{"vulnerability": "CVE-2022-32883", "sightings": [{"uuid": "44540b1e-3512-419c-9f15-250b54e75e8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32883", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2785", "content": "#Tools -\u00a0 \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06\n\nCyber Threat Intelligence Data and Analysis\n\nOur unique Cyber Threat Intelligence aims to determine the ongoing research of APT actors to anticipiate their acitivities.\n\nhttps://github.com/vuldb/cyber_threat_intelligence\n\nMicro Emulation Plans\n\nThis collection expands the impact of the Adversary Emulation Library by developing easy-to-execute adversary emulation content that targets specific behaviors and challenges facing defenders. \n\nRather than modeling full-scope breach scenarios, these micro emulation plans focus on smaller, more specific combinations of techniques. (We call these short sequences \"compound behaviors\" because they involve more than one adversary technique.) \n\nThe plans produce signals similar to real adversary techniques (but without the harmful effects) to enable blue teams to safely test and evaluate their detective and preventative controls.\n\nhttps://github.com/center-for-threat-informed-defense/adversary_emulation_library/tree/master/micro_emulation_plans\n\nMDML\n\nMalware Detection using Machine Learning.\n\nhttps://github.com/mohamedbenchikh/MDML\n\nVirtual FIDO\n\nA virtual USB device that implements the FIDO2/U2F protocol (like a YubiKey) in order to support 2FA and WebAuthN.\n\nFeatures:\n\u25ab\ufe0f Support for both Windows and Linux through USB/IP (Mac support coming later)\n\u25ab\ufe0f Connect using both U2F and FIDO2 protocols for both normal 2FA and WebAuthN\n\u25ab\ufe0f Store credentials in an encrypted format with a passphrase\n\u25ab\ufe0f Store credential data anywhere (example provided: a local file)\n\u25ab\ufe0f Generic approval mechanism for credential creation and login (example provided: terminal based)\n\nhttps://github.com/bulwarkid/virtual-fido\n\nPeNet Analyzer\n\nAnalyzers for Portable Executable anomalies and other malware behavior.\n\nhttps://github.com/secana/PeNet-Analyzer\n\nCVE-2022-32883 \n\nTurning Your Computer Into a GPS Tracker With Apple Maps.\n\nhttps://github.com/breakpointHQ/CVE-2022-32883\n\nCondor\n\nA tool created to help pentesters bypass protections like AVs/EDRs/XDRs in the Windows operating system. Condor was developed in Python and has several advantages to help pentesters.\n\nhttps://github.com/MrEmpy/Condor\n\nExecRemoteAssembly\n\nExecute Remote Assembly with args passing and with AMSI and ETW patching\n\nhttps://github.com/D1rkMtr/ExecRemoteAssembly\n\nLDAP Nom Nom\n\nAnonymously bruteforce Active Directory usernames from Domain Controllers by abusing LDAP Ping requests (cLDAP)\n\n\u25ab\ufe0f Autodetects DCs on domain joined machines. A bit moot, as you can just dump usernames with authenticated LDAP, but included for completeness\n\u25ab\ufe0f Reads usernames to test from stdin or file\n\u25ab\ufe0f Outputs to stdin or file\n\u25ab\ufe0f Parallelized, defaults to 8 connections\n\u25ab\ufe0f Shows progressbar if you're using both input and output files\n\nhttps://github.com/lkarlslund/ldapnomnom\n\nPyMeta \n\nA Python3 rewrite of the tool PowerMeta, created in PowerShell. It uses specially crafted search queries to identify and download the following file types (pdf, xls, xlsx, csv, doc, docx, ppt, pptx) from a given domain using Google and Bing scraping.\n\nhttps://github.com/m8sec/pymeta\n\nAppShark\n\nA static taint analysis platform to scan vulnerabilities in an Android app.\n\nhttps://github.com/bytedance/appshark\n\nFly4s\n\nA lightweight, simple and functional wrapper for Flyway using cats effect. \n\nhttps://github.com/geirolz/fly4s\n\nJoin:\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory\n\nWebsite:\nwww.ghostclan.org\n\n#InsoSec #cybersec \ud835\udddb\ud835\uddee\ud835\uddf0\ud835\uddf8\ud835\uddf2\ud835\uddff\ud835\ude00 \ud835\uddd9\ud835\uddee\ud835\uddf0\ud835\ude01\ud835\uddfc\ud835\uddff\ud835\ude06", "creation_timestamp": "2023-03-30T08:41:33.000000Z"}, {"uuid": "9832dfa1-30e8-483a-8897-af78cd44e217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32883", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/266", "content": "https://github.com/breakpointHQ/CVE-2022-32883\n#github", "creation_timestamp": "2022-09-20T12:16:16.000000Z"}]}