All posts tagged cyber

■■■■■ Have you ever struggled finding API endpoints? Check out KiteRunner, the tool to automate recon for you by assetnote! https://github.com/assetnote/kiterunner Here’s a quick usage guide, curated with by intigriti. https://www.youtube.com/embed/vrOXmxNZ3zQ https://t.me/cKure/9222

■■□□□ WordPress Plugin Survey & Poll 1.5.7.3 – ‘sss_params’ SQL Injection (2). https://www.exploit-db.com/exploits/50269 https://t.me/cKure/9221

■■■□□ Exposing 29A Virus Coding Group – An OSINT Analysis. https://securityboulevard.com/2021/09/exposing-29a-virus-coding-group-an-osint-analysis/ https://t.me/cKure/9220

The babuk virus source code. https://git.disroot.org/Archive/Babuk https://t.me/cKure/9218

■■■□□ PoC to turn xlsx (regular Excel files) into xlsm (Excel file with macro) and slipping inside a macro (vbaProject.bin). The macro can be modified previously with any tool like EvilClippy. https://github.com/X-C3LL/xlsxPoison https://t.me/cKure/9216

■■■■□ Cyber-Attack compromising Lebanese government website. Attacker posts PoC video: https://youtu.be/xGx5dxHp7Z4 https://t.me/cKure/9215

■■■■■ Burp Suite RCE http://noahblog.360.cn/burp-suite-rce https://t.me/cKure/9213

■□□□□ A Russian man accused of being a member of the infamous TrickBot gang was arrested while trying to leave South Korea https://securityaffairs.co/wordpress/121909/cyber-crime/trickbot-gang-developer-arrested.html https://t.me/cKure/9212

■■□□□ PacketSifter is a tool to perform batch processing of PCAP data to uncover potential IOCs. Simply initializePacketSifter with your desired integrations (VirusTotal, AbuseIPDB) and pass PacketSifter a pcap and the desired switches and PacketSifter will sift through the data and generate several output files. https://github.com/packetsifter/packetsifterTool https://t.me/cKure/9211

■□□□□ Nettacker – Automated Penetration Testing Framework. https://github.com/OWASP/Nettacker https://t.me/cKure/9210