{"uuid": "01533ea5-dcb8-4cca-b39c-fb20cd2ede32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-24919", "type": "published-proof-of-concept", "source": "https://t.me/GhostClanInt/25025", "content": "Tools - Hackers Factory\n\nGraphw00f is GraphQL Server Engine Fingerprinting utility for software security professionals looking to learn more about what technology is behind a given GraphQL endpoint. \n\nhttps://github.com/dolevf/graphw00f\n\nSecurity Auditor Utility for GraphQL APIs \n\nhttps://github.com/dolevf/graphql-cop\n\nA toolkit for testing, tweaking and cracking JSON Web Tokens \n\nhttps://github.com/ticarpi/jwt_tool\n\nSearch Google/Bing/Ecosia/DuckDuckGo/Yandex/Yahoo for a search term (dork) with a default set of websites, bug bounty programs or custom collection. \n\nhttps://github.com/Zarcolio/sitedorks\n\nAn interactive shell to spoof some LOLBins command line \n\nhttps://github.com/itaymigdal/LOLSpoof\n\nCommunity curated list of nuclei templates for finding \"unknown\" security vulnerabilities. \n\nhttps://github.com/projectdiscovery/fuzzing-templates\n\nThis checklist may help you to have a good methodology for bug bounty hunting\n\nhttps://github.com/sehno/Bug-bounty/blob/master/bugbounty_checklist.md\n\nJS Fuzzing - LazyEgg\n\nhttps://github.com/schooldropout1337/lazyegg/?s=08\n\nCheck point: CVE-2024-24919 \nDork: \"Server: Check Point SVN\" \"X-UA-Compatible: IE=EmulateIE7\"\n\nhttps://github.com/johnk3r/nuclei-templates/blob/main/http/cves/2024/CVE-2024-24919.yaml\n\nBurp Extension to find potential endpoints, parameters, and generate a custom target wordlist \n\nhttps://github.com/xnl-h4ck3r/GAP-Burp-Extension\n\nLive Feed of C2 servers, tools, and botnets \n\nhttps://github.com/montysecurity/C2-Tracker\n\n#HackersFactory", "creation_timestamp": "2024-06-02T06:50:21.000000Z"}