Lucene search
K

6 matches found

CVE
CVE
added 6 days ago13 views

CVE-2026-57952

Mythic before 3.4.0.60 contains an authorization bypass in four REST endpoints (c2profile_config_check_webhook, c2profile_redirect_rules_webhook, c2profile_get_ioc_webhook, c2profile_sample_message_webhook) that fail to verify payload ownership. An operator in one operation can invoke these endpo...

6.5CVSS5.8AI score0.00171EPSS
Exploits0References4Affected Software1
Kitploit
Kitploit
added 2022/08/15 12:30 p.m.31 views

RedGuard - C2 Front Flow Control Tool, Can Avoid Blue Teams, AVs, EDRs Check

0x00 Introduction Tool introduction RedGuard is a derivative work of the C2 facility pre-flow control technology. It has a lighter design, efficient flow interaction, and reliable compatibility with go language development. The core problem it solves is also in the face of increasingly complex re...

6.8AI score
Exploits0References3
Kitploit
Kitploit
added 2022/01/17 11:30 a.m.25 views

Inject-Assembly - Inject .NET Assemblies Into An Existing Process

This tool is an alternative to traditional fork and run execution for Cobalt Strike. The loader can be injected into any process, including the current Beacon. Long-running assemblies will continue to run and send output back to the Beacon, similar to the behavior of execute-assembly. There are t...

8AI score
Exploits0References8
Kitploit
Kitploit
added 2021/08/16 9:30 p.m.28 views

PickleC2 - A Post-Exploitation And Lateral Movements Framework

PickleC2 is a post-exploitation and lateral movements framework. Documentation ReadTheDocs Overview PickleC2 is a simple C2 framework written in python3 used to help the community in Penetration Testers in their red teaming engagements. PickleC2 has the ability to import your own PowerShell modul...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2021/08/13 9:30 p.m.68 views

Nimplant - A Cross-Platform Implant Written In Nim

Nimplant is a cross-platform Linux & Windows implant written in Nim as a fun project to learn about Nim and see what it can bring to the table for red team tool development. Currently, Nimplant lacks extensive evasive tradecraft; however, overtime Nimplant will become much more sophisticated...

7.8AI score
Exploits0References3
ThreatPost
ThreatPost
added 2018/11/20 6:1 p.m.18 views

APT29 Re-Emerges After 2 Years with Widespread Espionage Campaign

A phishing campaign bent on espionage, believed to be launched by the nation-state threat group known as APT29, is targeting high-value targets across the think-tank, law enforcement, media, U.S. military, imagery, transportation, pharmaceutical, national government and defense contracting sector...

7.1AI score
Exploits0References8
Rows per page
Query Builder