56 matches found
Zeek 8.0.3
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...
ysoserial
This is a proof-of-concept tool for generating payloads that exploit unsafe Java object deserialization. The tool, called ysoserial, is a collection of utilities and property-oriented programming "gadget chains" discovered in common Java libraries that can, under the right conditions, exploit Jav...
Zeek 7.0.9
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek ha...
Tracking GPTs Third Party Service: Automation, Analysis, and Insights
ChatGPT has quickly advanced from simple natural language processing to tackling more sophisticated and specialized tasks. Drawing inspiration from the success of mobile app ecosystems, OpenAI allows developers to create applications that interact with third-party services, known as GPTs. GPTs ca...
Exploit for OS Command Injection in Paloaltonetworks Expedition
CVE-2024-9464: Palo Alto Expedition Authenticated Command Inje...
Exploit for Use of Hard-coded Credentials in Solarwinds Web_Help_Desk
CVE-2024-28987: SolarWinds Web Help Desk Hardcoded Credential...
Exploit for OS Command Injection in Ivanti Cloud_Services_Appliance
CVE-2024-8190: Ivanti Cloud Service Appliance Authenticated Co...
Exploit for Deserialization of Untrusted Data in Ivanti Endpoint_Manager
CVE-2024-29847 PoC for Ivanti Endpoint Manager AgentPortal Des...
Exploit for Deserialization of Untrusted Data in Ivanti Endpoint_Manager
CVE-2023-28324 POC for CVE-2023-28324 affecting Ivanti EPM...
Exploit for Improper Input Validation in Ivanti Endpoint_Manager
CVE-2023-28324 POC for CVE-2023-28324 affecting Ivanti EPM...
Exploit for SQL Injection in Progress Whatsup_Gold
CVE-2024-6670 PoC for Progress Software WhatsUp Gold HasErrors...
Exploit for Improper Privilege Management in Progress Whatsup_Gold
CVE-2024-5009 PoC for Progress WhatsUp Gold SetAdminPassword P...
Chinese Actor SecShow Conducts Massive DNS Probing on Global Scale
Cybersecurity researchers have shed more light on a Chinese actor codenamed SecShow that has been observed conducting Domain Name System DNS on a global scale since at least June 2023. The adversary, according to Infoblox security researchers Dr. Renée Burton and Dave Mitchell, operates from the...
Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024
CVE-2024-4358 / CVE-2024-1800 Telerik Report Server deserializ...
Exploit for Authentication Bypass by Spoofing in Telerik Report_Server_2024
CVE-2024-4358 / CVE-2024-1800 Telerik Report Server deserializ...
Exploit for OS Command Injection in Fortinet Fortisiem
CVE-2024-23108 POC Proof of concept exploit to blindly execut...
Exploit for OS Command Injection in Fortinet Fortisiem
CVE-2024-23108: Fortinet FortiSIEM Unauthenticated 2nd Order C...
Exploit for Unrestricted Upload of File with Dangerous Type in Git
Poc for CVE-2024-32002, the script made from the developer's t...
Exploit for Files or Directories Accessible to External Parties in Artifex Ghostscript
Ghostscript command injection vulnerability PoC CVE-2023-3666...
Exploit for SQL Injection in Fortinet Forticlient_Enterprise_Management_Server
CVE-2023-48788 Fortinet FortiClient EMS SQL Injection Vulnerab...