{"uuid": "7a59e309-bd35-43af-9871-b1d26576beb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-34527", "type": "exploited", "source": "https://t.me/dilagrafie/178", "content": "20 #Tools - \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nParanoid \n\nParanoid project checks for well known weaknesses on cryptographic artifacts such as public keys, digital signatures and general pseudorandom numbers. This library contains implementations and optimizations of existing work found in the literature. The existing work showed that the generation of these artifacts was flawed in some cases. The following are some examples of publications the library is based on.\n\nhttps://github.com/google/paranoid_crypto\n\npre2k\n\nPre2k is a tool to query for the existence of pre-windows 2000 computer objects which can be leveraged to gain a foothold in a target domain as discovered by TrustedSec's @Oddvarmoe. \n\nPre2k can be ran from an uanuthenticated context to perform a password spray from a provided list of recovered hostnames (such as from an RPC/LDAP null bind) or from an authenticated context to perform a targeted or broad password spray. \n\nUsers have the flexibility to target every machine or to stop on the first successful authentication as well as the ability to request and store a valid TGT in .ccache form in their current working directory.\n\nhttps://github.com/garrettfoster13/pre2k\n\nPrintNightmare (CVE-2021-34527)\n\nThis version of the PrintNightmare exploit is heavily based on the code created by Cube0x0, with the following features:\n\n\u25ab\ufe0f Ability to target multiple hosts.\n\u25ab\ufe0f Built-in SMB server for payload delivery, removing the need for open file shares.\n\u25ab\ufe0f Exploit includes both MS-RPRN & MS-PAR protocols (define in CMD args).\n\u25ab\ufe0f Implements @gentilkiwi's UNC bypass technique.\n\nhttps://github.com/m8sec/CVE-2021-34527\n\nExploiting PrintNightmare (CVE-2021\u201334527)\nhttps://infosecwriteups.com/exploiting-printnightmare-cve-2021-34527-10c6e0f5b83f\n\n#cve\n\nGeogramint \n\n#OSINT Geolocalization tool for Telegram\n\nGeogramint is an OSINT tool that uses Telegram's API to find nearby users and groups. Inspired by Tejado's Telegram Nearby Map, which is no longer maintained, it aims to provide a more user-friendly alternative.\n\nGeogramint only finds Telegram users and groups which have activated the nearby feature. Per default it is deactivated.\n\nThe tool is fully supported on Windows and partially supported on Mac OS and Linux distributions.\n\nhttps://github.com/Alb-310/Geogramint\n\npynipper-ng \n\nA configuration security analyzer for network devices. The goal of this tool is check the vulnerabilities and misconfigurations of routers, firewalls and switches reporting the issues in a simple way.\n\nThis tool is based on nipper-ng, updated and translated to Python. The project wants to improve the set of rules that detect security misconfigurations of the network devices using multiple standard benchmarks (like CIS Benchmark) and integrate the tool with APIs (like PSIRT Cisco API) to scan known vulnerabilities.\n\nhttps://github.com/syn-4ck/pynipper-ng\n\nBug-Bounty-Methodology\n\nThese are my checklists which I use during my bug bounty hunting.\n\nhttps://github.com/tuhin1729/Bug-Bounty-Methodology\n\nwhids\n\nEDR with artifact collection driven by detection. The detection engine is built on top of a previous project Gene specially designed to match Windows events against user defined rules.\n\nhttps://github.com/0xrawsec/whids\n\nClash\n\nA rule-based tunnel in Go.\n\nFeatures:\n\u25ab\ufe0f Local HTTP/HTTPS/SOCKS server with authentication support\n\u25ab\ufe0f Shadowsocks(R), VMess, Trojan, Snell, SOCKS5, HTTP(S) outbound support\n\u25ab\ufe0f Built-in fake-ip DNS server that aims to minimize DNS pollution attack impact. DoH/DoT upstream supported.\n\u25ab\ufe0f Rules based off domains, GEOIP, IP-CIDR or process names to route packets to different destinations\n\u25ab\ufe0f Proxy groups allow users to implement powerful rules. Supports automatic fallback, load balancing or auto select proxy based off latency\n\u25ab\ufe0f Remote providers, allowing users to get proxy lists remotely instead of hardcoding in config\n\u25ab\ufe0f Transparent proxy: Redirect TCP and TProxy TCP/UDP with automatic route table/rule management\n\u25ab\ufe0f Hot-reload via the comprehensive HTTP RESTful API controller\n\nhttps://github.com/Dreamacro/clash\n\n1/3", "creation_timestamp": "2022-12-17T10:25:12.000000Z"}