{"uuid": "a33d6227-2d94-4ea3-99c4-270fa73e559f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4510", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3102", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27  - Hackers Factory\n\nKernel-Process-Hollowing\n\nWindows x64 kernel mode rootkit process hollowing POC.\n\nhttps://github.com/XaFF-XaFF/Kernel-Process-Hollowing\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bBOFMask\n\nPoC for masking Cobalt Strike's Beacon payload while executing a Beacon Object File (BOF).\n\nhttps://github.com/passthehashbrowns/BOFMask\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCRTP-Notes\n\nStudy materials for the Certified Red Team Pentesting (CRTP) exam, covering essential concepts in red teaming and penetration testing.\n\nhttps://github.com/0xStarlight/CRTP-Notes\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-34843\n\nTraggo/server ver. 0.3 - directory traversal\n\nhttps://github.com/rootd4ddy/CVE-2023-34843\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2022-4510\n\nA Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk. It supports SSH, command execution, and reverse shell options. Exploits are saved in PNG format. Ideal for testing and demonstrations.\n\nhttps://github.com/adhikara13/CVE-2022-4510-WalkingPath\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bAPEX-ICS \n\nAutomated protocol exploration and fuzzing for closed-source ics protocols.\n\nhttps://github.com/ParvinSoni/APEX-ICS\n\n#cybersecurity #infosec\n\n\u200b\u200bBOFMask\n\nA tool designed to conceal Cobalt Strike's Beacon payload while executing a Beacon Object File (BOF). By applying a XOR mask and modifying memory protection settings, BOFMask enables users to execute BOFs without exposing Beacon, thereby avoiding detection by EDR products that scan system memory.\n\nhttps://github.com/xforcered/bofmask\n\n#infosec #pentesting #redteam\n\n\u200b\u200bAtlasReaper\n\nA command-line tool developed for offensive security purposes, primarily focused on reconnaissance of Confluence and Jira. It also provides various features that can be helpful for tasks such as credential farming and social engineering. The tool is written in C#.\n\nhttps://github.com/werdhaihai/AtlasReaper\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bParaForge\n\nA simple #BurpSuite extension to extract the paramters and endpoints from the request to create custom wordlist for fuzzing and enumeration.\n\nhttps://github.com/Anof-cyber/ParaForge\n\n#infosec #pentesting #bugbounty\n\nFind authentication (authn) and authorization (authz) security bugs in web application routes.\n\nhttps://github.com/mschwager/route-detect\n\n\u200b\u200bSNAPPY\n\nDetecting rogue and fake 802.11 wireless access points through fingerprinting beacon management frames.\n\nhttps://github.com/SpiderLabs/snappy\n\nDetails:\nhttps://bit.ly/46sGGBN\n\n#cybersecurity #infosec #wifi\n\n\u200b\u200bDNS Analyzer\n\nA #BurpSuite extension for finding DNS vulnerabilities in web applications!\n\nhttps://github.com/The-Login/DNS-Analyzer\n\n#infosec #pentesting #bugbounty\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-07-23T05:17:03.000000Z"}