Thank you for sharing Fofa Dork: fofa.so/result?qbase64… It can also find the url. #bugbountytips #infosec #RCE

Technical analysis for Zoho ManageEngine Desktop Central (and MSP) CVE-2021-44515, including PoC. Credit to wvu attackerkb.com/topics/rJw4DFI…

The fact that you can record the execution of a process, and even seeing the content that SharpHound is creating... Here is an example ))

CVE-2022-22947 Space bypass, Use "/bin/bash","-c","cat /etc/passwd" #rce

🔥 Veeam fixed an Unauth RCE (CVE-2022-26500, CVE-2022-26501) in Veeam Backup & Replication and a Local Privilege Escalation (CVE-2022-26503) in Veeam Agent for Microsoft Windows found by our researcher neketah. Advisory: veeam.com/kb4288

The following non-malicious request can be used to test susceptibility to the Spring Framework 0day RCE. An HTTP 400 return code indicates vulnerability. $ curl host:port/path?class.module.classLoader.URLs%5B0%5D=0 #SpringShell #Spring4Shell #infosec

LOLBIN to dump LSASS: Path: C:\Program Files\Microsoft Visual Studio\2022\Community\Common7\IDE\Extensions\TestPlatform\Extensions Binary: DumpMinitool.exe The params are case sensitive.

Real-World #PingCastle Finding #8: Non-admin users can add computers to a domain. A customer called us because he discovered two new computer objects. Such new computer objects can be a sign of more targeted attacks against the #ActiveDirectory. 1/8 #CyberSecurity #dfir

I have been playing with KernelCallbackTable process injection lately and here's something I wanted to share. #redteam #maldev #infosec captmeelo.com/redteam/maldev…

I wrote down some thoughts on bypassing #EDR with syscalls, and shared my super small patch for #SysWhispers2 to evade Defender detection: cloaked.pl/2022/04/on-how…

LDAP injection auth bypasses:) 1. * 2. *)(& 3. *)(|(& 4. pwd) 5. *)(|(* 6. *))%00 7. admin)(&) #bugbountytips

NEW BLOG: Detect and block credential dumps/ LSA/LSASS Access (Mitre:T1003) with Microsoft Defender for Endpoint, Defender for Identity & Attack Surface Reduction/ Exploit Guard. Blog; jeffreyappel.nl/detect-and-blo… #MDE #MicrosoftSecurity #MDI #Security

The new F5 RCE vulnerability, CVE-2022-1388, is trivial to exploit. We spent some time chasing unrelated diffs within the newest version, but @jameshorseman2 ultimately got first blood. We'll release a POC next week to give more time for orgs to patch. #f5 #CyberSecurity

GitHub - xairy/vmware-exploitation: A collection of links related to VMware escape exploits github.com/xairy/vmware-e…

Akamai #WAF #Bypass 😎 Local File Read/Disclosure file:///etc/x%252Fy/../passwd?/../passwd (Polyglot, check reference) Ref: rodoassis.medium.com/on-ssrf-server… PoC:

Thread - Confluence Blind OGNL Injection analysis from our limited java knowledge. From vulnerable sink to becoming admin of the confluence instance. #CVE-2022-26134. Tested on latest vulnerable version 7.18.0.

#bugbountytips Regex author: H4x0r.DZ Burp Bounty scanner: Burp Bounty me: Generic key detection profile github.com/ghsec/BurpBoun… Happy hunting

#bugbountytips #bugbounty I just published 0 Day Vulnerability — URI Normalization Issue — Access the Internal Tomcat Server #Apache link.medium.com/tyvP1fIbMqb

Here is an RCE demo for Cobalt Strike CVE-2022-39197. Like Rio said the patch is not a complete fix, be careful. Also I don't want to see any more java code for a while, holy f. Maybe at some point I will post some patch analysis 🥃 youtube.com/watch?v=cjg9FJ…