{"uuid": "54585ad3-eed8-4933-90e5-1c539066eca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-37969", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2894", "content": "25 Tools - Hackers Factory\n\n\u200b\u200bMobile Verification Toolkit\n\nMVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.\n\nhttps://github.com/mvt-project/mvt\n\n#cybersecurity #infosec #forensic\n\n\u200b\u200bHiding Shellcode In Plain Sight\n\nHiding shellcode in plain sight within a large memory region. Inspired by technique used by Raspberry Robin's Roshtyak\n\nhttps://github.com/LloydLabs/shellcode-plain-sight\n\n#cybersecurity #infosec\n\n\u200b\u200bUbSym\n\nA Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes.\n\nhttps://github.com/SoftwareSecurityLab/UbSym\n\n#cybersecurity #infosec\n\n\u200b\u200bLibAFL\n\nAdvanced Fuzzing Library - Slot your Fuzzer together in Rust! Scales across cores and machines. For Windows, Android, MacOS, Linux, no_std...\n\nhttps://github.com/AFLplusplus/LibAFL\n\n#cybersecurity #infosec\n\n\u200b\u200bWappalyzer\n\nWappalyzer identifies technologies on websites, such as CMS, web frameworks, ecommerce platforms, JavaScript libraries, analytics tools and more...\n\nhttps://github.com/wappalyzer/wappalyzer\n\nWeb:\nhttps://www.wappalyzer.com/\n\n#cybersecurity #infosec #bugbounty\n\n\u200b\u200bPocketSmali\n\nA modular and extendable Python tool for emulating simple SMALI code.\n\nhttps://github.com/user1342/PocketSmali\n\n#cybersecurity #infosec\n\n\u200b\u200bOpenCTI\n\nOpenCTI is an open source platform allowing organizations to manage their cyber threat intelligence knowledge and observables. It has been created in order to structure, store, organize and visualize technical and non-technical information about cyber threats.\n\nhttps://github.com/OpenCTI-Platform/opencti\n\n#cybersecurity #infosec\n\n\u200b\u200bFfufMaster Usage\n\nRun ffuf with the appropriate options to brute-force the directories using the awesome different wordlists.\n\nhttps://github.com/whalebone7/FfufMaster\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bbadger-builder\n\nbadger-builder is an AI-assisted tool for generating dynamic Brute Ratel C4 profiles. Simply provide badger-builder a flavor for your desired profile and it will prompt OpenAI for fitting configurations.\n\nListener/payload profile configs that are AI generated:\n\n\u2022 C2 URIs\n\u2022 Request/response HTTP headers\n\u2022 HTTP body data prepended and appended to C2 requests/responses\n\u2022 The server's empty-response HTTP body\n\nhttps://github.com/Tw1sm/badger-builder\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2022-37969 \n\nUnderstanding the CVE-2022-37969 Windows Common Log File System Driver Local Privilege Escalation.\n\nhttps://github.com/fortra/CVE-2022-37969\n\n#infosec #cve #poc #exploit\n\n\u200b\u200bKoodousFinder\n\nA simple tool to allows users to search for and analyze android apps for potential security threats and vulnerabilities.\n\nhttps://github.com/teixeira0xfffff/KoodousFinder\n\n#infosec #pentesting\n\n\u200b\u200blldbinit\n\nA gdbinit clone for LLDB aka how to make LLDB a bit more useful and less crappy.\n\nhttps://github.com/gdbinit/lldbinit\n\n#cybersecurity #infosec\n\n\u200b\u200bScareCrow \n\nPayload creation framework designed around EDR bypass. \n\nIf you want to learn more about the techniques utilized in this framework please take a look at Part 1 and Part 2.\n\nhttps://github.com/optiv/ScareCrow\n\n#infosec #pentesting #redteam\n\n\u200b\u200bkali-linux-cheatsheet\n\nKali Linux Cheat Sheet for Penetration Testers.\n\nhttps://github.com/NoorQureshi/kali-linux-cheatsheet\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bWindowSpy \ud83d\udc40\n\nA Cobalt Strike Beacon Object File meant for targeted user surveillance.\n\nhttps://github.com/CodeXTF2/WindowSpy\n\n#infosec #pentesting #redteam\n\n\u200b\u200bStriker C2\n\nStriker is a simple Command and Control (C2) program.\n\nhttps://github.com/4g3nt47/Striker\n\n#infosec #pentesting #redteam\n\n\u200b\u200bHandle-Ripper\n\nWindows handle hijacker.\n\nhttps://github.com/ZeroMemoryEx/Handle-Ripper\n\n#infosec #pentesting #redteam\n\nBearer\n\nCode security scanning tool (SAST) that discover, filter and prioritize security risks and vulnerabilities leading to sensitive data exposures (PII, PHI, PD).\n\nhttps://github.com/bearer/bearer\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200b1/2", "creation_timestamp": "2023-04-30T07:18:19.000000Z"}