Kai-Tools

Kai Tools 🚀 Kai Tools adalah suite keamanan dan intelijen...

EUVD-2023-24446

Malicious code in bioql PyPI...

Exploit for CVE-2024-25600

Bricks Builder RCE Exploit CVE-2024-25600 This project cont...

Cisco Firepower Threat Defense Software Snort 3 Geolocation IP Filter Bypass (cisco-sa-ftdsnort3sip-bypass-LMz2ThKn)

According to its self-reported version, Cisco Firepower Threat Defense FTD Software is affected by a vulnerability. - A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists...

OSTE-Web-Log-Analyzer - Automate The Process Of Analyzing Web Server Logs With The Python Web Log Analyzer

Automate the process of analyzing web server logs with the Python Web Log Analyzer. This powerful tool is designed to enhance security by identifying and detecting various types of cyber attacks within your server logs. Stay ahead of potential threats with features that include: Features 1. Attac...

CVE-2023-20267

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...

CVE-2023-20267

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...

CVE-2023-20267

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...

CVE-2023-20267

A vulnerability in the IP geolocation rules of Snort 3 could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This vulnerability exists because the configuration for IP geolocation rules is not parsed properly. An attacker could exploit this vulnerability b...

CVE-2023-20267

CVE-2023-20267 affects Snort 3’s IP geolocation rules where misparsing the configuration can let an unauthenticated, remote attacker spoof an IP to bypass location-based IP restrictions. The issue stems from how IP geolocation rules are parsed. A successful exploit could bypass restrictions witho...

PT-2023-17424 · Snort · Snort

Name of the Vulnerable Software and Affected Versions: Snort 3 affected versions not specified Description: A vulnerability in the IP geolocation rules could allow an unauthenticated, remote attacker to potentially bypass IP address restrictions. This issue exists because the configuration for IP...

CVE-2022-23812

The CVE-2022-23812 vulnerability affects the node-ipc package (versions 10.1.1 and 10.1.2). Embedded malicious code is triggered based on geolocation (Russia/Belarus) and overwrites user files with a heart emoji; the maintainer removed this code in version 10.1.3. Starting with 11.0.0, node-ipc i...

RedWarden - Flexible CobaltStrike Malleable Redirector

RedWarden - Flexible CobaltStrike Malleable Redirector previously known as proxy2's malleableredirector plugin Let's raise the bar in C2 redirectors IR resiliency, shall we? Red Teaming business has seen several different great ideas on how to combat incident responders and misdirect them while...

Debian DLA-2445-1 : libmaxminddb security update

A heap-based buffer over-read has been found in libmaxminddb, an IP geolocation database library. This could be exploited when the mmdblookup tool is used to open a specially crafted database file. For Debian 9 stretch, this problem has been fixed in version 1.2.0-1+deb9u1. We recommend that you...

Malicious Package

Overview electorn was removed from the npm registry for containing malicious code. Upon installation the package runs a preinstall script that writes a public comment on GitHub containing the following information: - IP and IP-based geolocation - home directory name - local username Recommendatio...

CVE-2020-12271: Sophos XG Firewall Pre-Auth SQL Injection Vulnerability

A SQL injection issue was found in SFOS 17.0, 17.1, 17.5, and 18.0 before 2020-04-25 on Sophos XG Firewall devices, as exploited in the wild in April 2020. This affected devices configured with either the administration HTTPS service or the User Portal exposed on the WAN zone. A successful attack...

Seeker v1.1.9 - Accurately Locate Smartphones Using Social Engineering

Concept behind Seeker is simple, just like we host phishing pages to get credentials why not host a fake page that requests your location like many popular location based websites. Seeker Hosts a fake website on In Built PHP Server and uses Serveo to generate a link which we will forward to the...

Black Owl - Tool To Gather Information, Based On Operative-Framework

This is a simple tool to gather information, based on Operative-Framework. Requirements requests pythonwhois beautifulsoup4 Install requirements $ pip install -r requirements.txt How to use $ git clone https://github.com/qqwaszx/blackowl.git $ python main.py : blackowl help Modules /core/modules/...

CVE-2016-10594

ipip is a Node.js module to query geolocation information for an IP or domain, based on database by ipip.net. ipip downloads data resources over HTTP, which leaves it vulnerable to MITM attacks...

adamvr-geoip-lite file download vulnerability

adamvr-geoip-lite is an API provided for IP geo-mapping data files. A file download vulnerability exists in adamvr-geoip-lite that originates when a program downloads geoip resources over the HTTP protocol. An attacker could use this vulnerability to read or modify the resource, affecting the...