python311-impacket-0.13.1-1.1 on GA media (moderate)

python311-impacket-0.13.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10837-1 Rating: moderate Cross-References: CVE-2025-33073 Affected Products: openSUSE Tumbleweed An update that solves one vulnerability can now be installed. Description: These are all security issues fixed in the...

OPENSUSE-SU-2026:10837-1 python311-impacket-0.13.1-1.1 on GA media

These are all security issues fixed in the python311-impacket-0.13.1-1.1 package on the GA media of openSUSE Tumbleweed...

TGT2Admin-

🎭 RBCDExploit - Resource-Based Constrained Delegation Attack...

Exploit for Improper Input Validation in Microsoft

CVE-2024-21413 | Microsoft Outlook Remote Code Execution Vulne...

Exploit for CVE-2021-1675

CVE-2021-1675 / CVE-2021-34527 Impacket implementation of the...

Exploit for CVE-2020-1472

Domain-Controller-DC-Exploitation-with-Metasploit-Impacket End...

AutoBlue-MS17-010

MS17-010 Exploit Code This is some no-bs public exploit code...

SMBInvader

SMBInvader This script automates the...

PrivExchange

This is a proof-of-concept PoC tool for abusing Microsoft Exchange to obtain Domain Admin privileges. The tool, named PrivExchange, requires the Impacket library and can be used to subscribe to push notifications on Exchange Web Services, which will make Exchange connect back to the attacker and...

Exploit for CVE-2020-1472

PoC exploit for CVE-2020-1472, a vulnerability in the Windows Netlogon service that allows an attacker to authenticate as the domain controller account with a zero-length password. The exploit uses the impacket library to connect to the Netlogon service and send a zero-length challenge and...

AutoBlue-MS17-010

This is a semi-automated, fully working, no-bs, non-metasploit version of the public exploit code for MS17-010. The exploit is designed to target Windows systems vulnerable to the EternalBlue vulnerability, which is a remote code execution RCE vulnerability in the SMBv1 protocol. The exploit code...

smbmap

This is a Python script for a tool called SMBMap, which is designed to enumerate Samba share drives across an entire domain. The tool allows users to list share drives, drive permissions, share contents, upload/download functionality, file name auto-download pattern matching, and even execute...

Exploit for CVE-2020-1472

!Pythonpython-shield CVE-2020-1472 CVE-2020-1472 - Zero Logon vulnerability Python implementation Description A Python script which uses the Impacket library to test for CVE-2020-1472 - Zerologon vulnerability credits to Secura research. The flaw stems from the Netlogon Remote Protocol, available...

Exploit for CVE-2021-1675

CVE-2021-1675 / CVE-2021-34527 Impacket implementation of the PrintNightmare PoC originally created by Zhiniang Peng @edwardzpeng & Xuefeng Li @lxf02942370 Tested on a fully patched 2019 Domain Controller Execute malicious DLL's remote or locally Patch update Microsoft has released a patch to...

Exploit for CVE-2021-1675

It Was All A Dream A CVE-2021-34527 a.k.a PrintNightmare Python Scanner. Allows you to scan entire subnets for the PrintNightmare RCE not the LPE and generates a CSV report with the results. Tests exploitability over MS-PAR and MS-RPRN. This tool has "de-fanged" versions of the Python exploits, i...

Linux Distros Unpatched Vulnerability : CVE-2021-31800

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Multiple path traversal vulnerabilities exist in smbserver.py in Impacket through 0.9.22. An attacker that connects to a running smbserver instance can list and...

Exploit for CVE-2020-1472

ZeroLogon testing script A Python script that uses the Impacket library to test vulnerability for the Zerologon exploit CVE-2020-1472. It attempts to perform the Netlogon authentication bypass. The script will immediately terminate when successfully performing the bypass, and not perform any...

The SOC files: Rumble in the jungle or APT41’s new target in Africa

Introduction Some time ago, Kaspersky MDR analysts detected a targeted attack against government IT services in the African region. The attackers used hardcoded names of internal services, IP addresses, and proxy servers embedded within their malware. One of the C2s was a captive SharePoint serve...

Investigating a SharePoint Compromise: IR Tales from the Field

Executive summary Rapid7’s Incident Response team recently investigated a Microsoft Exchange service account with domain administrator privileges. Our investigation uncovered an attacker who accessed a server without authorization and moved laterally across the network, compromising the entire...

Investigating a SharePoint Compromise: IR Tales from the Field

Executive summary Rapid7’s Incident Response team recently investigated a Microsoft Exchange service account with domain administrator privileges. Our investigation uncovered an attacker who accessed a server without authorization and moved laterally across the network, compromising the entire...