🚀 Netlas Python SDK v.0.5 is now available. We've made key updates for enhanced compatibility and improved downolading features.

🔧 To upgrade, run:

pip install --upgrade netlas

📈 Check out the full changelog for more details: docs.netlas.io/changelog/

#cybersecurity #tool

Using Netlas.io as an analogue of the WayBack Machine 🔍

Just search in all our indexes and you will see how the some site has changed periodically 🔥

👉🏻 Read more about this usecase: github.com/netlas-io/netl…

#cybersecurity #tips

CVE-2024-29895, -25641, -31445, -31459: Multiple vulns in Cacti, 8.8 - 10.0 rating 🔥🔥🔥

Four new vulnerabilities in Cacti, including SQL injection, RCE, arbitrary file write. So, why are CVEs always so diverse for this product? 🧐

Search at Netlas.io:
👉🏻 Link:

CVE-2024-26026, -21793: Two injections in F5 Big IP, 7.5 rating❗️

SQL injection and OData injection allow an unauthenticated attacker to conduct a remote attack and gain access to sensitive information.

Search at Netlas.io:
👉🏻 Link: nt.ls/jQqNM
👉🏻

CVE-2023-49606: RCE in Tinyproxy 1.10.0, 1.11.1, 9.8 rating 🔥

A use-after-free vulnerability in Tinyproxy allows an attacker to perform RCE via a specially crafted HTTP header.

Search at Netlas.io:
👉 Link: nt.ls/vWqHD
👉 Dork:

CVE-2024-26304, -26305, -33511, -33512 and other: Multiple vulnerabilities in ArubaOS, 5.3 - 9.8 rating 🔥🔥🔥

More recently disclosed vulnerabilities allow an unauthenticated attacker to perform RCE via a buffer overflow and cause a denial of service.

Search at

📢 Excited about C2 servers? Watch our partners' #Webinar on May 7, 'The Art and Science of C2: Veni, non vidi, non vici?' See firsthand how they use #Netlas to uncover C2 threats!

🛡️🕵️‍♂️ 👉 Sign up for the LinkedIn Live event!
linkedin.com/events/7191004…

#Cybersecurity #C2

How to find all root domains during reconnaissance with Netlas.io:

registrant.organization:'Organization name'

👉 Read more about recon with Netlas: nt.ls/recon

#cybersecurity #bugbounty #pentest #tips

pfSense-SA-24_04: XSS in pfSense Plus and pfSense CE❗️

A vulnerability was discovered in the jquery-treegrid library that could cause arbitrary JavaScript code to be executed in the user's browser.
According to the vendor's advisory, the library is used for testing only and can

CVE-2024-20356: Command Injection in Cisco Integrated Management Controller, 8.7 rating 🔥

The vulnerability allows attacker to inject almost any code, as demonstrated by the example of the launch of Doom (oh yes, now on Cisco)!

Search at Netlas.io:
👉 Link:

New vulnerability in CrushFTP, 'serious' rating 🔥

The vulnerability, which does not yet have a CVE, was discovered in CrushFTP. According to the vendor's report, its use could allow an attacker to leave the VFS and download system files. Moreover, the vulnerability has already

Good news 🔥

Yesterday we fixed three bugs in subscription system that were discovered during the penetration testing.

Now Netlas has become even safer!

👉🏻 Changelog: docs.netlas.io/changelog/

#cybersecurity #tool #update

Business-focused OSINT with Netlas.io 🔎

Our new article is devoted to researching company resources using Netlas tools.
It shows how to collect contacts, files, explore subnets and much more. Read it quickly!

👉 Read here: nt.ls/osint

#cybersecurity

CVE-2024-21006: Vulnerability in Oracle WebLogic Server, 7.5 rating❗️

Vulnerability from the report on the new Oracle patch. Allows an unauthenticated attacker to gain unauthorized access to critical activities. According to NVD, exploitation is quite simple.

Search at

Identifying mimic sites using Netlas.io 🔍

Very often, phishing resources are disguised as well-known domains.

How to find them:
👉🏻 Similar favicon: http.favicon.perceptual_hash:003c7e7e763e3c20~1
👉🏻 Similar domain: domain:example.com~1

Read more

🔥 Netlas.io Discord server 🔥

Engage in live chat with our community on Discord!

Here you can quickly get answers to important questions, talk with other users, and read the latest news in a new convenient format.

👉Follow the link: nt.ls/discord

CVE-2024-3400: command injection in Palo Alto Networks PAN-OS, 10.0 rating 🔥🔥🔥

A 0-day vulnerability in PAN-OS that allows an unauthenticated attacker to execute arbitrary code on the firewall with root rights. According to Palo Alto Networks, attacks have already been carried

Netlas.io searches for popular CMS 🔍

WordPress
http.body:'wp-content' OR http.meta:'Wordpress'

Joomla
http.meta:'Joomla'

Drupal
http.headers.x_generator:'Drupal' OR http.headers.x_drupal_cache:*

Wix
http.body:'wix-public' OR http.headers.x_wix_request_id:*