Four FIN9 hackers indicted for cyberattacks causing $71M in losses
3 Key Components to Look For in a Cloud Detection and Response Solution
Stop Phishing with Next-Gen SIEM and SOAR
Unlock Advanced Security Automation for Next-Gen SIEM
30M Potentially Affected in Tickettek Australia Cloud Breach
Modular Malware Boolka’s BMANAGER Trojan Exposed
Experts observed approximately 120 malicious campaigns using the Rafel RAT -
Hackers Claim TEG Ticket Vendor Breach: 30M User Records for Sale
CoinStats says North Korean hackers breached 1,590 crypto wallets
The NYSE's $10M Wake-up Call
Android Users Warned of Rising Malware Threat From Rafel RAT
The State of Ransomware in Financial Services 2024
Google Introduces Project Naptime for AI-Powered Vulnerability Research
Widespread Use of Rafel RAT Puts 3.9 Billion Android Devices at Risk
Attacks with new GoRed backdoor aimed at Russia
Critical RCE Vulnerability Discovered in Ollama AI Infrastructure Tool
Kaspersky Antivirus Software Banned In The US Over National Security Concerns | Daily Security Review
Apple Data Breach Claimed By IntelBroker: Source Code Allegedly Exposed | Daily Security Review
LockBit Ransomware Claims 33 TB of US Federal Reserve Data for Ransom
Provenir’s AI-powered risk decisioning platform increases fraud detection
Is your cybersecurity vendor transparent about vulnerability fixes?
Rafel RAT targets outdated Android phones in ransomware attacks
Cyberattacks plague Japan’s space agency
Dozen Kaspersky execs face US sanctions
China-Based RedJuliett Targets Taiwan in Cyber Espionage Campaign
Identity: the common denominator behind CDK and other recent breaches
LockBit claims the hack of the US Federal Reserve
Ease the Burden with AI-Driven Threat Intelligence Reporting
Mailcow Patches Critical XSS and File Overwrite Flaws - Update NOW
Open-source Rafel RAT steals info, locks Android devices, asks for ransom
Polish Prosecutors Step Up Probe into Pegasus Spyware Operation
Sellafield Pleads Guilty to Historic Cybersecurity Offenses
Ransomware threat landscape Jan-Apr 2024: insights and challenges
ExCobalt Cybercrime group targets Russian organizations in multiple sectors
Semperis raises $125 million to expand global customer base
Enzoic appoints Kristen Ranta Haikal Wilson as CEO
Dynamic Computing Calls for Cyber Resilience, Not Just Security
Cracking the Case: My First CTF Adventure with Brooklyn Nine-Nine | by Adwait Gaikwad | Jun, 2024 | Medium
RedJuliett Cyber Espionage Campaign Hits 75 Taiwanese Organizations
Multiple Threat Actors Deploying Open-Source Rafel RAT to Target Android Devices
Why are threat actors faking data breaches?
1 out of 3 breaches go undetected
Cracking down on cybercrime: Who you gonna call?
Securing the video market: From identification to disruption
Over 700 Dark Web Ads Offer DDoS Attacks Via IoT in 2023
Hardening Snowflake security — Part 2 | by Athavale Mandar | Jun, 2024 | Medium
Unveiling Malware: A Journey from Analysis to Detection | by Mohammed Muneer | Jun, 2024 | Medium
Threat actor attempts to sell 30 million customer records allegedly stolen from TEG
Cyber Attack On CDK Global Impacts Thousands Of US Car Dealerships | Daily Security Review
Data Breach At Maxicare Philippines Exposed Personal Records Of Thousands Of Members | Daily Security Review
This Week In Cybersecurity: 17th June To 21st June, AMD Data Breach | Daily Security Review
The Ultimate Guide To Buying A Server For Your Small Business
Microsoft Photos update brings requested features to Windows 11
Found Bugs, Got paid, Stayed poor: Making a Living with Bug Bounties | by Path Cybersec [Slava Moskvin] | Jun, 2024 | Medium
Examining the US Government’s DDoS Protection Guidance Update
Facebook PrestaShop module exploited to steal credit cards
Getting eCPPT at 16 years old. Yes, it is possible. | by H15 | Jun, 2024 | Medium
Threat actors exploited SolarWinds Serv-U bug CVE-2024-28995
newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
AMD Data Breach: Intelbroker Violates AMD Again And Releases Sensitive Data | Daily Security Review
Week in review: CDK Global cyberattack, critical vCenter Server RCE fixed
Reverse Shell Through Third-Party Libraries | by Tal Sperling | Jun, 2024 | Medium
The Cybersecurity Job market Is Changing... Are you ready for the next 5 years ??? | by Taimur Ijlal | Jun, 2024 | AWS in Plain English
How I found a .env file and can access the whole server of mysql | by JEETPAL | Jun, 2024 | Medium
Upgrading Wazuh to Version 4.8.0: A Step-by-Step Guide | by SOCFortress | Jun, 2024 | Medium
12 Tips for Managing Cryptocurrency Market Volatility
CDK Global outage caused by BlackSuit ransomware attack
Researchers Uncover UEFI Vulnerability Affecting Multiple Intel CPUs: CVE-2024–0762 | by Lithium Networks | Jun, 2024 | Medium
How I Hacked NASA Using Recon. Hello guys , Myself Sriharan Mahendran… | by Sriharan Mahendran | Jun, 2024 | Medium
Ratel RAT targets outdated Android phones in ransomware attacks
US government sanctions twelve Kaspersky Lab executives
Experts found a bug in the Linux version of RansomHub ransomware
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor
Warning: New Adware Campaign Targets Meta Quest App Seekers
U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban
Bypassing iCloud Web Access Restriction | by Lyubomir Tsirkov | Jun, 2024 | Medium
Congress floats measure to block Chinese chipmaking equipment
Pwnagotchi: A Virtual Pet That Eats Wi-Fi Handshakes As Treats | by Baran | Radio Hackers | May, 2024 | Medium
Resiliency is more than just technology | Slalom Business
How I Got My First €€€€ Bounty. I’ll share In this write-up how I… | by Machiavelli | Jun, 2024 | Medium
How I cleared CC in Just 10 Days :) | by Pyt3cH04 | Jun, 2024 | Medium
LAUSD Data Breach: Hackers Leak 25M Records, Including Student Locations
Determine the Real Impact of a Security Breach Using the “So What?” Technique | by Utku Şen | Jun, 2024 | Medium
Snowflake at centre of world’s largest data breach | by Kevin Beaumont | Jun, 2024 | DoublePulsar
Emerging Trends in Cyber Security from Black Hat Asia 2024 | KBTG Life
Analysis of Apple’s New AI Private Compute Cloud | by Patrick Walsh | Jun, 2024 | The Salty Hash
Los Angeles Unified confirms student data stolen in Snowflake account hack
Legal Defense Fund Covers Crypto Research
VicOne Solutions for Detection of Zero-Day Vulnerabilities and Contextualized Attack Paths
Abstract Security Announces General Availability of its AI-Powered Data Streaming Platform for Security
Kaspersky's US Customers Face Tight Deadline Following Govt. Ban
CISO Corner: Critical Infrastructure Misinformation; France's Atos Bid
FS-ISAC Announces Appointments to Global Board of Directors
'SneakyChef' APT Slices Up Foreign Affairs With SugarGh0st
Explore topics
Multifactor Authentication Is Not Enough to Protect Cloud Data
After 2 hacks, CDK Global warns customers of social-engineering attacks
CISA publishes recommendations for SMBs to adopt single sign-on
Vulnerability Summary for the Week of June 17, 2024 | CISA
Beyond the CVE: Analyzing the Depth of GitHub Security Advisories
Disarming Fiat-Shamir footguns | Trail of Bits Blog
Monitoring Android file system with fsmon
FBI Strategy to Get What You Want Every Time - YouTube
NHS - Hack of Synnovis impacts hospitals. How, who and why? - YouTube | Request Rate Threshold Exceeded
The community project
A new approach based on quadratic forms to attack the McEliece cryptosystem
911. Simple Combination Padlock Bypass with Multipick Rolls Royce Jackknife Lock Pick Set #multipick - YouTube
How to detect (modified|headless) Chrome instrumented with Selenium (2024 edition)
Zip Slip meets Artifactory: A Bug Bounty Story | Karma(In)Security
TheXero | Understanding Protected Management Frames
Cyber attack on hospitals impacts 1,130 operations in London - BBC News
ExCobalt Cyber Gang Targets Russian Sectors with New GoRed Backdoor |
Digital Impersonation Fraud: a Growing Challenge for Brands - Security Boulevard
Wiz expands SIEM integration with Google Security Operations | Wiz Blog
Firmware flaw affects numerous generations of Intel CPUs — UEFI code execution vulnerability found for Intel CPUs from 14th Gen Raptor Lake to 6th Gen Skylake CPUs, and TPM will not save you | Tom's Hardware
Bloomberg - Are you a robot?
How to pick old sticky lock ?! 🤢 - YouTube
U.S. Treasury Sanctions 12 Kaspersky Executives Amid Software Ban
Reverse Engineering The Unicorn — Somerset Recon
Defense Witness Richard Green Karen Read Trial - YouTube
mac - What hash algorithm/construction to use to prove Data Availability? - Cryptography Stack Exchange
[L241] Capitol Magnetic Cam Lock - pick and gut - YouTube
Major League Hacking Fellowship
The SDK used to create Process Hacker plugins.
This manages your data in offline mode and keeps it safe from hackers. You can add unlimited amount of secret data in it. You will have to create an account (offline only), which will be used to password protect your data.
R code for reproducing the results and figures from the study "Many Intersections in Search of an Author – An intersectional analysis of material outcomes in job security and early career returns of school-to-work transitions in Germany"
Prisma Hacker News App
This repository features a powerful one-liner command designed to simplify and streamline your workflow. Perfect for hackers, bug hunters, and cybersecurity professionals, this command encapsulates complex operations into a single, easy-to-use line, enhan
TextVault: Encrypt and decrypt text using a proprietary non-decryptable encryption technique for ultimate data security. Protect your messages with confidence.
Final Project of Hardware Security
A network packet analyzer captures and interprets data packets traveling over a network, providing insights into network performance, security, and protocol issues for troubleshooting and analysis purposes.
WAF implementation
Course Work For Introduction to Cloud Architecture
AI audio proof of concept #2 - read TEI transcripts, build SOLR index with nomic embeddings, exploratory search and delivery web interface
This is an application that hacks Minecraft Launcher and it puts Minecraft Java, Bedrock, Legends and Dungeons.
Proof of concept application
Projects from my June 2024 TechnoTrench Cyber Security & Ethical Hacking Internship
PARADIM to Girder importer (proof of concept)
Small proof-of-concept project to deepen my knowledge of boids.
CyberSnap! - compete against the hacker to defend the digital realm in this fast-paced cybersecurity snap game
I designed and normalized a database system to 3NF from the very scratch. The database is responsible for storing patient, doctor, medical record, appointment, and dept information. I Implemented T-SQL statements for the tables, views, stored procedures,
Hacker-Rank solution of C language
repository that contains all tools written by me used for penetration testing / networking
Questo repository contiene il progetto di penetration testing ed ethical hacking sviluppato per il corso all'Università degli Studi di Salerno.
Admin view Hack-AI-thon
spring security + jwt token basic practice
Client-side security camera project - a project to place security cameras inside a building according to the Two-Phase algorithm. The project was conducted as a final project for software engineering studies according to the plan of the Ministry of Educat
Testing cyber security tools in ICS areas
What started as an interest in a device called the pwnagotchi, turned into a curiosity of AI & Cyber security. Leading to the current development of my own Intrusion detection system.
Projetinho que eu fiz porque queria organizar um arquivo txt de informações sobre as evoluções dos pokémons em uma hack rom que eu jogava em ordem alfabética.
Short Course Overview on cybersercurity essentials
some pet adoption to implement security stuff with it
Cyber Security Internship
DeFi Security Breaches: Comprehensive Root Cause Analysis
projet-collectif-plateforme-de-vente-de-meubles-ike-hack created by GitHub Classroom
My python script that maps out and identifes devices connected within a given IP range
Updated files to use for Pwnagotchi
Streamline network reconnaissance with this advanced Nmap automation script. Perform default, service, and all-port scans, including options for fast mode and verbosity. Automates detection and scanning of newly discovered open ports, utilizing specified
Proof of concept (lotta shitcode)
Proof of Concept study for JS
Hacked Minecraft: Windows 10 Edition v1.1.5
Detailed documentation and project structure for data management at TokoBli. Aims to enhance decision-making, improve data quality and security, increase efficiency, ensure regulatory compliance, and utilize data for advanced analytics at a leading e-comm
BrainTech is an innovative proof-of-concept (POC) project aimed at revolutionizing knowledge management and customer intelligence for tech consulting companies.
A CLI for enabling 2FA for your Purdue Hackers Passport
Proof-of-concept for MirageOS on seL4
Take down the Hack
Created Python script for web server fingerprinting, extracting Server header to identify web server type/version, aiding security assessments and optimizations.
Entity-Relation Diagram Assisted Hacking Tool
spring security 6 + jwt
The desktop application offers a comprehensive solution for managing online bill payments, streamlining employee management, and providing secure and convenient payment processes. As a next step, consider exploring ways to integrate mobile payment opt
Tech Blogs from most popular software companies in hacker news style
osu-aimassist-hack osu-hack-bot osu-hacker osu-relax-hack osu-hack-download osu osu-hacks osu-relax-hack-2024 osu-hack
Just a repository to store my proofs of concept
fivem-hack-undetected fivem-hack-bypass fivem-free-mod-menu cheat-free-fivem tabz fivem
Cyber Security
The Domain Information Tool is a powerful utility that allows you to quickly and easily gather domain information and perform security checks.
Unfinished Mario kart hack shitpost, something I’ve been working on, on the side. Hope you enjoy :3
Fortnite ESP hack Fortnite aimbot Fortnite unlimited V-Bucks Fortnite radar hack Fortnite invisibility hack Fortnite no spread hack Fortnite no recoil hack Fortnite speed hack
Hacked openjdk/jdk-jdeps for OSGI header generation
EFT ESP hack EFT mod menu Escape from Tarkov hack tool EFT unlimited ammo Escape from Tarkov God mode EFT no recoil hack
By the help of this Hacking Tool you can easily report any valid or non-valid Facebook account. Existing right!!! You can check it out. Error solution [Hint:install chromedriver]
Video-to-top Youtube-365-hack Youtube-365 Youtube-video-cheat Youtube-365-crack Youtube-cheat
Welcome to Cal project. This web-based application, built with Python and Flask, provides an intuitive platform for mathematical operations. Hosted on GCP's Cloud Run, it's optimized for speed, offers a responsive design for diverse user accessibility, an
By the help of this Hacking Tool you can easily generate free and valid gmail account. Existing right!!! You can check it out. Error solution [Hint:install chromedriver]
this is a proof of concept keylogger and disruption program that runs in python. it utilizes random input manipulation and simulated user error to retain a users attention serving as a disruptive attack and a mask for a keylogger which does not log the si
DNN Security学习,目前主要是记录一下学习笔记
DBD Unlimited Bloodpoints Dead by Daylight Free Bloodpoints DBD Speed Hack Dead by Daylight Hacks 2024 Dead by Daylight Exploits DBD Hack Script Dead by Daylight Hacks No Ban DBD Cheats PC
An Ultimate Hack Tool that make u laugh =))
Driver-Booster-Pro-crack-download Driver-Booster-Pro-keygen Driver-Booster-Pro-serial-key Driver-Booster-Pro-activation-code Driver-Booster-Pro-full-version-crack Driver-Booster-Pro-cracked-software Driver-Booster-Pro-license-key-crack Driver-Booster-Pro-
Microservices and spring security practice
Proof-of-concept self-hostable configuration cloud for LiquidBounce NextGen.
Proof of concept of Web Automation Framework that is module and is written in Web Driver.IO
DarkStar is a Premium Hacking Tools. You can buy by contacting me
Ecommerce website using stripe, shadcn, nexts, tailwindcss. Proof of concept
gta-5-cheat gta-5-hack gta-v-mod-menu gta-5-mod-menu gta-mod-menu gta-5-mod-menu-pc mod-menu-gta-5 gta-5-mod-menu-free gta-online-mod-menu gta-mod-menu-pc gta-5-online-mod-menu gta-5-mod-menu-download mod-menu-gta-v-online gta5-mod gtav-cheat mod-menu-gt
GTA5 online, GTA V, GTA 5, Grand The Auto Five Mod menu, Hack, Cheat UFI Driver, Spoofers and much more
Projeto desenvolvido em RUST para servir como um intermediador da api para proteger a mesma de possiveis requisições maliciosas
league-of-legends lol lol-cheat lol-hack league-of-legends-hack lol-script lol-scripts lol-cheats lol-script-free lol-scripting hack-lol hacks-en-lol tool-hack-lol league-of-legends-hacks lol-script-hack hacks-lol lol-scripter script-lol hack-lol-2023 ma
Learning about Spring Security with Todo Code Academy
A Proof of Concept EA (Expert Advisor) to show the dangers of running a random EA on a trading account via grinding the balance to 0 via commissions as quickly as possible.
minecraft-mod minecraft-hack minecraft-hacked-client minecraft-hacking minecraft-hacks best-hacked-client-for-minecraft minecraft-hacked-client-1-20-1 minecraft-hacked-client-1-20 minecraft-hacked-client-free best-minecraft-hacked-clients hacked-client m
This is the collection of try hack me rooms write up.
This c++ program allows the user manage a list that contains the first and last name as well as the social security number. The program uses a simple algorithm and dynamic memory allocation.
rainbow-six-siege-hack rainbow-six-siege-esp rainbow-six-siege-cheat r6-cheat r6-hack r6s-cheat rainbow-six-cheat r6s-hack r6s-esp rainbow-six-siege-hack-free free-r6s-hack rainbow-six-hack-free r6s-hack-free rainbow-six-siege-hacks rainbow-six-siege-che
This is a proof-of-concept in defining a catalog of software concepts as described in "The Essence of Software (EOS)"
fortnite fortnite-cheat fortnite-cheats fortnite-aim fortnite-aimbot fortnite-hack fortnite-hacks fortnite-esp fortnite-wallhack fortnite-wh fortnite-softaim cheat-fortnite cheats-fortnite hack-fortnite hacks-fortnite fortnite-free-hack fortnite-hack-aim
KAR Hack Pack decomp made with PPC
Ethical Hacking [Internship Studio] files
Published security audits
build a L1 chain proof of concept
rust rust-cheat rust-hack rust-esp rust-wallhack rust-free-hack hack-rust free-rust-hack rust-hack-2023 rust-hacks download-rust-hack rust-cheat-download rust-cheat-free rust-download-hack rust-hack-undetected rust-esp-hack free-hacks-rust rust-aimbot ru
🏴‍☠️ Hacking Guides, Demos and Proof-of-Concepts 🥷
스프링 시큐리티 공부
Hackable Testing file
AI pictures proof of concept - crawl blacklight, build SOLR index with CLIP embeddings, exploratory web interface
By completing this project, you will enhance your skills in Linux command-line operations, Bash scripting, and automation of routine tasks, which are essential for efficient system administration and DevOps practices.
☣️ This repository contains the description and a proof of concept for CVE-2024-34312
A secure Identity Management System (IMS) backend microservice, designed for robust user management with stringent security measures, ideal for seamless integration within microservices architecture.
Mis apuntes de haking
HackingWithSwift Projects
☣️ This repository contains the description and a proof of concept for CVE-2024-34313
IP Security Suite
The Log Analyzer Tool is a Python-based application designed to help you analyze log files for suspicious activities. It supports detection of malware, file tampering, unauthorized access, and security breaches. The tool works on macOS, Windows, and Linux
This project is based on AI Ethical Hacking, which refers to the use of artificial intelligence technologies to perform ethical hacking tasks. This website was created using only HTML and CSS.
Demo Credit Wallet Service is an MVP for a mobile lending app, providing essential wallet functionalities. Users can create accounts, fund their wallets, transfer funds, and withdraw money. The service also ensures that users listed in the Lendsqr Adjutor
Proof of Concept EAs (Expert Advisor) to show the potential dangers of running a random EA on a trading account.
A secure healthcare data management system using blockchain and machine learning. Enhances privacy, patient control, and disease prediction. Built with Ethereum, React, Node.js, and Python. Revolutionizes healthcare data management with security, transpar
Download Hell Let Loose hacks 2024 Best Hell Let Loose cheats Free Hell Let Loose hacks Undetectable Hell Let Loose cheats Hell Let Loose ESP hack Hell Let Loose unlimited ammo Hell Let Loose god mode Hell Let Loose radar hack Hell Let Loose speed hack
Anonify: Shroud Your Data in Privacy and Security
A small web application which helps to load, save and serve proof of concepts needed for web application focused penetration tests.
Download FiveM hacks 2024 Best FiveM cheats Free FiveM hacks Undetectable FiveM hacks FiveM money hack FiveM speed hack FiveM fly hack FiveM auto aim
AI Hacks 2024
Een samenwerking tussen de leden van EHGN Ethical Hacker Groep Nederland. Om een tool te creeren die wachtwoordlijsten kan genereren met een breed aanbod aan opties.
This is the testing git branch which is used to learn all git hacks
Learn how to hack fire alarms using SDR tools like RTL-SDR and URH.
This project is a RESTful API that will be used for the management of different modules such as users, campaigns, reservations, volunteer work, requests, etc. It is made with Laravel 10, PHP (version 8.2.10), and connected to a MySQL database. For securit
GTA5 online, GTA V, GTA 5, Grand The Auto Five Mod menu, Hack, Cheat UFI Driver, Spoofers and much more
0Password never remembers your passwords. It keeps your digital life secure and always available, safe behind the zero password that only you know.
A quick hack to test web APIs
My face recognition project utilizes machine learning algorithms to analyse facial features and identify individuals from images. It employs face recognition to detect key facial landmarks and compare them against a database for accurate identification, s
Security Operation Center Project using Wazuh, SolarWinds, and NetFlow
waffle hacks submission
JORM is a Database Management System written in vanilla Javascript. Its aim is to provide a relational database model that uses .json files as tables. Though, it's severely risky to use it in production with regard to security concerns. Thus, use JORM in
Primer proyecto requisito obligatorio para obtener la Information Security Certification de freecodecamp
Tells you how much each Hack Club Arcade prize would be valued for, and can reccomend you the most "worth it" prize based on your ticket number.
FiveM External cheat, offers various features like aimbot, triggerbot, exploits, and customizable settings, enhancing the gameplay experience. It includes a KeyAuth system for additional security and user management. The cheat is designed to be undetectab
Studying SwiftUI with making CupcakeCorner in Hacking with swift
Simplifying Python code obfuscation for enhanced script security.
This repository contains a collection of tools and scripts designed to simulate attacks and identify vulnerabilities in systems and networks. Ideal for cybersecurity professionals and enthusiasts focused on penetration testing, security assessments, and t
One place to track world wide stock markets, government securities, commodities prices etc.
This repository gathers essential tools and scripts for cyber defense. Focused on monitoring, intrusion detection, incident response, and system hardening. Perfect for security analysts, system administrators, and anyone interested in protecting infrastru
Data Gathering and Footprinting on a Targeted Web Site Lab for Certified Ethical Hacking I
Hacks For Fortnite
Proof of concept to scrape a serialized web novel into an EPUB.
Ammo Hack Cheat For AssaultCube Version: 22.6.2024
External Game Project primarily written in C++, utilizing external libraries. Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui.
Proof of work (PoW) is a blockchain consensus mechanism that requires significant computing effort from a network of devices. The concept was adapted from digital tokens by Hal Finney in 2004 through the idea of "reusable proof of work" using the 160-bit
A Cheat / Hack for Typewriter. The only requirement is Python. You can even launch a custom lesson of your choice. If you run schreibtrainer(start).bat It will start the next lesson. The username and password are only storing on your pc in logindata.json.
A proof of concept for create phoenix app in desktop
Projects @ Iron Hack Bootcamp in Data Science & Machine Learning
Im actively combating scammers while developing various cheats and tools for games, including Hack Cheat Driver Esp Aimbot Magic Bullet, Driver Injector Overlay, and Imgui
For the 2024 Windy City Hacks Event
A minimal Hacker News client.
ProdPause is a downtime tracking application for manufacturing environments written in Django / Python. The prototype branch is intentionally minimal as it was built to demonstrate a proof-of-concept to my current employer.
I like to hack
Cal hacks AI hackathon 2.0
Private chat room implemented with Vigenère & AES cryptographic security measures
Information and Network Security practicals
I am interested in hacking
BitCracker BTC-Password-Recovery Bitcoin-Brute-Force Private-Key-Cracker Crypto-Wallet-Recovery Blockchain-Security Digital-Wallet-Cracker Cryptocurrency-Tool Ethical-Hacking Cybersecurity-Tool
Example from "Hacking with Swift". Starting point to play around with Apple's Core ML.
BitCrack Bitcoin-Cracking GPU-Brute-Force BTC-Wallet-Recovery Private-Key-Recovery Crypto-Cracking Blockchain-Security Digital-Wallet-Cracker Cryptocurrency-Tool Ethical-Hacking Password-Cracker
Spam Mail Detection is a Python-based application. The project utilizes machine learning algorithms to classify emails as either spam or ham(Not-Spam). With an intuitive user interface built using Streamlit, it empowers users to effortlessly analyze and f
Authentication of User and Password with Spring Security and Spring MVC, Thymeleaf
Bandicam-crack-latest Bandicam-crack-online Bandicam-crack-version-free Bandicam-hack-download Bandicam-screen-capture-crack Bandicam-crack-zip Bandicam-no-registration-crack Bandicam-unlimited-time-crack Bandicam-lifetime-crack
This repository contains a comprehensive analysis of the prevalence of undernourishment across various regions and years. Using comprehensive data, this project aims to provide insights into global food security trends through detailed statistical analysi
A tiny mini Security Operations Center that integrates SIEM, SOAR and XDR to provide tech enthusiasts a platofm to transform their single board computers into powerful security analysers.
A convenient way for you to be able to manage your passwords locally on your system without having to be afraid of your data being accessed or your passwords being hacked into
Battlefield-2042-ESP-hack Battlefield-2042-no-recoil-hack Battlefield-2042-speed-hack Battlefield-2042-radar-hack Battlefield-2042-God-mode Battlefield-2042-invisible-hack Battlefield-2042-hack-tool Battlefield-2042-aim-assist
This project is part of the Software Security Engineering course under my bachelor's degree in software engineering
A Flutter mobile app for UPTM students offering secure and convenient housing near the university. Features include user profiles, listings, advanced search, map integration, notifications, secure messaging, and robust security measures. Supports both And
FOSS VoIP Web Calling Proof-of-concept
Implement a zero-trust security framework to ensure secure access to applications and data, regardless of user location. The framework will provide fine-grained access controls, secure authentication, network segmentation, real-time monitoring, and dynami
Hwid Spoofer is a C# application that enables you to alter various system identifiers on your Windows computer, offering randomization of critical identifiers like HWID, PC GUID, computer name, product ID, and even MAC address. This tool allows for enhanc
Chrome Extension | HTML CSS JS TS REACT
A stateless Authentication mechanism that Uses JWT tokens for authorisation
Hacker News Explorer is a comprehensive web application that combines the features of a Hacker News Reader and a Search Engine, enable users to stay updated and explore the Hacker News stories.
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
2024 University of Guelph student developer club hackathon winner for best AI hack. Optimizes 911 emergency calls left on hold by incorporating an AI assistant that transcribes user information to the operator while accounting for calls about the same sit
This repository contains a proof-of-concept project aimed at developing a predictive model to forecast patient responses to treatments for Alcohol and Nicotine Use Disorders. The goal is to identify which patients are likely to respond positively to the t
Hey My name is Imran I am a professional web developer and creat bot and hacking
Technology and Security Fundamentals
PDF AI - Berkeley Hacks
With unwavering precision, Google Chrome safeguards user data within an unyielding fortress of security. Hence, for the Mercuria
This project implements a gateway service using Spring Cloud Gateway for routing and security enforcement in a microservices architecture.
A Injection Hack Client For MiniWorld,InClude FakeFPS VersionChanger and more function....
Hack crypto exchange and transfer funds into my broke wallet
Projeto final da disciplina de Laboratório de Iniciação à Programação
Our Apex Legends hacks and cheats stand out as some of the most accessible and dependable options in the online realm. Sign up on our platform, ascend to VIP membership, and acquire access to our suite of hacks. With our instant delivery system
XSscanner is an advanced tool designed to detect Cross-Site Scripting (XSS) vulnerabilities in web applications. By utilizing sophisticated crawling techniques and a wide array of payloads and obfuscation methods, xscanner identifies potential security ri
Cal Hacks 2024
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
Molly is an advanced AI security assistant that integrates GPT-4 with Metasploit, automating network vulnerability assessments and exploitations through natural language processing and seamless tool integration.
Hack to call site's export, and containerize content in local machine.
A minimalist personal finance tracking app built with Node.js, Express, and React. Track income, expenses, and savings with transaction categorization, budget setting, and simple visualizations. Emphasizes secure coding practices and data encryption for u
Vulnera is a command-line interface (CLI) tool designed to deploy multiple vulnerable servers for educational and testing purposes. Choose from a curated list of insecure server environments to launch and explore various security vulnerabilities in a cont
Spring Boot with Spring Security using JWT
Malware, exploits, tools, and proof of concepts
A proof-of-concept NES emulator written in Python with PyGame. idk
A cutting-edge, high-performance, hardware-accelerated network stack tailored for userland. Configurable for precise measurements, security, and machine learning, or a minimal code footprint mode with generic fallbacks. Useful for malware research, as wel
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
Call of Duty Warzone has gained significant popularity over time, attracting millions of global players. Lavicheats offers cheats and hacks that can give you an unbeatable
Free Code Camp Security Applications
Use of jwt toke. how to generate and send to the client and also how to get it back when next request comes.
Cloud Potions Hardnix Shield is a comprehensive security script designed for Debian-based Linux systems. It automates the process of hardening your system's security by implementing a wide range of best practices and security measures.
Secure your Pardus/Linux Installation with Firewall, Malware Scan and Link Checker
Spring security manual login using post mapping '/login' request url
Enhance the security of your KeyAuth ImGui example by implementing server-side controls, packet encryption, and single-use packets, offering robust protection against unauthorized access.
A playground for throwing together proof of concepts, tying sound, light and geometry together
Melting Hack Sprint 2 A git repo - Unity
My first project for Hack Club Arcade
Repository for the Hack Club
Wiki home page for the Hacker Dojo Python Group
Hacking the space, Dad
A proof-of-concept of running Cap'n Proto RPC calls through QUIC.
Simple Desktop Password Generation Tool
Linux IR tool that eluminates that way weary cyber security analysts.
proof-of-concept Python exam grader created for the 41st Twente Student Conference on IT (TScIT41).
Python+YOLOv8-based detection & DVR system
an example of possible real world malware to build and test anti-ransomware techniques for a cyber security project
Ethical Hacking - Dos attacks on different services.
AI Productivity Tool - Free and open-source, aimed at improving user productivity while ensuring privacy and data security. Provides efficient and convenient AI solutions for enhancing image and video processing experiences and efficiency.
THis is what my SOC lab and activities surounding the lab environment for improving my cyber security skill set
A Repository that explains all types of attacks that can be made by hackers (FOR EDUCATIONAL PURPOSES ONLY)
code-golfed curl-like powered by kernel-mode crypto, with no security
Secure Social Media API with Role-Based Access Control Using Spring Boot
An Introductory Workshop on Web API Development for SMU .Hack Software Development Interest Club
Tools for hacking and security wordlist management. Python and C++ utilities, keyword-based list generation, and efficient handling of large datasets.
This repo contains design mockups for a project called SafeBoxx., an automated threat-modeling mobile app designed to identify potential privacy and security threats and vulnerabilities in social media applications, including a list of countermeasures to
Spring Security + JWT + Redis를 이용한 로그인,로그아웃,회원가입 실습 저장소 (OAuth 추가 예정)
Book Nest is an online book store to manage, buy, add, remove and sell books. Book name and Quantity selection, auto receipt generated and payment options. Login and logout security for both user and admin. Seperate Profile for all.
Implementacion de spring security con jwt 15/06/2024
Demo for tracking people entering and leaving the workplace, with the exception of a security guard (which will be tracked under a different class and will not count towards the number of people going through the gate)
Contains my take on problems of hacker-rank arranged by topics and sub-topics.
Fusion is a security-centric framework that streamlines the development process on Roblox, offering developers a seamless and secure way to manage their game’s operations.
This Ansible project is designed for applications that receive update files (e.g., tar format) and execute them through an automatic update service. It is primarily intended for internal network and security applications that are not cloud-based.
This repository contains Terraform code to deploy a secure, scalable AWS infrastructure for Travel Salmon. It includes VPCs, subnets, EC2 instances, RDS, and an Application Load Balancer. Follows best practices for security and resource management, suppo
This repository contains Cloudflare custom pages shown to visitors during a security challenge or when an error occurs.
Proof of Concept
GCC 1.27 Hacked to build on MSVC / targetting BSD like syntax (DJGPP/MinGW32)
Mini CRM system for managing user information. Users can add, edit, and delete user information, as well as authenticate and manage users. The project is written in PHP, following OOP principles and web application security standards, utilizing MySQL and
hacked harfbuzz 2
A just work proof of concept. Will be improving this one day.
OpenShield is a firewall designed for AI models.
Ransomware proof-of-concept that uses Discord as a C2 to store encryption keys
Check Point Security Gateway (LFI)
Basically a clone of the old Indie Hackers website
Micro Muzayede project is a Microservices proof of concept project developed using technologies such as ASP.NET Core, Entity Framework Core, Identity Server, PostgreSQL, MongoDB, MassTransit, RabbitMQ, YARP, SignalR, xUnit, NextJS and so on.
Building REST APIs using Spring Boot, Spring Security 6, JWT, Spring Data JPA, Hibernate, MySQL, Docker & Deploy on AWS
This project is a simple e-commerce application built using Java and Spring Boot. It includes user registration, product management, cart operations, order processing, and role-based access control with Spring Security. RESTful API design, API documentati
Kitap Pazari is a proof of concept project built on ASP.NET Core MVC. It utilizes Entity Framework Core ASP.NET Identity and MSSQL Server. Used N Tier Architecture, Repository and Unit of Work patterns to manage the codebase.
Self-updatable RAT + C2 server + client.
User Authentication Service , Spring Security Basics
A hack client for GD. Use L to invoke.
BioInformation Hacks
Akton: An actor-based acceleration framework for building distributed, resilient, cloud-native solutions. Designed for rapid development and deployment, ensuring high performance and security.
Project for a system to monitor payments and maturity dates of fixed income securities.
Yeongu Notes is a simple, open source text editor created to simplify the edition of .txt files. Adding an extra layer of security.
An information security blog (rewrite.)
A library of posts for hackers (BETA)
A Rust-based tool for serial brute force attack
Hack Beyond the Code: Building a Toolbox of Human-Centred Strategies for AI Literacy
🔗 Marlin attack, BME's a tool used to enumerate, attack, or poisoning target inside networks, it even has an ability for 'roastable' checking. A deadly swiss army knife for pentesting networks, online scenarios, etc. Suitable for strength checking. Note:
ChatGPT Jailbreaks, GPT Assistants Prompt Leaks, GPTs Prompt Injection, LLM Prompt Security, Super Prompts, Prompt Hack, Prompt Security, Ai Prompt Engineering, Adversarial Machine Learning.
Hack the 6ix 2024 landing page
FREE, secure and open source cross-platform 2FA TOTP app
An evolving repository of CloudTrail events with detailed descriptions, MITRE ATT&CK insights, real-world incidents, references and security implications
Vulnerability check of iptime C200 products
[cybersec] Writeups and analyses of Hack The Box machines
Penetration testing of web applications can identify security vulnerabilities in databases, source code, and backend networks of web-based applications. It can not only identify vulnerabilities but also help prioritize them and provide solutions to mitiga
Repositório para armazenar conteúdo do curso hackers do bem
Blogs on Algorithms, Security and AI
Proof-of-Concept with a practical solution on how to aggregate, transport and interpret green metrics within a simulated computer network using P4 on BMv2.
Terraform Cisco FMC Network-as-Code Module
Prompt is a proof of concept php-based desktop command palette application built with Laravel Livewire and NativePHP. It is designed to be easily extensible, allowing developers to seamlessly integrate functionalities.
A 2D hack'n slash made in Odin
A process to achieve security in digital world through images.
This repository has a proof-of-concept that uses the Opentelemetry processor to prevent revealing sensitive data.
Blazor Server OpenID Connect authentication and session security
This is my full smart contract security portfolio including smart contract audits and bug bounties.
PrivacyPin is a secure FOSS location sharing app that prioritizes user privacy and security
A proof-of-concept for a RAG to query the scikit-learn documentation
a proof of concept distributed image proxy
University - G6077 Introduction to Computer Security. A simple web app exploring the implementation of various cyber security measures.
Agent responsible for detecting remote vulnerabilities, a robust scanner.
Pocket base Security/High availability backend wrapper
It provides functions commonly required by applications, such as Django's basic login/logout authentication, security measures, user profiles, and inquiries. I created it as a study. It can be applied to various purposes.
Hack for a CSGO game (doesn't bypass anticheat)
SRv6 Security Considerations
Simple proof of concept on using the attribute projection of graphql to reduce the columns selected by jpa.
Generate robust, random passwords to fortify your online security. Don't be a victim of cyber attacks.
Lernamterial und Notizen zum lernen
This is a proof of concept application made using the Discord API for the express purpose of getting pinned messages in a group chat/server.
Xygeni platform - software supply chain security
[PROOF OF CONCEPT - NOT FOR EVERYDAY USE] Universal linux launcher for anime games
find Proof of concept (PoC) repos for CVEs
Security company website
Simple RESTful Point of Sale (POS) Service API written in Go using Gin web framework, PostgreSQL database, and Redis cache. Proof of concept of implementing Hexagonal Architecture in Go.
I suck at scripting.
Debian Security Tracker
A small basic proof-of-concept database written in Rust. I wouldn't recommend using this in production.
Creating open, reusable and extensible secure systems stacks through the application of AI, security best practices and chaos security engineering feedback.
Cloud Care is a secure and efficient OPT supporting system built using Next.js. It offers a web-based interface to streamline healthcare operations, replacing manual processes with automated functionalities. The system ensures data security and follows st
Several Proofs of concepts
This is my final project for the Hack Challenge for iOS Development. It is an app to keep track of your vinyl collection!
AttackMate is an attack orchestration tool that executes full attack-chains based on playbooks.
Regroup here, all of spring framework like spring security, spring mvc, spring cloud .. 💻<\☕>
CSS typography hack for
Cyber Security Tools
This repo is for "python for hacker" projects
A proof of concept to collect solar data from my sunsynk inverter as well as weather data.
(WIP) The online/offline judge system with regard of security, flexibility and efficiency, written in Rust.
Hack this fall submission
The missing toolkit for extending Gallagher Command Centre, featuring a CLI, SQL interface, TUI and a Python idiomatic SDK
I am a final-year student in Software Engineering background. Skilled in algorithms, data structures, problem-solving, and programming languages. Also, I have the patience to work in the field of cyber security. I'm always excited about learning new thing
Frontend codebase for Sentinel Finance, a proof-of-concept website built with HTML, CSS and JS.
Sample repository for Keycloak integration into web applications
🤖 ✍️ blot, the plotting bot from hack club
A DIY security alarm system — powered by a Raspberry Pi. Supports hardwired and MQTT sensors.
A privacy-respecting, ad-free, self-hosted Google metasearch engine with strong security that offers full API support and utilizes Qwant for images, and DuckDuckGo for auto-complete.
WebApp Proof of Concept - Live Translation + Polly
Exploring the physical limits of trusted hardware in the classical and quantum settings to achieve security through physics.
This is hacking software that combines two popular hacking software Nmap and Hydra
The most powerful and lightweight API that allows you to develop your original Haxball( host, client, and standalone applications both on node.js and browser environments and also includes every possible hack and functionality that you can
A tool for WI-FI penetration testing that automates your attacking processes.
Hack space for release testing
Container build repository
A collection of Server-Side Prototype Pollution gadgets and exploits
Naming brain-storming service for individuals (Proof of Concept)
A simple 3D graphics engine designed to serve as a tool for proof-of-concept algorithms
Zero à Hacker
This project is a proof-of-concept - which is a rewrite of my old college project - to demonstrate my skills as a DevOps Engineer before anything else after earning the Microsoft Certified: DevOps Engineer Expert certification
DNS server for privacy & security package for YunoHost
Project's related with cyber security.
Welcome to TheCyberHUB, a community-driven platform for hackers, cybersecurity enthusiasts, and IT professionals. Our platform provides a variety of free resources, including Capture The Flag (CTF) challenges, courses, blogs, forums, and much more.
automate the boring stuff!
A secure low code honeypot framework, leveraging AI for System Virtualization.
unnamed minecraft hacked client (mcp1.8.8)
Liste des informations liées au Hack/IT
Pet container for hacking on CoreOS
PWN is an open security automation framework that aims to stand on the shoulders of security giants, promoting trust and innovation.
Pack to hack the 3DS in all firmware
A collection of django password validators
Hardware Security Module for Raspberry Pico
Falco Talon is a Response Engine for managing threats in your Kubernetes
Nova Wallet iOS is a next gen application for Polkadot & Kusama ecosystem, transparent & community-oriented, focused on convenient UX/UI, fast performance & security.
StarCraft Hack Detect
Pentesting automation platform that combines hacking tools to complete assessments
A Python implementation of PASETO and PASERK.
A modified UI for Hacker News, starting with dark mode and no comments (by default). Not affiliated with Y Combinator or Hacker News in any way.
Abdal FTP BruteForce tool is a powerful software with a zero error rate designed to test the security of servers using the FTP protocol. This tool supports proxy usage for attacks and can redirect all your traffic through the proxy during the hacking proc
Proof of Concepts
Native API header files for the Process Hacker project (nightly).
Easy User Management Framework/Starter App for Spring. Providing registration, login, logout, and more built on top of Spring Security.
A Difficulty + Improvement hack of Pokemon Red version.
Pentesting tool for Minecraft
Report Templates One of the most important elements of running a successful bug bounty program, is ensuring you get high quality reports. Report templates help to ensure that hackers provide you with all of the information you need to verify and validate
Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.
AHK for hapy hacking keybord
I2P+ is a soft-fork of the Java I2P Anonymizing Network Layer - this is a mirror of
I2P+ is a soft-fork of the Java I2P Anonymizing Network Layer - this is a mirror of
Security Summer School, Web track
phpMussel upload handler (dedicated Composer version).
reNgine is an automated reconnaissance framework for web applications with a focus on highly configurable streamlined recon process via Engines, recon data correlation and organization, continuous monitoring, backed by a database, and simple yet intuitive
The Kubernetes Security Profiles Operator
Collection of scripts and how-to for hacking embedded devices
Information security and quality assurance certification projects.
Websockets Proof of Concept Main Application
An attempt to demonstrate ability via Hacker Rank challenges.
This web application enables users to add their favorite quotes on hacking, they are able to upvote or downvote and delete the posts they made too.
Hardware hacks of any kind, dumps, mods, diy tools and so on
Awesome Node.js Security resources
Backend MVP showcasing JWT (Json Web Token) authentication with multiple login, timeout / refresh / logout (with in memory invalidation) using Spring Security & MySQL JPA.
Demonstration videos and presentation regarding the talk given at the VOXXED LU 2018 conference.
Completely Hackable Amateur Radio Telescope
Google CTF
An easy to use and scalable SQL password recovery/audit tool.
Fast passive subdomain enumeration tool.
🔑 Paseto.NET, a Paseto (Platform-Agnostic Security Tokens) implementation for .NET
A revolutionary internet infrastructure enabling a truly free Network, that offers Stability, Trust, Privacy, and Security
Hacked? - have i been pwned? Android App
An unofficial TypeScript SDK for the 'Have I been pwned?' service.
Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2
BSidesNYC website
DevSecOps, ASPM, Vulnerability Management. All on one platform.
The wolfSSL library is a small, fast, portable implementation of TLS/SSL for embedded devices to the cloud. wolfSSL supports up to TLS 1.3 and DTLS 1.3!
AIL framework - Analysis Information Leak framework. Project moved to
An Emacs framework for the stubborn martian hacker
OWASP dependency-check is a software composition analysis utility that detects publicly disclosed vulnerabilities in application dependencies.
Lean, hackable, extensible slide deck framework. Previously known as CSSS.
CVE-2024-24550 -- A security vulnerability has been identified in Bludit, allowing attackers with knowledge of the API token to upload arbitrary files through the File API which leads to arbitrary code execution on the server. This vulnerability arises from improper handli
CVE-2024-24551 -- A security vulnerability has been identified in Bludit, allowing authenticated attackers to execute arbitrary code through the Image API. This vulnerability arises from improper handling of file uploads, enabling malicious actors to upload and execute PHP
CVE-2024-24552 -- A session fixation vulnerability in Bludit allows an attacker to bypass the server's authentication if they can trick an administrator or any other user into authorizing a session ID of their choosing.
CVE-2024-24553 -- Bludit uses the SHA-1 hashing algorithm to compute password hashes. Thus, attackers could determine cleartext passwords with brute-force attacks due to the inherent speed of SHA-1. In addition, the salt that is computed by Bludit is generated with a non-c
CVE-2024-24554 -- Bludit uses predictable methods in combination with the MD5 hashing algorithm to generate sensitive tokens such as the API token and the user token. This allows attackers to authenticate against the Bludit API.
CVE-2024-27136 -- XSS in Upload page in Apache JSPWiki 2.12.1 and priors allows the attacker to execute javascript in the victim's browser and get some sensitive information about the victim. Apache JSPWiki users should upgrade to 2.12.2 or later.
CVE-2024-29868 -- Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) vulnerability in Apache StreamPipes user self-registration and password recovery mechanism.
CVE-2024-3121 -- A remote code execution vulnerability exists in the create_conda_env function of the parisneo/lollms repository, version 5.9.0. The vulnerability arises from the use of shell=True in the subprocess.Popen function, which allows an attacker to inject arbitr
CVE-2024-3264 -- Use of a Broken or Risky Cryptographic Algorithm vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Signature Spoofing by Improper Validation.This issue affects Mia-Med Health Aplication: before 1.0.14.
CVE-2024-33278 -- Buffer Overflow vulnerability in ASUS router RT-AX88U with firmware versions v3. allows a remote attacker to execute arbitrary code via the connection_state_machine due to improper length validation for the cookie field.
CVE-2024-33687 -- Insufficient verification of data authenticity issue exists in NJ Series CPU Unit all versions and NX Series CPU Unit all versions. If a user program in the affected product is altered, the product may not be able to detect the alteration.
CVE-2024-36038 -- Zoho ManageEngine ITOM products versions from 128234 to 128248 are affected by the stored cross-site scripting vulnerability in the proxy server option.
CVE-2024-36495 -- The application Faronics WINSelect (Standard + Enterprise) saves its configuration in an encrypted file on the file system which "Everyone" has read and write access to, path to file:
CVE-2024-36496 -- The configuration file is encrypted with a static key derived from a
CVE-2024-36497 -- The decrypted configuration file contains the password in cleartext
CVE-2024-37091 -- Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in StylemixThemes Consulting Elementor Widgets allows OS Command Injection.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
CVE-2024-37092 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in StylemixThemes Consulting Elementor Widgets allows PHP Local File Inclusion.This issue affects Consulting Elementor Widgets: from n/a through 1.3.0.
CVE-2024-37107 -- Improper Privilege Management vulnerability in Membership Software WishList Member X allows Privilege Escalation.This issue affects WishList Member X: from n/a through 3.25.1.
CVE-2024-37109 -- Improper Control of Generation of Code ('Code Injection') vulnerability in Membership Software WishList Member X allows Code Injection.This issue affects WishList Member X: from n/a through 3.25.1.
CVE-2024-37111 -- Missing Authorization vulnerability in Membership Software WishList Member X.This issue affects WishList Member X: from n/a through 3.25.1.
CVE-2024-37228 -- Improper Control of Generation of Code ('Code Injection') vulnerability in InstaWP Team InstaWP Connect allows Code Injection.This issue affects InstaWP Connect: from n/a through
CVE-2024-37231 -- Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Salon Booking System Salon booking system allows File Manipulation.This issue affects Salon booking system: from n/a through 9.9.
CVE-2024-37233 -- Improper Authentication vulnerability in Play.Ht allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Play.Ht: from n/a through 3.6.4.
CVE-2024-37825 -- An issue in EnvisionWare Computer Access & Reservation Control SelfCheck v1.0 (fixed in OneStop Hotfix May 2024) allows unauthenticated attackers on the same network to perform a directory traversal.
CVE-2024-39337 -- Click Studios Passwordstate Core before 9.8 build 9858 allows Authentication Bypass.
CVE-2024-4460 -- A denial of service (DoS) vulnerability exists in zenml-io/zenml version 0.56.3 due to improper handling of line feed (`\n`) characters in component names. When a low-privileged user adds a component through the API endpoint `api/v1/workspaces/default/com
CVE-2024-4499 -- A Cross-Site Request Forgery (CSRF) vulnerability exists in the XTTS server of parisneo/lollms version 9.6 due to a lax CORS policy. The vulnerability allows attackers to perform unauthorized actions by tricking a user into visiting a malicious webpage, w
CVE-2024-4748 -- The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request to the application server. 
CVE-2024-4754 -- Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Stored XSS.This issue affects Business Process Manangement (BPM): from befo
CVE-2024-4839 -- A Cross-Site Request Forgery (CSRF) vulnerability exists in the 'Servers Configurations' function of the parisneo/lollms-webui, versions 9.6 to the latest. The affected functions include Elastic search Service (under construction), XTTS service, Petals se
CVE-2024-4899 -- The SEOPress WordPress plugin before 7.8 does not sanitise and escape some of its Post settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks.
CVE-2024-4900 -- The SEOPress WordPress plugin before 7.8 does not validate and escape one of its Post settings, which could allow contributor and above role to perform Open redirect attacks against any user viewing a malicious post
CVE-2024-5683 -- Improper Control of Generation of Code ('Code Injection') vulnerability in Next4Biz CRM & BPM Software Business Process Manangement (BPM) allows Remote Code Inclusion.This issue affects Business Process Manangement (BPM): from before
CVE-2024-5862 -- Improper Restriction of Excessive Authentication Attempts vulnerability in Mia Technology Inc. Mia-Med Health Aplication allows Interface Manipulation.This issue affects Mia-Med Health Aplication: before 1.0.14.
CVE-2024-6160 -- SQL Injection vulnerability in MegaBIP software allows attacker to disclose the contents of the database, obtain session cookies or modify the content of pages. This issue affects MegaBIP software versions through 5.12.1.
CVE-2024-6274 -- A vulnerability classified as critical has been found in lahirudanushka School Management System 1.0.0/1.0.1. This affects an unknown part of the file /attendancelist.php of the component Attendance Report Page. The manipulation of the argument aid leads
CVE-2024-6275 -- A vulnerability classified as critical was found in lahirudanushka School Management System 1.0.0/1.0.1. This vulnerability affects unknown code of the file parent.php of the component Parent Page. The manipulation of the argument update leads to sql inje
CVE-2024-6276 -- A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. This issue affects some unknown processing of the file teacher.php of the component Teacher Page. The manipulation of the argument up
CVE-2024-6277 -- A vulnerability, which was classified as critical, was found in lahirudanushka School Management System 1.0.0/1.0.1. Affected is an unknown function of the file student.php of the component Student Page. The manipulation of the argument update leads to sq
CVE-2024-6278 -- A vulnerability has been found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this vulnerability is an unknown functionality of the file subject.php of the component Subject Page. The manipulation of the arg
CVE-2024-6279 -- A vulnerability was found in lahirudanushka School Management System 1.0.0/1.0.1 and classified as critical. Affected by this issue is some unknown functionality of the file examresults-par.php of the component Exam Results Page. The manipulation of the a
CVE-2024-6280 -- A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upl
CVE-2024-39331 -- In Emacs before 29.4, org-link-expand-abbrev in lisp/ol.el expands a %(...) link abbrev even when it specifies an unsafe function, such as shell-command-to-string. This affects Org Mode before 9.7.5.
CVE-2024-39334 -- MENDELSON AS4 before 2024 B376 has a client-side vulnerability when a trading partner provides prepared XML data. When a victim opens the details of this transaction in the client, files can be written to the computer on which the client process is runnin
CVE-2024-4841 -- A Path Traversal vulnerability exists in the parisneo/lollms-webui, specifically within the 'add_reference_to_local_mode' function due to the lack of input sanitization. This vulnerability affects versions v9.6 to the latest. By exploiting this vulnerabil
CVE-2024-6266 -- A vulnerability classified as critical has been found in Pear Admin Boot up to 2.0.2. Affected is an unknown function of the file /system/dictData/loadDictItem. The manipulation leads to sql injection. It is possible to launch the attack remotely. The exp
CVE-2024-6267 -- A vulnerability classified as problematic was found in SourceCodester Service Provider Management System 1.0. Affected by this vulnerability is an unknown functionality of the file system_info/index.php of the component System Info Page. The manipulation
CVE-2024-6268 -- A vulnerability, which was classified as critical, has been found in lahirudanushka School Management System 1.0.0/1.0.1. Affected by this issue is some unknown functionality of the file login.php of the component Login Page. The manipulation of the argum
CVE-2024-6269 -- A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This vulnerability affects the function get_ip.addr_details of the file /view/vpn/autovpn/sxh_vpnlic.php of the component HTTP POST Request Handler. The manipulation of the ar
CVE-2024-6273 -- A vulnerability was found in SourceCodester Clinic Queuing System 1.0. It has been declared as problematic. Affected by this vulnerability is the function save_patient of the file patient_side.php. The manipulation of the argument Full Name/Contact/Addres
CVE-2024-21514 -- This affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension for OpenCart, which is included by default in version As an anonymous unauthenticated user, if the Divido pay
CVE-2024-21515 -- This affects versions of the package opencart/opencart from A reflected XSS issue was identified in the filename parameter of the admin tool/log route. An attacker could obtain a user's token by tricking the user to click on a maliciously crafted
CVE-2024-21516 -- This affects versions of the package opencart/opencart from A reflected XSS issue was identified in the directory parameter of admin common/filemanager.list route. An attacker could obtain a user's token by tricking the user to click on a malicio
CVE-2024-21517 -- This affects versions of the package opencart/opencart from A reflected XSS issue was identified in the redirect parameter of customer account/login route. An attacker can inject arbitrary HTML and Javascript into the page response. As this vulne
CVE-2024-21518 -- This affects versions of the package opencart/opencart from A Zip Slip issue was identified via the marketplace installer due to improper sanitization of the target path, allowing files within a malicious archive to traverse the filesystem and be
CVE-2024-21519 -- This affects versions of the package opencart/opencart from An Arbitrary File Creation issue was identified via the database restoration functionality. By injecting PHP code into the database, an attacker with admin privileges can create a backup
CVE-2024-2484 -- The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Services and Post Type Grid widgets in all versions up to, and including, 2.10.34 due to insufficient input sanitization and output escaping. This makes i
CVE-2024-3593 -- The UberMenu plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 3.8.3. This is due to missing or incorrect nonce validation on the ubermenu_delete_all_item_settings and ubermenu_reset_settings functions.
CVE-2024-38319 -- IBM Security SOAR could allow an authenticated user to execute malicious code loaded from a specially crafted script. IBM X-Force ID: 294830.
CVE-2024-38379 -- Apache Allura's neighborhood settings are vulnerable to a stored XSS attack.  Only neighborhood admins can access these settings, so the scope of risk is limited to configurations where neighborhood admins are not fully trusted.
CVE-2024-4313 -- The Table Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘_id’ parameter in all versions up to, and including, 2.1.2 due to insufficient input sanitization and output escaping. This makes it possible for aut
CVE-2024-4874 -- The Bricks Builder plugin for WordPress is vulnerable to Insecure Direct Object Reference in all versions up to, and including, 1.9.8 via the postId parameter due to missing validation on a user controlled key. This makes it possible for authenticated att
CVE-2024-4940 -- An open redirect vulnerability exists in the gradio-app/gradio, affecting the latest version. The vulnerability allows an attacker to redirect users to arbitrary websites, which can be exploited for phishing attacks, Cross-site Scripting (XSS), Server-Sid
CVE-2024-5346 -- The Flatsome theme for WordPress is vulnerable to Stored Cross-Site Scripting via the UX Countdown, Video Button, UX Video, UX Slider, UX Sidebar, and UX Payment Icons shortcodes in all versions up to, and including, 3.18.7 due to insufficient input sanit
CVE-2024-5443 -- CVE-2024-4320 describes a vulnerability in the parisneo/lollms software, specifically within the `ExtensionBuilder().build_extension()` function. The vulnerability arises from the `/mount_extension` endpoint, where a path traversal issue allows attackers
CVE-2024-5596 -- The ARMember Premium plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.7. This is due to incorrectly implemented nonce validation function on multiple functions. This makes it possible for unauthenticated
CVE-2024-5791 -- The Online Booking & Scheduling Calendar for WordPress by vcita plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'wp_id' parameter in all versions up to, and including, 4.4.2 due to missing authorization checks on processAction fu
CVE-2024-5965 -- The Mosaic theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘link’ parameter within the theme's Button shortcode in all versions up to, and including, 1.7.1 due to insufficient input sanitization and output escaping. This makes it
CVE-2024-5966 -- The Grey Opaque theme for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘url’ parameter within the theme's Download-Button shortcode in all versions up to, and including, 2.0.1 due to insufficient input sanitization and output escaping. T
CVE-2024-6120 -- The Sparkle Demo Importer plugin for WordPress is vulnerable to unauthorized database reset and demo data import due to a missing capability check on the multiple functions in all versions up to and including 1.4.7. This makes it possible for authenticate
CVE-2024-6251 -- A vulnerability, which was classified as problematic, was found in playSMS 1.4.3. Affected is an unknown function of the file /index.php?app=main&inc=feature_phonebook&op=phonebook_list of the component New Phonebook Handler. The manipulation of the argum
CVE-2024-6252 -- A vulnerability has been found in Zorlan SkyCaiji up to 2.8 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Task Handler. The manipulation of the argument onerror leads to cross site scripting. Th
CVE-2024-6253 -- A vulnerability was found in itsourcecode Online Food Ordering System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /purchase.php. The manipulation of the argument customer leads to sql injection. The att