Lucene search
K

39 matches found

Hacker One
Hacker One
added 2020/12/31 8:20 a.m.369 views

h1-ctf: h1-ctf : 12 days of hack holiday writeup

Summary This was a real fun CTF and I really enjoyed solving the challenges. Great job on creating the challenges. This is my writeup for the "12 Days of Hacky Holidays CTF". I hope you enjoy reading it, and I hope others reading it will pick up a trick or two. Flags: This is all the flags found...

7.1AI score
Exploits0
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/11/24 9:35 a.m.349 views

Understanding Binary and Data Representation with CyberChef

A significant part of reverse engineering and attacking devices relies on viewing and recognising data in various forms and working out how to decode it. We typically use Linux tools and scripts to do this, but you can make the first few steps using a really neat online tool called CyberChef. Wha...

6.5AI score
Exploits0
Kitploit
Kitploit
added 2020/08/11 12:30 p.m.63 views

PE Tree - Python Module For Viewing Portable Executable (PE) Files In A Tree-View

Python module for viewing Portable Executable PE files in a tree-view using pefile and PyQt5. Can also be used with IDA Pro to dump in-memory PE files and reconstruct imports. Features Standalone application and IDAPython plugin Supports Windows/Linux/Mac Rainbow PE ratio map: High-level overview...

6.8AI score
Exploits0References5
Hacker One
Hacker One
added 2020/06/09 12:39 a.m.154 views

h1-ctf: [H1-2006 2020] Writeup

^FLAG^736c635d8842751b8aafa556154eb9f3$FLAG$ Prologue The CTF was announced in a Hacker0x01 tweet. The goal is to make payments from Marten Mickos' account on BountyPayHQ. The announcement tweet was followed shortly by a retweet of BountypayHQ, an account made for the event. BountypayHQ has one...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/03/18 8:30 p.m.66 views

Chepy - A Python Lib/Cli Equivalent Of The Awesome CyberChef Tool.

Chepy is a python library with a handy cli that is aimed to mirror some of the capabilities of CyberChef. A reasonable amount of effort was put behind Chepy to make it compatible to the various functionalities that CyberChef offers, all in a pure Pythonic manner. There are some key advantages and...

6.9AI score
Exploits0References2
Pen Test Partners Blog
Pen Test Partners Blog
added 2020/02/25 8:45 a.m.62 views

Hardcoding Keys. Is that Wyse?

A couple of years ago, we were testing a large system of around 3000 Wyse terminals, all operating unattended. To configure themselves, they download a configuration file called wlx.ini from a webserver. This file contained a few fields that seemed interesting - ChangeRootPassword and...

6.8AI score
Exploits0
Node.js
Node.js
added 2019/09/05 9:26 p.m.17 views

Cross-Site Scripting

Overview Versions of cyberchef prior to 8.31.3 are vulnerable to Cross-Site Scripting. In Text Encoding Brute Force the table rows are created by concatenating the value variable unsanitized in the HTML code. If this variable is controlled by user input it allows attackers to execute arbitrary...

4.3CVSS3.9AI score0.01311EPSS
Exploits1Affected Software1
CNVD
CNVD
added 2019/08/28 12:0 a.m.1 views

CyberChef Cross-Site Scripting Vulnerability

CyberChef is a web application with encryption, encoding, compression and data analysis . A cross-site scripting vulnerability exists in the core/operations/TextEncodingBruteForce.mjs file in versions of CyberChef prior to 8.31.2, which can be exploited by an attacker to execute client-side code...

6.1CVSS6.3AI score0.01311EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2019/08/27 5:36 p.m.70 views

Cross-Site Scripting in cyberchef

Versions of cyberchef prior to 8.31.3 are vulnerable to Cross-Site Scripting. In Text Encoding Brute Force the table rows are created by concatenating the value variable unsanitized in the HTML code. If this variable is controlled by user input it allows attackers to execute arbitrary JavaScript ...

6.1CVSS4.2AI score0.01311EPSS
Exploits1References8Affected Software1
OSV
OSV
added 2019/08/27 5:36 p.m.20 views

GHSA-JP6R-XCJJ-5H7R Cross-Site Scripting in cyberchef

Versions of cyberchef prior to 8.31.3 are vulnerable to Cross-Site Scripting. In Text Encoding Brute Force the table rows are created by concatenating the value variable unsanitized in the HTML code. If this variable is controlled by user input it allows attackers to execute arbitrary JavaScript ...

6.1CVSS6.3AI score0.01311EPSS
Exploits1References7
Veracode
Veracode
added 2019/08/27 5:46 a.m.19 views

Cross-Site Scripting (XSS)

cyberchef is vulnerable to cross-site scripting XSS. A remote attacker is able to inject arbitrary Javascript code into a victim's browser via the text encoding brute force process...

6.1CVSS3.9AI score0.01311EPSS
Exploits1References4Affected Software1
NVD
NVD
added 2019/08/26 12:15 p.m.31 views

CVE-2019-15532

CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs...

6.1CVSS6AI score0.01311EPSS
Exploits1References4
OSV
OSV
added 2019/08/26 12:15 p.m.11 views

CVE-2019-15532

CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs...

6.1CVSS6.1AI score
Exploits0References4
Prion
Prion
added 2019/08/26 12:15 p.m.14 views

Cross site scripting

CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs...

4.3CVSS5.9AI score0.01311EPSS
Exploits1References4Affected Software1
Cvelist
Cvelist
added 2019/08/26 11:45 a.m.29 views

CVE-2019-15532

CyberChef before 8.31.2 allows XSS in core/operations/TextEncodingBruteForce.mjs...

6AI score0.01311EPSS
Exploits1References4
CVE
CVE
added 2019/08/26 11:45 a.m.64 views

CVE-2019-15532

CyberChef before version 8.31.2 is affected by a Cross-Site Scripting (XSS) vulnerability in core/operations/TextEncodingBruteForce.mjs. The issue, described across multiple sources (NVD/NVD-derived records and public advisories), arises when un sanitized user-controlled values are embedded into ...

6.1CVSS5.8AI score0.01311EPSS
Exploits1References4Affected Software1
Kitploit
Kitploit
added 2018/09/17 9:7 p.m.83 views

CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...

6.7AI score
Exploits0References9
Kitploit
Kitploit
added 2017/08/05 10:30 p.m.35 views

CyberChef - The Cyber Swiss Army Knife [A Web App For Encryption, Encoding, Compression And Data Analysis]

The Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, creating binary and hexdumps, compression an...

6.8AI score
Exploits0References9
n0where
n0where
added 2016/12/01 4:23 a.m.24 views

Cyber Swiss Army Knife: CyberChef

Cyber Swiss Army Knife CyberChef is a simple, intuitive web app for carrying out all manner of “cyber” operations within a web browser. These operations include creating hexdumps, simple encoding like XOR or Base64, more complex encryption like AES, DES and Blowfish, data compression and...

6.7AI score
Exploits0References9
Rows per page
Query Builder