All posts in Uncategorized

■■□□□ LEAKEY: A bash script which checks and validates for #leaked credentials. The idea behind LEAKEY is to make it highly customizable and easy to add checks for new services. https://github.com/rohsec/LEAKEY https://t.me/cKure/13256

■■■□□ Web Path Finder: A Python program that provides information about a website. It retrieves various details such as page title, last updated date, DNS information, subdomains, firewall names, technologies used, certificate information, and more. • Retrieve important information about a website. • Gain insights into the technologies used by a website • Identify subdomains…

■■□□□ HODOR: Shrinking Attack Surface on Node.js via System Call Limitation. https://github.com/NodeHodor/Hodor https://t.me/cKure/13254

■■■■□ Version 10 of CyberChef is now live. Developed by GCHQ’s very own software engineers, explore the latest features of the cyber Swiss Army knife https://github.com/gchq/CyberChef https://t.me/cKure/13252

■■□□□ Cybersecurity firm executive pleads guilty to hacking hospitals. https://www.bleepingcomputer.com/news/security/cybersecurity-firm-executive-pleads-guilty-to-hacking-hospitals/ https://t.me/cKure/13251

■■■□□ Splunk RCE Vulnerability Let Attackers Upload Malicious File. https://cybersecuritynews.com/splunk-rce-vulnerability/ https://t.me/cKure/13250

■■■□□ Cyber-Attack by Russia: Russian Hackers Linked to ‘Largest Ever Cyber Attack’ on Danish Critical Infrastructure. https://thehackernews.com/2023/11/russian-hackers-launch-largest-ever.html https://t.me/cKure/13249

An Indian hack-for-hire group targeted the United States, China, Myanmar, Pakistan, Kuwait, and other countries as part of a wide-ranging espionage, surveillance, and disruptive operation for over a decade. The Appin Software Security (aka Appin Security Group), according to an in-depth analysis from SentinelOne, began as an educational startup offering offensive security training programs, while…

■■■■■ MetaFinder: Search for documents in a domain through Search Engines (Google, Bing and Baidu). The objective is to extract metadata. https://github.com/Josue87/MetaFinder https://t.me/cKure/13246

■■■■■ Zero-Day: In a first, cryptographic keys protecting SSH connections stolen in new attack An error as small as a single flipped memory bit is all it takes to expose a private key. https://arstechnica.com/security/2023/11/hackers-can-steal-ssh-cryptographic-keys-in-new-cutting-edge-attack/2/ https://t.me/cKure/13245