FreshRSS

๐Ÿ”’
โŒ Secure Planet Training Courses Updated For 2019 - Click Here
โ˜ท
โ–ณ ๐Ÿ”ƒ
There are new available articles, click to refresh the page.
โ˜ โ˜† โœ‡ The Hacker News

Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes

By: Newsroom โ€” April 18th 2024 at 05:54
Threat actors are actively exploiting critical vulnerabilities in OpenMetadata to gain unauthorized access to Kubernetes workloads and leverage them for cryptocurrency mining activity. That's according to the Microsoft Threat Intelligence team, which said the flaws have been weaponized since the start of April 2024. OpenMetadata is an open-source platform that operates as a
โ˜ โ˜† โœ‡ The Hacker News

Hackers Exploit Fortinet Flaw, Deploy ScreenConnect, Metasploit in New Campaign

By: Newsroom โ€” April 17th 2024 at 10:23
Cybersecurity researchers have discovered a new campaign that's exploiting a recently disclosed security flaw in Fortinet FortiClient EMS devices to deliver ScreenConnect and Metasploit Powerfun payloads. The activity entails the exploitation of CVE-2023-48788 (CVSS score: 9.3), a critical SQL injection flaw that could permit an unauthenticated attacker to execute unauthorized code or
โ˜ โ˜† โœ‡ KitPloit - PenTest Tools!

Sicat - The Useful Exploit Finder

By: Zion3R โ€” April 9th 2024 at 12:30

Introduction

SiCat is an advanced exploit search tool designed to identify and gather information about exploits from both open sources and local repositories effectively. With a focus on cybersecurity, SiCat allows users to quickly search online, finding potential vulnerabilities and relevant exploits for ongoing projects or systems.

SiCat's main strength lies in its ability to traverse both online and local resources to collect information about relevant exploitations. This tool aids cybersecurity professionals and researchers in understanding potential security risks, providing valuable insights to enhance system security.


SiCat Resources

Installation

git clone https://github.com/justakazh/sicat.git && cd sicat

pip  install  -r  requirements.txt

Usage


~$ python sicat.py --help

Command Line Options:

Command Description
-h Show help message and exit
-k KEYWORD
-kv KEYWORK_VERSION
-nm Identify via nmap output
--nvd Use NVD as info source
--packetstorm Use PacketStorm as info source
--exploitdb Use ExploitDB as info source
--exploitalert Use ExploitAlert as info source
--msfmoduke Use metasploit as info source
-o OUTPUT Path to save output to
-ot OUTPUT_TYPE Output file type: json or html

Examples

From keyword


python sicat.py -k telerik --exploitdb --msfmodule

From nmap output


nmap --open -sV localhost -oX nmap_out.xml
python sicat.py -nm nmap_out.xml --packetstorm

To-do

  • [ ] Input from nmap result from pipeline
  • [ ] Nmap multiple host support
  • [ ] Search NSE Script
  • [ ] Search by PORT

Contribution

I'm aware that perfection is elusive in coding. If you come across any bugs, feel free to contribute by fixing the code or suggesting new features. Your input is always welcomed and valued.



โŒ