Exploit for Path Traversal in Microsoft

I will continue to add any new code or modify existing code ba...

Exploit for Server-Side Request Forgery in Microsoft

It is an offensive tool for Microsoft Exchange server vulnerabil...

CVE-2021-24082

Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability...

CVE-2021-24082

Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability...

Security feature bypass

Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability...

CVE-2021-24082 Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability

...

CVE-2021-24082

Technical details for CVE-2021-24082 are not publicly available in the provided connected documents. The records list the vulnerability title but do not specify affected products, root cause, impact, or fixes. Monitor for updates.

APT-Hunter - Threat Hunting Tool For Windows Event Logs Which Made By Purple Team Mindset To Provide Detect APT Movements Hidden In The Sea Of Windows Event Logs To Decrease The Time To Uncover Suspicious Activity

APT-Hunter is Threat Hunting tool for windows event logs which made by purple team mindset to provide detect APT movements hidden in the sea of windows event logs to decrease the time to uncover suspicious activity . this tool will make a good use of the windows event logs collected and make sure...

Tax Season Ushers in Quickbooks Data-Theft Spike

Cybercriminals are ready for tax season with new malware designed to exfiltrate Quickbooks data and post it on the internet, according to a new report from ThreatLocker. Attackers use email to deliver the malware, which the ThreatLocker’s CEO Danny Jenkins told Threatpost is a simple, 15-line pie...

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or othe...

Experts Warns of Notable Increase in QuickBooks Data Files Theft Attacks

New research has uncovered a significant increase in QuickBooks file data theft using social engineering tricks to deliver malware and exploit the accounting software. "A majority of the time, the attack involves basic malware that is often signed, making it hard to detect using antivirus or othe...

RAT-el - An Open Source Penetration Test Tool That Allows You To Take Control Of A Windows Machine

RAT-el is an open source penetration test tool that allows you to take control of a windows machine. It works on the client-server model, the server sends commands and the client executes the commands and sends the result back to the server. The client is completely undetectable by anti-virus...

HFS (HTTP File Server) 2.3.x - Remote Command Execution (3)

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...

HFS (HTTP File Server) 2.3.x Remote Code Execution

Exploit Title: HFS HTTP File Server 2.3.x - Remote Command Execution 3 Google Dork: intext:"httpfileserver 2.3" Date: 20/02/2021 Exploit Author: Pergyz Vendor Homepage: http://www.rejetto.com/hfs/ Software Link: https://sourceforge.net/projects/hfs/ Version: 2.3.x Tested on: Microsoft Windows...

Citrix Data Collection Tool - CDC

Pre-requisites PowerShell 4.0 and above .NET 4.0 and above Media FrameWork 5.0 and above PowerShell Execution policy set to RemoteSigned/Unrestricted/ByPass Task Scheduler should be enabled for the creation of tasks to be executed when triggers are defined. Administrator privileges Please note: Y...

Chimera - A (Shiny And Very Hack-Ish) PowerShell Obfuscation Script Designed To Bypass AMSI And Commercial Antivirus Solutions

Chimera is a shiny and ver y hack-ish PowerShell obfuscation script designed to bypass AMSI and antivirus solutions. It digests malicious PS1's known to trigger AV and uses string substitution and variable concatenation to evade common detection signatures. Chimera was created for this write-up a...

ATTPwn - Tool Designed To Emulate Adversaries

ATTPwn is a computer security tool designed to emulate adversaries. The tool aims to bring emulation of a real threat into closer contact with implementations based on the techniques and tactics from the MITRE ATT&CK framework. The goal is to simulate how a threat works in an intrusion scenario,...

Microsoft.PowerShell.Utility Module WDAC Security Feature Bypass Vulnerability

...

PT-2021-2044 · Microsoft · Microsoft.Powershell.Utility +1

Name of the Vulnerable Software and Affected Versions: Microsoft.PowerShell.Utility Module affected versions not specified Description: The issue is related to errors in security settings, allowing a remote attacker to bypass existing protection mechanisms. This security-feature bypass...

Microsoft PowerShell Utility Security Feature Issue Vulnerability

Microsoft PowerShell Utility is a utility module from Microsoft Corporation USA. The module includes many of the basic administrative commands for PowerShell. Microsoft PowerShell Utility is vulnerable to a security feature issue. The following products and editions are affected:Windows 10 Versio...