Initial Access Intelligence
The "Initial Access Intelligence" module is a vital tool for cybersecurity, designed to scan GitHub repositories for the latest exploit and proof-of-concept codes for new vulnerabilities. It provides users with crucial updates on potential security threats, enabling proactive defense measures. This module helps close the gap between vulnerability discovery and patching, significantly enhancing system security.
-
Dec. 16, 2024, 4:13 p.m.
MoBots 13598
Java
Updated: 1 year, 3 months ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 3:41 p.m. This repo has been linked 1 different CVEs too. -
Jan. 10, 2025, 10:55 p.m.
None
Updated: 1 year, 2 months ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:33 p.m. This repo has been linked 5 different CVEs too. -
Jan. 22, 2025, 6:18 a.m.
CVE-2024-36401是GeoServer中的一个高危远程代码执行漏洞。GeoServer是一款开源的地理数据服务器软件,主要用于发布、共享和处理各种地理空间数据。 ALIYUN 漏洞原理: 该漏洞源于GeoServer在处理属性名称时,将其不安全地解析为XPath表达式。具体而言,GeoServer调用的GeoTools库API在评估要素类型的属性名称时,以不安全的方式将其传递给commons-jxpath库。由于commons-jxpath库在解析XPath表达式时允许执行任意代码,攻击者可以通过构造特定的输入,利用多个OGC请求参数(如WFS GetFeature、WFS GetPropertyValue、WMS GetMap等),在未经身份验证的情况下远程执行任意代码。
Python
Updated: 1 year, 2 months ago5 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:21 p.m. This repo has been linked 1 different CVEs too. -
Jan. 13, 2025, 6:17 p.m.
CVE-2024-27130是影响QNAP网络附加存储(NAS)设备的一个严重漏洞。该漏洞源于QTS操作系统中share.cgi脚本的No_Support_ACL函数中不安全地使用strcpy函数,导致堆栈缓冲区溢出。攻击者可以利用此漏洞,通过精心构造的请求在目标系统上执行任意代码,进而完全控制受影响的设备。
Python
Updated: 1 year, 2 months ago4 stars 1 fork 1 watcherBorn at : Nov. 22, 2024, 2:18 p.m. This repo has been linked 1 different CVEs too. -
Jan. 13, 2025, 6:17 p.m.
CVE-2024-0012是Palo Alto Networks PAN-OS软件中的一个身份验证绕过漏洞。该漏洞允许未经身份验证的攻击者通过网络访问管理Web界面,获取PAN-OS管理员权限,从而执行管理操作、篡改配置,或利用其他需要身份验证的特权提升漏洞(如CVE-2024-9474)
Python
Updated: 1 year, 2 months ago3 stars 1 fork 1 watcherBorn at : Nov. 22, 2024, 2:11 p.m. This repo has been linked 2 different CVEs too. -
Jan. 13, 2025, 6:17 p.m.
PoC for CVE-2024-25641 Authenticated RCE on Cacti v1.2.26
Python
Updated: 1 year, 2 months ago3 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 2:05 p.m. This repo has been linked 1 different CVEs too. -
April 23, 2025, 11:12 a.m.
CVE-2024-37084是Spring Cloud Data Flow中的一个高危漏洞,影响版本为2.11.0至2.11.3。该漏洞允许具有Skipper服务器API访问权限的攻击者通过精心构造的上传请求,将任意文件写入服务器文件系统的任意位置,进而可能导致远程代码执行,严重威胁服务器安全。
cve exp poc rce
Python
Updated: 11 months, 1 week ago5 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 1:53 p.m. This repo has been linked 1 different CVEs too. -
Dec. 4, 2024, 2:48 p.m.
None
ftc ftc-teamcode
Java
Updated: 1 year, 4 months ago0 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 1:22 p.m. This repo has been linked 1 different CVEs too. -
Dec. 15, 2024, 5:07 p.m.
This repository contains a detailed penetration testing report for a mobile application, identifying critical vulnerabilities and providing recommendations to enhance security. Tools like MobSF, Burp Suite, and Frida were used to ensure compliance with OWASP standards.
Updated: 1 year, 3 months ago1 stars 0 fork 0 watcherBorn at : Nov. 22, 2024, 12:49 p.m. This repo has been linked 1 different CVEs too. -
April 2, 2025, 3:31 p.m.
Exploit code for CVE-2023-42914 / pwn2own Vancouver 2023
C
Updated: 1 year ago11 stars 1 fork 1 watcherBorn at : Nov. 22, 2024, 11:28 a.m. This repo has been linked 2 different CVEs too.
