{"vulnerability": "CVE-2021-31166", "sightings": [{"uuid": "d37cbcf8-1b37-4970-aa0d-7d6497de8676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "MISP/63ddead6-4b82-414c-ad8e-c516b950b446", "content": "", "creation_timestamp": "2021-10-25T22:32:43.000000Z"}, {"uuid": "58c5d68c-3de2-4b66-917f-b680059cb277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "717b4412-35e9-48e3-99c0-efb4e113218c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971499", "content": "", "creation_timestamp": "2024-12-24T20:30:13.750193Z"}, {"uuid": "01771d1c-b698-4b0c-b812-6f71342f4321", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "d33bf17f-320f-4ff4-af28-dfb488eb79ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/Linux_Arabss/51", "content": "CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability\n\nhttps://github.com/0vercl0k/CVE-2021-31166", "creation_timestamp": "2021-09-27T00:05:24.000000Z"}, {"uuid": "2d3bb72b-d731-4ee7-b62c-e0a19e28f4c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:37.000000Z"}, {"uuid": "d176f244-dad0-4c9c-817a-46547d135445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:30.000000Z"}, {"uuid": "c88ac1fb-6c4b-4a70-9a17-8054e6f5d8c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/dos/windows/http/http_sys_accept_encoding_dos_cve_2021_31166.rb", "content": "", "creation_timestamp": "2022-03-16T22:48:55.000000Z"}, {"uuid": "e91a7e6c-0c0b-4fa4-99b6-5314b0d9b256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:16.000000Z"}, {"uuid": "d6f8367c-a2a5-4fcd-adc8-16c99c78b82a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2021-31166", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/cc656da8-bb7b-4267-8519-01fa39a58e99", "content": "", "creation_timestamp": "2026-02-02T12:27:53.454245Z"}, {"uuid": "43ab1746-0085-4058-b281-3eff61283766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5565", "content": "\u25a0\u25a0\u25a1\u25a1\u25a1 CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers.\n\nhttps://hackademicus.nl/cve-2021-31166-windows-http-flaw-also-impacts-winrm-servers/", "creation_timestamp": "2021-05-23T15:44:04.000000Z"}, {"uuid": "e9b8ff76-b5d3-48ed-90c9-55c7ca31d02b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1608", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-21907: exploitation with Powershell, Python, Ruby, NMAP and Metasploit.\nURL\uff1ahttps://github.com/mauricelambert/CVE-2021-31166", "creation_timestamp": "2022-03-07T19:50:10.000000Z"}, {"uuid": "4dbf338c-e3b1-4cd0-af2f-ec63ab7fb29d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/cKure/5378", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability\n\nhttps://github.com/0vercl0k/CVE-2021-31166", "creation_timestamp": "2021-05-17T06:35:10.000000Z"}, {"uuid": "ce29d71a-ad49-4fe1-81bf-3f8fcf19d363", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3502", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aPoC for CVE-2021-31166 and CVE-2022-21907\nURL\uff1ahttps://github.com/0xmaximus/Home-Demolisher\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-01T11:20:30.000000Z"}, {"uuid": "61db731e-1157-4947-ad8a-e8f77b46ae22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/719", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aJust a simple CVE-2021-31166 exploit tool\nURL\uff1ahttps://github.com/ConMiko/CVE-2021-31166-exploit", "creation_timestamp": "2021-10-20T07:52:13.000000Z"}, {"uuid": "5f745b3e-970f-4f1b-aa5a-25f8ef4a1e0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/alexmakus/4090", "content": "\u0418 \u0434\u0430\u0432\u043d\u0435\u043d\u044c\u043a\u043e \u0443 \u043d\u0430\u0441 \u043d\u0435 \u0431\u044b\u043b\u043e \u0445\u043e\u0440\u043e\u0448\u0435\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Window. \u0412 \u0434\u0430\u043d\u043d\u043e\u043c \u0441\u043b\u0443\u0447\u0430\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 HTTP Protocol Stack Windows IIS \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0430\u0442\u0430\u043a \u043d\u0430 Windows 10 \u0438 Windows Server. Microsoft \u0443\u0436\u0435 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0430\u043f\u0434\u0435\u0439\u0442 \u0432 \u0440\u0430\u043c\u043a\u0430\u0445 \u043c\u0430\u0439\u0441\u043a\u043e\u0433\u043e \u0430\u043f\u0434\u0435\u0439\u0442\u0430. \n\nhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-31166\n\n\u0410 \u0442\u0443\u0442 \u0438 PoC \u0443\u0436\u0435 \u043f\u043e\u0434\u0432\u0435\u0437\u043b\u0438\n\nhttps://www.bleepingcomputer.com/news/security/exploit-released-for-wormable-windows-http-vulnerability/\n\n\u0422\u0432\u0438\u0442 \u0441 \u0430\u043d\u043e\u043d\u0441\u043e\u043c \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0435\u043d\u0438\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \nhttps://twitter.com/jimdinmn/status/1395071966487269376?s=21", "creation_timestamp": "2021-05-24T05:27:06.000000Z"}, {"uuid": "b8c4e81a-ce7f-48a0-870f-35bb3344e1e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/poxek/1425", "content": "CVE-2022-21907\n\n\u041e\u043f\u0438\u0441\u0430\u043d\u0438\u0435:\nPOC \u0434\u043b\u044f CVE-2022-21907: \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP.\n\n\u041f\u043e\u0434\u0440\u043e\u0431\u043d\u0435\u0435:\n- \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043a\u043e\u0434\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP.\n- \u0410\u043d\u0430\u043b\u043e\u0433\u0438\u0447\u043d\u0430 CVE-2021-31166.\n- \u042d\u0442\u0430 \u043f\u0440\u043e\u0431\u043b\u0435\u043c\u0430 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442 \u0441 \u043f\u0440\u043e\u0448\u043b\u043e\u0433\u043e \u0433\u043e\u0434\u0430, \u043e \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u0441\u043e\u043e\u0431\u0449\u0430\u043b\u043e\u0441\u044c \u0432 CVE-2021-31166, \u0438 \u0434\u043e \u0441\u0438\u0445 \u043f\u043e\u0440 \u0441\u0443\u0449\u0435\u0441\u0442\u0432\u0443\u0435\u0442.\n\n\u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442: \n- Windows\n\u2014 10 \u0432\u0435\u0440\u0441\u0438\u044f 1809 \u0434\u043b\u044f 32-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 1809 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 1809 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H1 \u0434\u043b\u044f 32-\u0440\u0430\u0437\u0440\u044f\u0434\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H1 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H1 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 20H2 \u0434\u043b\u044f 32-\u0431\u0438\u0442\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 20H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 20H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H2 \u0434\u043b\u044f 32-\u0431\u0438\u0442\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 10 \u0412\u0435\u0440\u0441\u0438\u044f 21H2 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n\u2014 11 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 x64\n\u2014 11 \u0434\u043b\u044f \u0441\u0438\u0441\u0442\u0435\u043c \u043d\u0430 \u0431\u0430\u0437\u0435 ARM64\n- Windows Server\n\u2014 2019\n\u2014 2019 (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u044f\u0434\u0440\u0430)\n\u2014 2022\n\u2014 2022 (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u044f\u0434\u0440\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430)\n\u2014 \u0432\u0435\u0440\u0441\u0438\u044f 20H2 (\u0443\u0441\u0442\u0430\u043d\u043e\u0432\u043a\u0430 \u044f\u0434\u0440\u0430 \u0441\u0435\u0440\u0432\u0435\u0440\u0430)\n\nhttps://github.com/michelep/CVE-2022-21907-Vulnerability-PoC\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-04-28T17:01:45.000000Z"}, {"uuid": "c0284aa0-ca2d-4f06-9a6a-d82e92d83cfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/605", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aWindows HTTP\u534f\u8bae\u6808\u8fdc\u7a0b\u4ee3\u7801\u6267\u884c\u6f0f\u6d1e CVE-2021-31166\nURL\uff1ahttps://github.com/antx-code/CVE-2021-31166", "creation_timestamp": "2021-09-27T05:59:45.000000Z"}, {"uuid": "67073d73-f8e0-4190-922e-69063c8a14f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/ctinow/33607", "content": "Expert released PoC exploit code for Windows CVE-2021-31166 bug\n\nhttps://ift.tt/3eQN6lt", "creation_timestamp": "2021-05-17T15:52:15.000000Z"}, {"uuid": "7c295d3f-edbf-49e0-b704-024d63f1662c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "Telegram/mFYo1C3k7q9W0yt710Al7YJNUPL9ENyuwuWwvi5xbyICpHw", "content": "", "creation_timestamp": "2024-07-07T08:52:09.000000Z"}, {"uuid": "825285cc-775c-40bf-8d85-cf9e55ce6208", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/ctinow/33975", "content": "CVE-2021-31166 Windows HTTP flaw also impacts WinRM servers\n\nhttps://ift.tt/3hNtG2Q", "creation_timestamp": "2021-05-23T15:32:55.000000Z"}, {"uuid": "16b19ec6-ac94-455e-a31b-bc8ccbc4b65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/arpsyndicate/1119", "content": "#ExploitObserverAlert\n\nCVE-2021-31166\n\nDESCRIPTION: Exploit Observer has 51 entries related to CVE-2021-31166. HTTP Protocol Stack Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.972590000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-04T05:04:36.000000Z"}, {"uuid": "b49b0065-52cc-4e76-8b48-b284f8ef40af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/arpsyndicate/214", "content": "#ExploitObserverAlert\n\nCVE-2021-31166\n\nDESCRIPTION: Exploit Observer has 49 entries related to CVE-2021-31166. HTTP Protocol Stack Remote Code Execution Vulnerability\n\nFIRST-EPSS: 0.972300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-17T05:44:16.000000Z"}, {"uuid": "97bf4bbe-719d-4068-b61f-f0b9a1bffacf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "Telegram/wD2220v0o3d-1bukkXF_tqfTdXEUiA9USIqpuUXZ1dpsFQ", "content": "", "creation_timestamp": "2021-05-20T04:33:15.000000Z"}, {"uuid": "388e25cb-dbce-465a-9f70-e095c25acff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/218", "content": "Simple Serv-U CVE-2021-35211 #poc\nhttps://github.com/NattiSamson/Serv-U-CVE-2021-35211\n\nCVE-2021-40346 integer overflow enables http smuggling\nhttps://github.com/donky16/CVE-2021-40346-POC\n\nPOC for CVE-2021-31166: Windows HTTP\nhttps://github.com/antx-code/CVE-2021-31166\n\nOffensive RPC #poc\nhttps://github.com/sensepost/offensive-rpc\n\nSimple Serv-U CVE-2021-35211 #poc\nhttps://github.com/5gstudent/CVE-2021-22005-\n\nios-nehelper-wifi-info-0day #exploit\nhttps://github.com/illusionofchaos/ios-nehelper-wifi-info-0day\nhttps://github.com/illusionofchaos/ios-nehelper-enum-apps-0day\n\n#poc for CVE-2021-3129 (Laravel)\nhttps://github.com/knqyf263/CVE-2021-3129", "creation_timestamp": "2021-10-01T18:29:21.000000Z"}, {"uuid": "e2c36236-4afd-4542-b59f-6ab80d6b1939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/HackerOne/3005", "content": "HTTP Protocol Stack Remote Code Execution Vulnerability\n\nhttp://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-CVE-2021-31166", "creation_timestamp": "2021-05-15T14:00:18.000000Z"}, {"uuid": "11b79b91-4778-409b-a4ea-8258a3334ff5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/true_secator/1720", "content": "\u200b\u200b\u041d\u0430 \u043f\u0440\u043e\u0448\u043b\u043e\u0439 \u043d\u0435\u0434\u0435\u043b\u0435 Microsoft \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 \u043e\u0447\u0435\u0440\u0435\u0434\u043d\u043e\u0439 \u043c\u0435\u0441\u044f\u0447\u043d\u044b\u0439 \u0430\u043f\u0434\u0435\u0439\u0442 \u0431\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u043c, \u0441\u0440\u0435\u0434\u0438 \u043f\u0440\u043e\u0447\u0435\u0433\u043e, \u0437\u0430\u043a\u0440\u044b\u043b\u0438 \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0443\u044e \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2021-31166, \u043a\u043e\u0442\u043e\u0440\u0443\u044e \u043e\u0446\u0435\u043d\u0438\u043b\u0438 \u0432 9,8 \u043f\u043e \u0448\u043a\u0430\u043b\u0435 \u043a\u0440\u0438\u0442\u0438\u0447\u043d\u043e\u0441\u0442\u0438 CVSS.\n\n\u041e\u0448\u0438\u0431\u043a\u0430 \u043d\u0430\u0445\u043e\u0434\u0438\u0442\u0441\u044f \u0432 \u0441\u0442\u0435\u043a\u0435 HTTP Microsoft IIS \u0438 \u043f\u0440\u0438 \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0430\u0446\u0438\u0438 \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043f\u043e\u0432\u0440\u0435\u0436\u0434\u0435\u043d\u0438\u044e \u043f\u0430\u043c\u044f\u0442\u0438 \u0438, \u043a\u0430\u043a \u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0435, \u043a \u0443\u0434\u0430\u043b\u0435\u043d\u043d\u043e\u043c\u0443 \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044e \u043a\u043e\u0434\u0430 \u0432 \u044f\u0434\u0440\u0435 \u041e\u0421.\n\nMicrosoft \u0437\u0430\u044f\u0432\u0438\u043b\u0438, \u0447\u0442\u043e \u044d\u0442\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044e \u0441\u0435\u0442\u0435\u0432\u043e\u0433\u043e \u0447\u0435\u0440\u0432\u044f, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u0443\u0434\u0435\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u043f\u043e \u0441\u0435\u0440\u0432\u0435\u0440\u0430\u043c IIS.\n\n\u0410 \u0432\u0447\u0435\u0440\u0430 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u0410\u043b\u0435\u043a\u0441 \u0421\u0443\u0448\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b Proof of Concept \u0434\u043b\u044f CVE-2021-31166, \u0430 \u0437\u043d\u0430\u0447\u0438\u0442 \u0434\u043e \u0440\u0430\u0431\u043e\u0447\u0435\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u043e\u0439\u0442\u0430 \u0432 \u0440\u0443\u043a\u0430\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043e\u0441\u0442\u0430\u043b\u043e\u0441\u044c \u0432\u0441\u0435\u0433\u043e \u043d\u0438\u0447\u0435\u0433\u043e.\n\n\u041f\u043e\u044d\u0442\u043e\u043c\u0443 \u0435\u0441\u043b\u0438 \u0443 \u0432\u044b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0435 Microsoft IIS - \u043e\u0431\u043d\u043e\u0432\u0438\u0442\u0435\u0441\u044c, \u043d\u0435\u0447\u0435\u0433\u043e \u0447\u0435\u0440\u0432\u0435\u0439 \u043f\u043b\u043e\u0434\u0438\u0442\u044c.", "creation_timestamp": "2021-05-17T15:24:28.000000Z"}, {"uuid": "0f580e0d-c30a-4aef-ad5d-9281792c285c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/haccking/99319", "content": "#\u041d\u043e\u0432\u043e\u0441\u0442\u0438\n\n1. Qnap \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Roon Server\nhttps://xakep.ru/2021/05/18/roon-server-0day/\n\n2. \u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows IIS\nhttps://xakep.ru/2021/05/18/cve-2021-31166/\n\n3. CISA \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 \u043e\u0442 \u0430\u0442\u0430\u043a \u043d\u0430 SolarWinds \u0438 Active Directory/M365\nhttps://www.securitylab.ru/news/520299.php\n\n4. \u00ab\u0412\u0430\u043a\u0446\u0438\u043d\u043e\u0439\u00bb \u043f\u0440\u043e\u0442\u0438\u0432 \u0440\u0443\u0441\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u0440\u0443\u0441\u0441\u043a\u0430\u044f \u0440\u0430\u0441\u043a\u043b\u0430\u0434\u043a\u0430 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b\nhttps://www.securitylab.ru/news/520295.php", "creation_timestamp": "2021-05-19T06:03:13.000000Z"}, {"uuid": "a5e73cdd-91fd-45eb-8534-57abaff1b382", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/451", "content": "CVE-2021-31166 HTTP\u5354\u8b70\u68e7\u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-31166_HTTP%E5%8D%94%E8%AD%B0%E6%A3%A7%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-18T01:34:59.000000Z"}, {"uuid": "64981576-8ffd-462b-a2ba-e92e95eb81a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/HackerOne/3007", "content": "CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability\n\nhttps://github.com/0vercl0k/CVE-2021-31166", "creation_timestamp": "2021-05-17T12:23:36.000000Z"}, {"uuid": "f093b758-5f5b-4231-9e00-865bfa5e1933", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/HackerOne/3043", "content": "CVE-2021-31166: A Wormable Code Execution Bug in HTTP.sys\n https://www.zerodayinitiative.com/blog/2021/5/17/cve-2021-31166-a-wormable-code-execution-bug-in-httpsys", "creation_timestamp": "2021-06-15T11:15:30.000000Z"}, {"uuid": "d893a9a1-1cd9-44f3-a5ae-9f59af832ce1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/haccking/6301", "content": "#\u041d\u043e\u0432\u043e\u0441\u0442\u0438\n\n1. Qnap \u0440\u0430\u0441\u0441\u043b\u0435\u0434\u0443\u0435\u0442 \u0430\u0442\u0430\u043a\u0438 \u043d\u0430 \u0441\u0435\u0442\u0435\u0432\u044b\u0435 \u0445\u0440\u0430\u043d\u0438\u043b\u0438\u0449\u0430 \u0447\u0435\u0440\u0435\u0437 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 Roon Server\nhttps://xakep.ru/2021/05/18/roon-server-0day/\n\n2. \u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows IIS\nhttps://xakep.ru/2021/05/18/cve-2021-31166/\n\n3. CISA \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u0440\u0443\u043a\u043e\u0432\u043e\u0434\u0441\u0442\u0432\u043e \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u0440\u0430\u0434\u0430\u0432\u0448\u0438\u0445 \u043e\u0442 \u0430\u0442\u0430\u043a \u043d\u0430 SolarWinds \u0438 Active Directory/M365\nhttps://www.securitylab.ru/news/520299.php\n\n4. \u00ab\u0412\u0430\u043a\u0446\u0438\u043d\u043e\u0439\u00bb \u043f\u0440\u043e\u0442\u0438\u0432 \u0440\u0443\u0441\u0441\u043a\u0438\u0445 \u0445\u0430\u043a\u0435\u0440\u043e\u0432 \u043c\u043e\u0436\u0435\u0442 \u0441\u0442\u0430\u0442\u044c \u0440\u0443\u0441\u0441\u043a\u0430\u044f \u0440\u0430\u0441\u043a\u043b\u0430\u0434\u043a\u0430 \u043a\u043b\u0430\u0432\u0438\u0430\u0442\u0443\u0440\u044b\nhttps://www.securitylab.ru/news/520295.php", "creation_timestamp": "2022-06-07T11:35:37.000000Z"}, {"uuid": "f7e39159-4b5c-4a5f-bfe3-c438e4cfb74d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/thehackernews/1212", "content": "Patch Tuesday (May 2021)\n\nMicrosoft has released the latest Windows updates to patch a dozen newly discovered vulnerabilities, one of the most critical of which is a wormable RCE (CVE-2021-31166) in the HTTP protocol stack.\nRead details - https://thehackernews.com/2021/05/latest-microsoft-windows-updates-patch.html", "creation_timestamp": "2021-05-12T13:59:45.000000Z"}, {"uuid": "ca84ff4e-9d53-4b43-adc9-3402cd296a18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2516", "content": "#CVE-2022\nPoC for CVE-2021-31166 and CVE-2022-21907\n\nhttps://github.com/0xmaximus/Home-Demolisher\n\n@BlueRedTeam", "creation_timestamp": "2022-12-10T17:07:01.000000Z"}, {"uuid": "079b6412-7f5f-44f9-961f-d11ae013e51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/xakep_ru/10768", "content": "\u041e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043d \u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u043a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u043e\u0439 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 Windows IIS\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u044c \u043e\u043f\u0443\u0431\u043b\u0438\u043a\u043e\u0432\u0430\u043b PoC-\u044d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0434\u043b\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 Windows IIS, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043e\u0431\u043b\u0430\u0434\u0430\u0435\u0442 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u043e\u043c \u0447\u0435\u0440\u0432\u044f, \u0438 \u0431\u044b\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435.\n\nhttps://xakep.ru/2021/05/18/cve-2021-31166/", "creation_timestamp": "2021-05-18T10:30:13.000000Z"}, {"uuid": "9d0c0bc6-2c3f-45ce-9230-14ae398ae888", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/xakep_ru/10795", "content": "\u0411\u0430\u0433 \u0441 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u043e\u043c \u0447\u0435\u0440\u0432\u044f \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u043e\u043f\u0430\u0441\u043d\u043e\u0441\u0442\u044c \u0434\u043b\u044f \u0441\u0435\u0440\u0432\u0435\u0440\u043e\u0432 WinRM\n\n\u041a\u0440\u0438\u0442\u0438\u0447\u0435\u0441\u043a\u0430\u044f \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0441\u0442\u0435\u043a\u0435 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0430 HTTP \u0432 Internet Information Services (IIS), \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u0430\u044f \u0440\u0430\u043d\u0435\u0435 \u0432 \u044d\u0442\u043e\u043c \u043c\u0435\u0441\u044f\u0446\u0435, \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0443\u0433\u0440\u043e\u0437\u0443 \u0434\u043b\u044f Windows 10 \u0438 Server, \u0441 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e \u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u0439 \u0441\u043b\u0443\u0436\u0431\u043e\u0439 WinRM (Windows Remote Management).\n\nhttps://xakep.ru/2021/05/24/cve-2021-31166-winrm/", "creation_timestamp": "2021-05-24T12:35:10.000000Z"}, {"uuid": "b6eff8b2-3949-424b-997c-6827cd5f11a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/BlueRedTeam/1759", "content": "#Blue_Team\n1. Hermetic Wiper Malware Detection Rules\nhttps://github.com/stripesoc/detections/tree/main/hermeticwiper\n2. CVE-2021-31166 Detection Rules\nhttps://github.com/mvlnetdev/CVE-2021-31166-detection-rules\n\n@BlueRedTeam", "creation_timestamp": "2022-02-27T08:54:01.000000Z"}, {"uuid": "9f3e1d09-5eaf-487c-a267-199603815529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/Linux_Arabs/44", "content": "CVE-2021-31166: HTTP Protocol Stack Remote Code Execution Vulnerability\n\nhttps://github.com/0vercl0k/CVE-2021-31166", "creation_timestamp": "2024-11-02T22:51:59.000000Z"}, {"uuid": "0fb3af44-138d-49ca-b69c-39e2daed795a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3388", "content": "HTTP Protocol Stack RCE Vulnerability (PoC for CVE-2021-31166)\nhttps://github.com/0vercl0k/CVE-2021-31166", "creation_timestamp": "2021-06-12T21:45:55.000000Z"}, {"uuid": "fcc441a4-d598-443b-b1c4-2536672d9187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/3506", "content": "#Analytics\nTop 10 Most Used Vulns of the Month (may 1-31)\nCVE-2021-31166 - HTTP Stack RCE\nhttps://t.me/cybersecuritytechnologies/3388\nCVE-2021-21551 -Dell BIOS Driver PE\nhttps://t.me/cybersecuritytechnologies/3293\nCVE-2021-30747 -Covert channel in Apple M1\nhttps://t.me/cybersecuritytechnologies/3472\nCVE-2021-22204 -DjVu vuln\nhttps://github.com/exiftool/exiftool/commit/cf0f4e7dcd024ca99615bfd1102a841a25dde031#diff-fa0d652d10dbcd246e6b1df16c1e992931d3bb717a7e36157596b76bdadb3800\nCVE-2021-28482 -MS Exchange RCE\nhttps://t.me/cybersecuritytechnologies/3286\nCVE-2021-21974 -VMware\u00a0ESXi heap-overflow\nhttps://t.me/cybersecuritytechnologies/3460\nCVE-2021-29447 -WordPress XXE\nhttps://t.me/cybersecuritytechnologies/3142\nCVE-2021-21985 - vSphere Client RCE\nhttps://t.me/cybersecuritytechnologies/3493\nCVE-2021-32471 -ACE in TuringMachine\nhttps://t.me/cybersecuritytechnologies/3364\nCVE-2021-3490 -Linux Kernel eBPF\nhttps://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf.git/commit/?id=049c4e13714ecbca567b4d5f6d563f05d431c80e", "creation_timestamp": "2024-09-28T16:48:46.000000Z"}, {"uuid": "24e37117-6e53-4935-b293-cb0bbbe05a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31166", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5500", "content": "#Blue_Team_Techniques\n1. Hermetic Wiper Malware Detection Rules\nhttps://github.com/stripesoc/detections/tree/main/hermeticwiper\n2. CVE-2021-31166 Detection Rules\nhttps://github.com/mvlnetdev/CVE-2021-31166-detection-rules", "creation_timestamp": "2022-02-27T13:45:01.000000Z"}]}