207 matches found
Exploit for CVE-2017-0144
No d...
security-vulnerabilities-and-protection-measures
Security Vulnerabilities and Protection Measures Submitted...
AutoBlue-MS17-010
MS17-010 Exploit Code This is some no-bs public exploit code...
Pivoting-and-Privilege-Escalation-Lab-Exercise-
Pivoting-and-Privilege-Escalation-Lab-Exercise- 🧑💻 In this ex...
Cobaltstrike-MS17-010
This repository is an Aggressor Script for Cobalt Strike targeting the MS17-010 vulnerability. It includes a PowerShell module for scanning and exploiting the vulnerability, as well as a stager for delivering a payload. The script is designed to run on Windows 7 x64 and Windows 2008 R2 systems. T...
AutoBlue-MS17-010
This is a semi-automated, fully working, no-bs, non-metasploit version of the public exploit code for MS17-010. The exploit is designed to target Windows systems vulnerable to the EternalBlue vulnerability, which is a remote code execution RCE vulnerability in the SMBv1 protocol. The exploit code...
EternalBlueExploitation
Eternal Blue Exploitation Description For this project, I expl...
Exploit for CVE-2017-0144
Metasploit Framework Cheatsheet Introduction Metasploit i...
Eternalblue-Doublepulsar-Metasploit
This is a Metasploit module to exploit the EternalBlue-Doublepulsar vulnerability. The module is designed to target Windows systems and uses the Doublepulsar backdoor to install a DLL into a user mode process. The module can be used to perform various operations, including outputting the install...
Exploit for CVE-2017-0144
This repository is an offensive tool for Windows. It is an implementation of the DoublePulsar backdoor in C/C++. The tool includes a suite of exploits and detectors for various vulnerabilities, including the EternalBlue vulnerability CVE-2017-0144. The tool can be used to upload a DLL to a...
easysploit
This is an exploit module/toolkit targeting various platforms, including Windows, Android, Linux, MacOS, and Web applications. The primary vulnerability targeted is ms17010, specifically EternalBlue, which is a remote code execution vulnerability in Windows systems. The toolkit also includes...
StripedFly Malware Operated Unnoticed for 5 Years, Infecting 1 Million Devices
An advanced strain of malware masquerading as a cryptocurrency miner has managed to fly the radar for over five years, infecting no less than one million devices around the world in the process. That's according to findings from Kaspersky, which has codenamed the threat StripedFly, describing it ...
StripedFly: Perennially flying under the radar
Introduction Its just another cryptocurrency miner… Nobody would even suspect the mining malware was merely a mask, masquerading behind an intricate modular framework that supports both Linux and Windows. It comes equipped with a built-in TOR network tunnel for communication with command servers,...
CISA issues alert with South Korean government about DPRK's ransomware antics
CISA and other federal agencies were joined by the National Intelligence Service NIS and the Defense Security Agency of the Republic of Korea ROK in releasing the latest cybersecurity advisory in the US government's ongoing StopRansomware effort. This alert highlights continuous state-sponsored...
Microsoft Reclassifies SPNEGO Extended Negotiation Security Vulnerability as 'Critical'
Microsoft has revised the severity of a security vulnerability it originally patched in September 2022, upgrading it to "Critical" after it emerged that it could be exploited to achieve remote code execution. Tracked as CVE-2022-37958 CVSS score: 8.1, the flaw was previously described as an...
Microsoft Patch Tuesday, April 2022 Edition
Microsoft on Tuesday released updates to fix roughly 120 security vulnerabilities in its Windows operating systems and other software. Two of the flaws have been publicly detailed prior to this week, and one is already seeing active exploitation, according to a report from the U.S. National...
DirtyMoe Botnet Gains New Exploits in Wormable Module to Spread Rapidly
The malware known as DirtyMoe has gained new worm-like propagation capabilities that allow it to expand its reach without requiring any user interaction, the latest research has found. "The worming module targets older well-known vulnerabilities, e.g., EternalBlue and Hot Potato Windows privilege...
Experts Detail Logging Tool of DanderSpritz Framework Used by Equation Group Hackers
Cybersecurity researchers have offered a detailed glimpse into a system called DoubleFeature that's dedicated to logging the different stages of post-exploitation stemming from the deployment of DanderSpritz, a full-featured malware framework used by the Equation Group. DanderSpritz came to light...
Conti Ransomware
Conti is a sophisticated Ransomware-as-a-Service RaaS model first detected in December 2019. Since its inception, its use has grown rapidly and has even displaced the use of other RaaS tools like Ryuk. The Cybersecurity and Infrastructure Security Agency CISA and the Federal Bureau of Investigati...
MS17-011
This is a repository for exploiting the MS17-010 vulnerability in Windows SMB. The repository contains various proof-of-concept PoC exploits and tools for exploiting this vulnerability. The MS17-010 vulnerability is a remote code execution vulnerability in the Windows SMB service. It allows an...