{"uuid": "579a4468-710a-486d-93a7-2550dc2e62a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34598", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3099", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory \n\n\u200b\u200bosquery-defense-kit\n\nODK (osquery-defense-kit) is unique in that the queries are designed to be used as part of a production detection & response pipeline. The detection queries are formulated to return zero rows during normal expected behavior, so that they may be configured to generate alerts when rows are returned.\n\nhttps://github.com/chainguard-dev/osquery-defense-kit\n\n#cybersecurity #infosec\n\n\u200b\u200bSAFIREFUZZ\n\nA throughput-optimized rehosting and fuzzing framework for ARM Cortex-M firmware. It takes monolithic binary-only firmware images and uses high-level emulation (HLE) and dynamic binary rewriting to run them on far more powerful hardware with low overhead.\n\nhttps://github.com/pr0me/SAFIREFUZZ\n\n#cybersecurity #infosec\n\n\u200b\u200bGoogle CTF\n\nThis repository lists most of the challenges used in the Google CTF since 2017, as well as most of the infrastructure that can be used to run them.\n\nhttps://github.com/google/google-ctf\n\n#CTF #cybersecurity #infosec\n\n\u200b\u200breveng_rtkit\n\nLinux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.\n\nhttps://github.com/reveng007/reveng_rtkit\n\n#infosec #pentesting #redteam\n\n\u200b\u200bPwnDoc-ng\n\nA pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. \n\nhttps://github.com/pwndoc-ng/pwndoc-ng\n\n#cybersecurity #infosec #pentesting\n\nPwnDoc-Vulns\n\nA collection of vuln templates you can import and use together with PwnDoc or PwnDoc-NG.\n\nhttps://github.com/LuemmelSec/PwnDoc-Vulns\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bVulnx\n\nAn intelligent bot auto shell injector that detects vulnerabilities in multiple types of cms.\n\nhttps://github.com/anouarbensaad/vulnx\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bReview Analyzer\n\nA #Chrome Extension for #extracting valuable insights from reviews, generating concise summaries, sentiment analysis, and keyword extraction.\n\nhttps://github.com/serpapi/review-analyzer\n\n\u200b\u200bCVE-2023-34840\n\nAll versions in angular-ui-notification are vulnerable to XSS due to the library not sanitizing the input provided by the user.\n\nhttps://github.com/Xh4H/CVE-2023-34840\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-34598\n\nGibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it's possible to include the content of several files present in the installation folder in the server's response.\n\nhttps://github.com/maddsec/CVE-2023-34598\n\n#cve #cybersecurity #infosec\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-28T15:25:39.000000Z"}