Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Last update: Dec 22, 2022

Overview

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Known issues

it will not work outside kali , i will update it later on :)

Check out

Owner

Hossam

cyber pharaoh to be

GitHub Repository

Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's for connected iDevice

FutureHelper Supports macOS and Windows Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's (including beta firmwares) fo

7 Jan 05, 2023

Security system to prevent Shoulder Surfing Attacks

Surf_Sec Security system to prevent Shoulder Surfing Attacks. REQUIREMENTS: Python 3.6+ XAMPP INSTALLED METHOD TO CONFIGURE PROJECT: Clone the repo to

1 Jan 27, 2022

A fast tool to scan prototype pollution vulnerability

proto A fast tool to scan prototype pollution vulnerability Syntax python3 proto.py -l alive.txt Requirements Selenium Google Chrome Webdriver Note :

4 Aug 31, 2021

Pgen is the best brute force password generator and it is improved from the cupp.py

pgen Pgen is the best brute force password generator and it is improved from the cupp.py The pgen tool is dedicated to Leonardo da Vinci -Time stays l

2 Jan 31, 2022

version de mi tool de kali linux para miertuxzzzz digo, termux >:)

Msf-Tool 1.0 Termux apt install git -y apt install python apt install python3 apt install python3-pip apt install metasploit ---- ---- git clone ht

1 Feb 20, 2022

🐎🖥《赛马娘》（ウマ娘: Pretty Derby）辅助脚本

auto-derby 自动化养马育成结果 Nurturing result 功能支持客户端 DMM （前台）实验性安卓 ADB 连接（后台）开发基于 1080x1920 分辨率团队赛 (Team race) 有胜利确定奖励时吃帕菲日常赛 (Daily race) PvP 活动赛 (Cha

376 Jan 01, 2023

MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

MongoDB-Injection Cheesy Multi-threaded script for NoSQL Injection This challeng

2 Jun 06, 2022

Keystroke logging, often referred to as keylogging or keyboard capturing

Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording the keys struck on a keyboard, typically covertly, so that a person using the keyboard is unaware

2 Jan 11, 2022

Open source vulnerability DB and triage service.

OSV - Open Source Vulnerabilities OSV is a vulnerability database and triage infrastructure for open source projects aimed at helping both open source

893 Jan 04, 2023

RedlineSpam - Python tool to spam Redline Infostealer panels with legit looking data

RedlineSpam Python tool to spam Redline Infostealer panels with legit looking da

4 Jan 27, 2022

edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

edgedressing One day while experimenting with airpwn-ng, I noticed unexpected GET requests on the target node. The node in question happened to be a W

43 Dec 23, 2022

Workshop Material on VM-based Deobfuscation

Analysis of Virtualization-based Obfuscation This repository contains slides, samples and code of the 4h code deobfuscation workshop at r2con2021. We

133 Dec 18, 2022

Advanced subdomain scanner, any domain hidden subdomains

little advanced subdomain scanner made in python, works very quick and has options to change the port u want it to connect for

5 Nov 23, 2021

Make files with as many random bytes as you want

Lots o' Bytes 🔣 Make files with as many random bytes as you want! Use case Can be used to package malware that is normally small by making the downlo

1 Jan 13, 2022

Hadoop Yan ResourceManager unauthorized RCE

Vuln Impact There was an unauthorized access vulnerability in Hadoop yarn ResourceManager. This vulnerability existed in Hadoop yarn, the core compone

25 Nov 24, 2022

Moodle community-based vulnerability scanner

badmoodle Moodle community-based vulnerability scanner Description badmoodle is an unofficial community-based vulnerability scanner for moodle that sc

11 Dec 22, 2022

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service. This tool can help a digital forensic investigator to know the conte

96 Dec 20, 2022

Exploiting CVE-2021-42278 and CVE-2021-42287 to impersonate DA from standard domain user

Related tags

Overview

Known issues

Check out

Owner

Hossam

Downloads SEP, Baseband and BuildManifest automatically for signed iOS version's for connected iDevice

Security system to prevent Shoulder Surfing Attacks

A fast tool to scan prototype pollution vulnerability

Pgen is the best brute force password generator and it is improved from the cupp.py

version de mi tool de kali linux para miertuxzzzz digo, termux >:)

🐎🖥《赛马娘》（ウマ娘: Pretty Derby）辅助脚本

MongoDB-Injection - This challenge-script is custom-made for web-server running MongoDB which is vulnerable to No-SQL injection

Keystroke logging, often referred to as keylogging or keyboard capturing

Open source vulnerability DB and triage service.

RedlineSpam - Python tool to spam Redline Infostealer panels with legit looking data

edgedressing leverages a Windows "feature" in order to force a target's Edge browser to open. This browser is then directed to a URL of choice.

Workshop Material on VM-based Deobfuscation

Advanced subdomain scanner, any domain hidden subdomains

Make files with as many random bytes as you want

Hadoop Yan ResourceManager unauthorized RCE

Moodle community-based vulnerability scanner

Analyse a forensic target (such as a directory) to find and report files found and not found from CIRCL hashlookup public service

A tool combined with the advantages of masscan and nmap

A Burp Suite extension made to automate the process of finding reverse proxy path based SSRF.

Coerce authentication from Windows hosts via MS-FSRVP (Requires FS-VSS-AGENT service running on host)