{"uuid": "744d726a-b148-4e7f-a2b6-0ff2a608e081", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-21683", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/6702", "content": "Tools - Hackers Factory\n\nCookieKatz\n\nA project that allows operators to dump cookies from Chrome, Edge or Msedgewebview2 directly from the process memory. Chromium based browsers load all their cookies from the on-disk cookie database on startup.\n\n\u2022 Support dumping cookies from Chrome's Incogntio and Edge's In-Private processes\n\u2022 Access cookies of other user's browsers when running elevated\n\u2022 Dump cookies from webview processes\n\u2022 No need to touch on-disk database file\n\u2022 DPAPI keys not needed to decrypt the cookies\n\u2022 Parse cookies offline from a minidump file\n\nhttps://github.com/Meckazin/ChromeKatz\n\nTotalRecall\n\nThis tool extracts and displays data from the Recall feature in Windows 11, providing an easy way to access information about your PC's activity snapshots.\n\nhttps://github.com/xaitax/TotalRecall\n\nsmbclient-ng, a fast and user friendly way to interact with SMB shares. \n\nhttps://github.com/p0dalirius/smbclient-ng\n\nmacOS Malware Collection \n\nhttps://github.com/objective-see/Malware\n\nDocumentation and scripts to properly enable Windows event logs. \n\nhttps://github.com/Yamato-Security/EnableWindowsLogSettings\n\nEDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines. It offers two modes of operation: automated and manual. \n\nhttps://github.com/SafeBreach-Labs/EDRaser\n\nCVE-2024-21683 Confluence Post Auth RCE \n\nhttps://github.com/W01fh4cker/CVE-2024-21683-RCE?tab=readme-ov-file\n\nThe following query will detect execution of the Rclone command-line program which is related to ransomware exfiltration activity.\n\nhttps://github.com/cyb3rmik3/KQL-threat-hunting-queries/blob/main/02.ThreatDetection/rclone-use-detection.md\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/Net-hunter121/API-Wordlist\n\nA slightly more fun way to disable windows defender + firewall. (through the WSC api) \n\nhttps://github.com/es3n1n/no-defender\n\n#HackersFactory", "creation_timestamp": "2024-06-08T11:25:07.000000Z"}