Advanced-AI-Recon-and-Exploit-Framework

reNgine: The Ultimate Web Reconnaissance & Vulnerability Scanner...

Exploit for Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Openssl

🔐 SSH Exploit Tool Educational Use Only 📌 Description Th...

CVE-2024-39915

Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application...

EUVD-2024-38297

Malicious code in bioql PyPI...

CVE-2021-23203

Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF reports for arbitrary documents, via crafted requests...

CVE-2025-27406

Icinga Reporting is the central component for reporting related functionality in the monitoring web frontend and framework Icinga Web 2. A vulnerability present in versions 0.10.0 through 1.0.2 allows to set up a template that allows to embed arbitrary Javascript. This enables the attacker to act...

CVE-2024-52506 Graylog can leak other users' reports via concurrent PDF report rendering

Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log messages or metrics aggregated from fields of multiple log messages. This functionality, as included i...

CVE-2024-52506 Graylog can leak other users' reports via concurrent PDF report rendering

Graylog is a free and open log management platform. The reporting functionality in Graylog allows the creation and scheduling of reports which contain dashboard widgets displaying individual log messages or metrics aggregated from fields of multiple log messages. This functionality, as included i...

CVE-2024-39915

Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application...

CVE-2024-39915 Authenticated remote code execution in Thruk

Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application...

CVE-2024-39915 Authenticated remote code execution in Thruk

Thruk is a multibackend monitoring webinterface for Naemon, Nagios, Icinga and Shinken using the Livestatus API. This authenticated RCE in Thruk allows authorized users with network access to inject arbitrary commands via the URL parameter during PDF report generation. The Thruk web application...

CVE-2024-39915

Thruk (multibackend monitoring webinterface) is affected by CVE-2024-39915 via an authenticated remote code execution vulnerability. An authorized user with network access can exploit the vulnerability by injecting arbitrary commands through the URL parameter during PDF report generation, trigger...

Skytrack - Planespotting And Aircraft OSINT Tool Made Using Python

About skytrack is a command-line based plane spotting and aircraft OSINT reconnaissance tool made using Python. It can gather aircraft information using various data sources, generate a PDF report for a specified aircraft, and convert between ICAO and Tail Number designations. Whether you are a...

Graphcat - Generate Graphs And Charts Based On Password Cracking Result

Simple script to generate graphs and charts on hashcat and john potfile and ntds Install git clone https://github.com/Orange-Cyberdefense/graphcat cd graphcat pip install . Helper $ graphcat.py -h usage: graphcat.py -h -potfile hashcat.potfile -hashfile hashfile.txt -john -format FORMAT...

CVE-2021-23203

Improper access control in reporting engine of Odoo Community 14.0 through 15.0, and Odoo Enterprise 14.0 through 15.0, allows remote attackers to download PDF reports for arbitrary documents, via crafted requests...

Odoo 安全漏洞

Odoo is a set of enterprise resource planning ERP and customer relationship management CRM system from Odoo Belgium. The system is developed in Python, with PostgreSQL as the database, and includes modules for sales management, inventory management, and financial management. A security...

SUSE CVE-2018-17245

Kibana versions 4.0 to 4.6, 5.0 to 5.6.12, and 6.0 to 6.4.2 contain an error in the way authorization credentials are used when generating PDF reports. If a report requests external resources plaintext credentials are included in the HTTP request that could be recovered by an external resource...

APTRS - Automated Penetration Testing Reporting System

APTRS Automated Penetration Testing Reporting System is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also provides an approach to keeping track of the projects and vulnerabilities...

The nature of cyber incidents

Kaspersky provides incident response services and trainings to organizations around the world. In our annual incident response report, we share our observations and statistics based on investigation of real-life incidents. The report contains anonymized data collected by the Kaspersky Global...

Maigret - OSINT Username Checker. Collect A Dossier On A Person By Username From A Huge Number Of Sites

The Commissioner Jules Maigret is a fictional French police detective, created by Georges Simenon. His investigation method is based on understanding the personality of different people and their interactions. About Purpose of Maigret - collect a dossier on a person by username only , checking fo...