{"uuid": "c7a018da-43e0-4de2-af9c-04feaf79b64f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/Unik4tsG4ng/6551", "content": "Tools - Hacks\n\nApepe - Mobile application\u00a0 pentesting\n\nApepe is a Python tool developed to help pentesters and red teamers to easily get information from the target app. This tool will extract basic informations as the package name, if the app is signed and the development language...\n\ngithub.com/oppsec/Apepe\n\nBest App For Sql Injection\n\nhttps://github.com/darknethaxor/DH-HackBar\n\nBBRF-Client: The Bug Bounty Reconnaissance Framework (BBRF) can help you coordinate your reconnaissance workflows across multiple devices.\n\nhttps://github.com/honoki/bbrf-client/\n\nCVE-2024-40348 \n\nThis is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.\n\nhttps://github.com/bigb0x/CVE-2024-40348\n\nIt is a free and open-source tool used for image steganography, specifically for extracting hidden data from images. \n\nhttps://github.com/spipm/Depix \n\nDiscover more subdomains during your recon by extracting subdomains from TLS certificates. Integrate Cero into your recon automation for better results.\n\nhttps://github.com/glebarez/cero\n\nCRLFsuite - CRLF injection scanner \n\nThe most powerful CRLF injection (HTTP Response Splitting) scanner.\u00a0 \nhttps://github.com/Raghavd3v/CRLFsuite\n\nFound a subdomain running on Symfony debug mode. \n\nhttps://github.com/synacktiv/eos to get PHP variables and a lot more. \n\nTrying to find Origin IP check out this tool created to find IP behind WAF\n\nhttps://github.com/mmarting/unwaf", "creation_timestamp": "2024-08-13T11:32:52.000000Z"}