for versions up to 3.9.17. It abuses an unexpected creation of a host object based on the specification of Proxy, and allows RCE via Function in the host context.\n\nhttps://gist.github.com/arkark/e9f5cf5782dec8321095be3e52acf5ac\n\n#cybersecurity #infosec #poc\n\n\u200b\u200bCFG-FindHiddenShellcode\n\nWalks the CFG bitmap to find previously executable but currently hidden shellcode regions.\n\nhttps://github.com/jdu2600/CFG-FindHiddenShellcode\n\n#cybersecurity #infosec\n\n\u200b\u200bADCSKiller\n\nA Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure.\n\nhttps://github.com/grimlockx/ADCSKiller\n\n#infosec #pentesting #redteam\n\n\u200b\u200bNavi | An SSG Community Project\n\nNavi is an interface for CLI AI programs built on 'Echo-AI' to bring together a purpose built cybersecurity #AI.\n\nhttps://github.com/SSGorg/Navi\n\n#cybersecurity #infosec\n\n\u200b\u200bCybersecurity-Books\n\nHere you will get awesome collection of mostly all well-known and usefull cybersecurity books from beginner level to expert for all cybersecurity positions.\n\nhttps://github.com/zealraj/Cybersecurity-Books\n\n#cybersecurity #infosec\n\n\u200b\u200bThreatHunting-Keywords\n\nThis List can be valuable for ThreatHunters, SOC and CERT teams for static analysis on SIEM as it assists in identifying threat actors (or redteamers \ud83d\ude06) using default configurations from renowned exploitation tools in logs. It differs from IOC feeds in its enduring relevance: the keywords here have no 'expiration dates' and can detect threats years after their inclusion, they are flexible accepting wildcard and non sensitive case matches and only focused on default keywords.\n\nhttps://github.com/mthcht/ThreatHunting-Keywords\n\n#infosec #pentesting #redteam\n\n\u200b\u200bPywerView\n\nEasy to find vulnerable machines, or list what domain users were added to the local Administrators group of a machine, and much more.\n\nhttps://github.com/the-useless-one/pywerview\n\n#infosec #pentesting #redteam\n\n\u200b\u200bhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-22T14:01:30.000000Z"}