homelab-security

Cybersecurity Home Lab A personal home lab built for hands-on...

Exploit for CVE-2017-0144

🛡️ TryHackMe CTF – EternalBlue MS17-010 !CTF Badgehttps:...

Exploit for Authentication Bypass by Primary Weakness in Crushftp

The-Challenge-Soulmate- The "Soulmate" machine from HackTheBox...

PT-2025-31964 · Undefined · Undefined

Hi, I run a following script for a vulnerability test for my home network; nmap 192.168.1.1/24 -n -sP |rg -o "192." scan.txt nmap -sV --script vulners --script-args mincvss=7.0 -iL scan.txt Then I get this Vulner output in port 80; Nmap scan report for 192.168.1.5 Host is up 0.00021s latency. Not...

GPT_Vuln-analyzer - Uses ChatGPT API And Python-Nmap Module To Use The GPT3 Model To Create Vulnerability Reports Based On Nmap Scan Data

This is a Proof Of Concept application that demostrates how AI can be used to generate accurate results for vulnerability analysis and also allows further utilization of the already super useful ChatGPT. Requirements Python 3.10 All the packages mentioned in the requirements.txt file OpenAi api...

CVE-2022-48252

The jokob-sk/Pi.Alert fork before 22.12.20 of Pi.Alert allows Remote Code Execution via nmapscan.php scan parameter OS Command Injection...

LiveTargetsFinder - Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information

Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out unreachable hosts Given an input file of domain names, this script will automate the usage of MassDNS to filter out unresolvable hosts, and then pass the results on to Masscan to...

Getting a persistent shell on a 747 IFE

TL:DR The Coronavirus pandemic has hit the airline industry hard. One sad consequence was early retirement of most of the 747 passenger fleet. This does however create opportunities for aviation security research, as airframes are parked up before parting out in breakers yards. This 747 was flyin...

Chameleon - Customizable Honeypots For Monitoring Network Traffic, Bots Activities And Username\Password Credentials (DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET, Postgres And MySQL)

Customizable honeypots for monitoring network traffic, bots activities and username\password credentials DNS, HTTP Proxy, HTTP, HTTPS, SSH, POP3, IMAP, STMP, RDP, VNC, SMB, SOCKS5, Redis, TELNET and Postgres and MySQL Grafana Interface NMAP Scan Credentials Monitoring General Features Modular...

h1-ctf: [h1ctf-Grinch Networks] MrR3b00t Saving the Christmas

Disclaimer: Certain things are a bit modified to set the pieces for the story. Also you can find the flags for all 12 challenges in file F1138300 , Now enjoy : █▀▄▀█ █▀█ ░ █▀█ █▄▄ █▀█ █▀█ ▀█▀ █░▀░█ █▀▄ ▄ █▀▄ █▄█ █▄█ █▄█ ░█░ saves the Christmas Episode - 0x00 Pil0t.py It was a gloomy clear night,...

Information disclosure

A vulnerability in the TCL Android Smart TV series V8-R851T02-LF1 V295 and below and V8-T658T01-LF1 V373 and below by TCL Technology Group Corporation allows an attacker on the adjacent network to arbitrarily browse and download sensitive files over an insecure web server running on port 7989 tha...

Autoenum - Automatic Service Enumeration Script

Autoenum is a recon tool which performs automatic enumeration of services discovered. I built this to save some time during CTFs and pen testing environments i.e. HTB, VulnHub, OSCP and draws a bit from a number of existing tools including AutoRecon https://github.com/Tib3rius/AutoRecon, Auto-Rec...

packetstormsecurity.com

Pentest notes for: packetstormsecurity.com Exploit Pack Nmap 7.80 scan initiated Tue Dec 3 09:27:33 2019 as: /usr/bin/nmap -sV -A -oA log/exploitpack.com exploitpack.com Nmap scan report for exploitpack.com 132.148.22.104 Host is up 0.18s latency. rDNS record for 132.148.22.104:...

Envizon - Network Visualization Tool With Focus On Red / Blue Team Requirements

This tool is designed, developed and supported by evait security. In order to give something back to the security community, we publish our internally used and developed, state of the art network visualization and organization tool, 'envizon'. We hope your feedback will help to improve and hone i...

Semrush: SSLv3 Poodle Attack on Ip Of semrush

Summary: POODLE SSLv3 bug on multiple servers Description: CVE-2014-3566: The SSL protocol 3.0, as used in OpenSSL through 1.0.1i and other products, uses nondeterministic CBC padding, which makes it easier for man-in-the-middle attackers to obtain cleartext data via a padding-oracle attack, aka...

Master IP CAM 01 Vulnerabilities

Some time ago I analized this ipcam with my friend Dzonerzy: var serialNum="VVVIPCSBC150617Z-06929VjmJH54vkK"; var model="RTIPC"; var hardVersion="5900-gc1004"; var softVersion="V3.3.4.2103-S50-SBC-B20150721E"; var ipcname="WIFICAM"; var startdate="2017-8-5 0:0:2"; var runtimes="0 day, 0:54"; var...

Devil's Ivy vulnerability(CVE-2017-9765)

When we began a security analysis of remote configuration services last year, we had no idea it would lead us to uncover vulnerabilities that affect so many users. We have been studying the prevalence and nature of the vulnerabilities that arise in remote configuration services, so when we...

spoilerwall - Avoid being scanned by spoiling movies on all your ports!

Spoilerwall introduces a brand new concept in the field of network hardening. Avoid being scanned by spoiling movies on all your ports! Firewall? How about Fire'em'all! Stop spending thousand of dollars on big teams that you don't need! Just fire up the Spoilers Server and that's it! Movie Spoile...

Mimir - OSINT Threat Intel Interface

OSINT Threat Intel Interface - Named after the old Norse God of knowledge. Mimir functions as a CLI to HoneyDB which in short is an OSINT aggragative threat intel pool. Starting the program brings you to a menu the options for which are as follows. 1. Fetch Threat Feed 5. Visualize Top Malicious...

Ubiquiti Inc.: Stored XSS / Bypassing .htaccess protection in http://nodebb.ubnt.com/

Hello, While I was looking at your renewn SSL certificated, I have noticed the following link : http://nodebb.ubnt.com/ I have seen that this link was protected by htaccess password, but I have decided to run a nmap scan. By running the following : sudo nmap -sSV -p- 104.131.159.88 -oA stageph -T...