■■□□□ Session Hijacking Visual Exploitation is a tool that allows for the hijacking of user sessions by injecting malicious JavaScript code. https://github.com/doyensec/Session-Hijacking-Visual-Exploitation https://t.me/cKure/12820
All posts in Uncategorized
September 2, 2023 at 12:39PM
■■■□□ Interesting thread on SQLi. https://twitter.com/therceman/status/1643863898485841920 https://t.me/cKure/12819
September 2, 2023 at 11:45AM
■■■■■ Pwn2Own Vancouver 2023 Ubuntu LPE exploit. https://github.com/Synacktiv/CVE-2023-35001 https://t.me/cKure/12818
September 1, 2023 at 08:30PM
■■■■■ #Untested CVE-2023-26818: Exploit MacOS TCC Bypass W/ Telegram. You can read the vulnerability analysis Part 1 and Part 2 for sandbox bypass. https://github.com/Zeyad-Azima/CVE-2023-26818 https://t.me/cKure/12817
September 1, 2023 at 11:30AM
■■■■□ CVE-2023-41717: Inappropriate file type control in Zscaler Proxy versions 3.6.1.25 and prior allows local attackers to bypass file download/upload restrictions. https://github.com/federella/CVE-2023-41717 https://t.me/cKure/12816
September 1, 2023 at 11:16AM
■■■■■ Infamous Chisel: A collection of components associated with Sandworm designed to enable remote access and exfiltrate information from Android phones. Infamous Chisel also provides remote access by configuring and executing Tor with a hidden service which forwards to a modified Dropbear binary providing a SSH connection. https://github.com/blackorbird/APT_REPORT/blob/master/Sandworm/NCSC-MAR-Infamous-Chisel.pdf https://t.me/cKure/12815
September 1, 2023 at 11:13AM
■■■■■ Window-Hijack Exploring the Ingenious Utilization of Overwolf’s Overlay Framework While Preserving its Native Window Flags Employing SetWindowsHookEx for Acquiring Keyboard and Mouse Inputs. https://github.com/SurgeGotTappedAgain/Window-Hijack https://t.me/cKure/12814
September 1, 2023 at 09:54AM
■■■■□ Supernova – Shellcode Encrypter. https://github.com/nickvourd/Supernova https://t.me/cKure/12813
August 31, 2023 at 10:04PM
■■■■□ Privacy: India is sniffing internet traffic inside undersea cables, says a report by FT. Cyber-Crime, surveillance. ✓ The tools for surveillance have been provided by companies like Cognyte and Septier. ✓ The fresh report raises mass surveillance fears. https://www.indiatoday.in/technology/news/story/report-says-india-sniffing-internet-traffic-passing-through-undersea-cables-raises-surveillance-risk-2429311-2023-08-31 https://t.me/cKure/12812
August 30, 2023 at 10:31PM
■■■□□ 5G security – how to minimise the threats to a 5G network. https://research.nccgroup.com/2023/08/28/5g-security-how-to-minimise-the-threats-to-a-5g-network/ https://t.me/cKure/12810