{"vulnerability": "CVE-2024-6778", "sightings": [{"uuid": "efcf5ab7-dbfd-4bf7-b425-afbde97164ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-6778", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-18T12:32:07.086995Z"}, {"uuid": "e6b20e08-5913-45c2-91f1-99e0b44de440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "seen", "source": "https://t.me/cvedetector/1010", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-6778 - Google Chrome DevTools Race Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-6778 \nPublished : July 16, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : Race in DevTools in Google Chrome prior to 126.0.6478.182 allowed an attacker who convinced a user to install a malicious extension to inject scripts or HTML into a privileged page via a crafted Chrome Extension. (Chromium security severity: High) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T00:39:10.000000Z"}, {"uuid": "ca54f664-5fb6-4351-af5f-7f9c087ac68a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13779", "content": "\u2744 Escaping the Chrome Sandbox Through DevTools.\n\nhttps://ading.dev/blog/posts/chrome_sandbox_escape.html\n\n\ud83d\udcf1 A POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension.\n\nhttps://github.com/ading2210/CVE-2024-6778-POC", "creation_timestamp": "2024-10-22T15:51:10.000000Z"}, {"uuid": "c3dcd6ab-9161-4113-8085-ed8612db1b1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "Telegram/CVvl4yAxD11343Smp8Poq2G7FUDQCjpXFFsP9PDh3yduS2g", "content": "", "creation_timestamp": "2024-10-20T18:42:21.000000Z"}, {"uuid": "55c32719-f6ea-4daa-91b7-b8c035de2966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8764", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension. \nURL\uff1ahttps://github.com/ading2210/CVE-2024-6778-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-17T05:21:34.000000Z"}, {"uuid": "2dca9064-5951-4a9d-ac4a-efbeb69b3ee6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1134", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:23:04.000000Z"}, {"uuid": "6447024d-aef5-4760-bada-ddbb46f323f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1126", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T04:21:04.000000Z"}, {"uuid": "3c48cb02-32e0-4c14-a5c2-f4afb9fc88d5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/1109", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T04:37:04.000000Z"}, {"uuid": "9f4b6829-44b6-437b-9581-07b1e37f6e75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8943", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:04.000000Z"}, {"uuid": "eba0752e-776f-4217-966d-7407e5dc6b63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8935", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:37:42.000000Z"}, {"uuid": "c481c2ca-f1d6-4260-86fc-0fdfca3507f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8916", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:12.000000Z"}, {"uuid": "a7310e87-3e76-4fd7-9e81-5deaf52f868d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24248", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:11.000000Z"}, {"uuid": "81a8744a-1ecc-4d74-99ce-83939c2579a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24234", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:38:00.000000Z"}, {"uuid": "c2e152cf-a9b0-412e-a80a-85c86ece7218", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/24202", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:16.000000Z"}, {"uuid": "925c1f00-8ac9-4a33-857e-94918cc3b62a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7542", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:12.000000Z"}, {"uuid": "f894a564-193e-4e35-afab-293569240151", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7569", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:04.000000Z"}, {"uuid": "7764e581-1437-4f54-afce-7848235e361a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7561", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:37:42.000000Z"}, {"uuid": "79d88de0-afca-4ab0-9f38-795c4cf2fead", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3840", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T05:23:04.000000Z"}, {"uuid": "e05bf7d3-6652-40ab-81c2-43303278aea7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3833", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T04:21:05.000000Z"}, {"uuid": "7153cea6-427b-4638-b542-20eb86dd4147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3816", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T04:37:05.000000Z"}, {"uuid": "3e9bf683-842d-40bf-9581-f109bde248c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/593", "content": "Tools - Hackers Factory \n\nAwesome MXSS\n\nhttps://github.com/msrkp/MXSS\n\nA comprehensive curated list of available Bug Bounty & Disclosure Programs and Write-ups.\n\nhttps://github.com/djadmin/awesome-bug-bounty\n\nMulti-threaded CMS BruteForcer to WordPress, Joomla, Drupal, OpenCart\n\nhttps://github.com/OffXec/brutecms\n\nCobalt Strike Beacon Object Files (BOFs) written in rust with rust core and alloc\n\nhttps://github.com/wumb0/rust_bof\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension\n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nMaLDAPtive is a framework for LDAP SearchFilter parsing, obfuscation, deobfuscation and detection\n\nhttps://github.com/MaLDAPtive/Invoke-Maldaptive\n\nA Python static code analyzer that finds complex, remotely exploitable vulnerabilities powered by Claude.\n\nhttps://github.com/protectai/vulnhuntr\n\ndump Chrome cookies remotely with atexec and CDP\n\nhttps://github.com/zimnyaa/remotechrome\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-31T08:38:00.000000Z"}, {"uuid": "a1cb804e-8231-48b3-aafe-8a2902166f48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/577", "content": "Tools - Hackers Factory \n\nJSNinja is a powerful tool for extracting URLs and sensitive information from JavaScript files\n\nhttps://github.com/iamunixtz/JSNinja\n\nAn x64 position-independent shellcode stager that verifies the stage it retrieves prior to execution : \n\nhttps://github.com/Octoberfest7/Secure_Stager  \n\nA modern 64-bit position independent implant template : \n\nhttps://github.com/Cracked5pider/Stardust  credits\n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper : \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-10-27T05:11:16.000000Z"}, {"uuid": "3d610ae7-8a24-4b77-b045-d231e73e3a83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-6778", "type": "published-proof-of-concept", "source": "https://t.me/InfoSecInsider/601", "content": "Tools - Hackers Factory \n\nLTESniffer - An Open-source LTE Downlink/Uplink Eavesdropper \n\nhttps://github.com/SysSec-KAIST/LTESniffer\n\nA POC exploit for CVE-2024-5836 and CVE-2024-6778, allowing for a sandbox escape from a Chrome extension : \n\nhttps://github.com/ading2210/CVE-2024-6778-POC\n\nRecoverPy : Recover overwritten or deleted data : \n\nhttps://github.com/PabloLec/RecoverPy\n\nProjects for security students\n\nhttps://github.com/kurogai/100-redteam-projects\n\nIn-depth repository of Telegram OSINT resources covering, tools, techniques & tradecraft.\n\nhttps://github.com/The-Osint-Toolbox/Telegram-OSINT\n\nGet Active Directory ports with PowerShell\n\nhttps://4sysops.com/archives/get-active-directory-ports-with-powershell/\n\nProof-of-Concept for CVE-2024-46538\n\nhttps://github.com/EQSTLab/CVE-2024-46538\n\nBeginners intro to Linux kernel exploitation (CTF challenge)\n\nhttps://gum3t.xyz/posts/a-gau-hack-from-euskalhack/\n\n#CyberDilara \nhttps://t.me/CyberDilara", "creation_timestamp": "2024-11-01T04:43:11.000000Z"}]}