Initial Access Intelligence
The "Initial Access Intelligence" module is a vital tool for cybersecurity, designed to scan GitHub repositories for the latest exploit and proof-of-concept codes for new vulnerabilities. It provides users with crucial updates on potential security threats, enabling proactive defense measures. This module helps close the gap between vulnerability discovery and patching, significantly enhancing system security.
-
Aug. 12, 2024, 7:48 p.m.
A remote code execution vulnerability exists in Remote Desktop Services – formerly known as Terminal Services – when an unauthenticated attacker connects to the target system using RDP and sends specially crafted requests. This vulnerability is pre-authentication and requires no user interaction. An attacker who successfully exploited this vulnerability could execute arbitrary code on the target system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.
C
Updated: 1 year, 5 months ago1 stars 2 fork 2 watcherBorn at : May 16, 2019, 12:45 a.m. This repo has been linked 1 different CVEs too. -
Aug. 12, 2024, 7:48 p.m.
PoC about CVE-2019-0708 (RDP; Windows 7, Windows Server 2003, Windows Server 2008)
Updated: 1 year, 5 months ago39 stars 16 fork 16 watcherBorn at : May 16, 2019, 12:34 a.m. This repo has been linked 1 different CVEs too. -
May 15, 2023, 5:22 a.m.
Porting Suricata to Bro signatures
suricata-rule suricata zeek bro-ids python3 broctl
Python
Updated: 2 years, 8 months ago6 stars 2 fork 2 watcherBorn at : May 15, 2019, 10:34 p.m. This repo has been linked 1 different CVEs too. -
Aug. 12, 2024, 7:48 p.m.
None
Updated: 1 year, 5 months ago1 stars 0 fork 0 watcherBorn at : May 15, 2019, 10:03 p.m. This repo has been linked 1 different CVEs too. -
May 16, 2019, 12:10 a.m.
None
Python
Updated: 6 years, 8 months ago0 stars 0 fork 0 watcherBorn at : May 15, 2019, 9:28 p.m. This repo has been linked 11 different CVEs too. -
Sept. 23, 2021, 2:05 p.m.
CVE-2019-0708 EXPloit-poc 漏洞描述 微软官方紧急发布安全补丁,修复了一个Windows远程桌面服务的远程代码执行漏洞CVE-2019-0708,该漏洞影响了某些旧版本的Windows系统。此漏洞是预身份验证,无需用户交互。当未经身份验证的攻击者使用RDP(常见端口3389)连接到目标系统并发送特制请求时,可以在目标系统上执行任意命令。甚至传播恶意蠕虫,感染内网其他机器。类似于2017年爆发的WannaCry等恶意勒索软件病毒。 漏洞评级 CVE-2019-0708 严重 安全建议 1、针对Windows 7及Windows Server 2008的用户,及时安装官方安全补丁:https://www.catalog.update.microsoft.com/Search.aspx?q=KB4499175 2、针对Windows 2003及Windows XP的用户,及时更新系统版本或安装官方补丁:https://support.microsoft.com/zh-cn/help/4500705/customer-guidance-for-cve-2019-0708 CVE-2019-0708 EXPloit-poc 影响版本 Windows7 XP Windows 2003 Windows Server 2008 Windows Server 2008 R2 EXPloit-poc: https://pan.baidu.com/s/184gN1tJVIOYqOjaezM_VsA 提取码:e2k8
Updated: 4 years, 4 months ago1 stars 0 fork 0 watcherBorn at : May 15, 2019, 8:26 p.m. This repo has been linked 1 different CVEs too. -
Aug. 12, 2024, 7:48 p.m.
None
Python
Updated: 1 year, 5 months ago1 stars 0 fork 0 watcherBorn at : May 15, 2019, 8:04 p.m. This repo has been linked 1 different CVEs too. -
July 21, 2022, 10:16 a.m.
Totally legitimate
C Python
Updated: 3 years, 6 months ago11 stars 12 fork 12 watcherBorn at : May 15, 2019, 7:53 p.m. This repo has been linked 1 different CVEs too. -
Aug. 12, 2024, 7:48 p.m.
None
C
Updated: 1 year, 5 months ago2 stars 0 fork 0 watcherBorn at : May 15, 2019, 7:11 p.m. This repo has been linked 1 different CVEs too. -
Aug. 12, 2024, 7:48 p.m.
CVE-2019-0708
Python
Updated: 1 year, 5 months ago19 stars 10 fork 10 watcherBorn at : May 15, 2019, 5:56 p.m. This repo has been linked 1 different CVEs too.
