SecList for CyberStudents

Bitrix excel RCE

Описание уязвимости

21 марта стало известно о новой RCE уязвимости в модулях Bitrix. (BDU:2025-03006) В этот раз под раздачу попали плагины “Экспорт/Импорт товаров в Excel”. Уязвимость оценили на 8.8/10 баллов по CVSS 3.0.

Причем RCE подвержены сразу 6 модулей, а именно:

1. Импорт из Excel – версии от 2.4.7 до 2.8.9…

https://cybersec.org/blog/hack/bitrix-excel-rce.html

130 viewsedited 11:35

SIEM Components

#BlueTeam #SIEM

116 views09:27

SecList for CyberStudents

Forwarded from Kiberxavfsizlik markazi

#css2025 #cknews #redteam

🟦

🦁

Cyberkent 3.0: “Red team” saralash bosqichi yakunlandi!

79 ta jamoa o’rtasida bo‘lib o‘tgan bellashuvda final yo'llanmasini qo'lga kiritganlar quyidagicha:

1️⃣

ChiLL Chain
2️⃣ Team1337
3️⃣ AgroSec
4️⃣ Cybernetic
5️⃣ ShadowRise
6️⃣ Old Land Team
7️⃣ NovaPulse
8️⃣ sudo CRY
9️⃣ dreamteam
1️⃣0️⃣ LynuxSec

Mazkur jamoalarni tabriklaymiz!

📈Saralashdan o’tgan jamoalar joriy yilning 7-8 oktabr kunlari bo’lib o’tadigan "CYBERKENT 3.0" Red team finalida o'zaro kuch sinashadi.

🌐

Website | 📝Telegram | 🌐Facebook |

📹

Youtube

Please open Telegram to view this post

VIEW IN TELEGRAM

👍2🔥1

81 views14:56

SecList for CyberStudents

Hayabusa (隼) is a sigma-based threat hunting and fast forensics timeline generator for Windows event logs.

https://github.com/Yamato-Security/hayabusa

#BlueTeam #DFIR

137 views08:17

SecList for CyberStudents

https://github.com/Sh3n0bi/NetForensicAI

GitHub

GitHub - Sh3n0bi/NetForensicAI: NetForensicAI is a Python tool for PCAP analysis, using AI to extract files (PDFs, PNGs), detect…

NetForensicAI is a Python tool for PCAP analysis, using AI to extract files (PDFs, PNGs), detect anomalies, and check threats via VirusTotal. With deep packet inspection and a Plotly Dash dashboard...

111 viewsedited 06:37

SecList for CyberStudents

Forwarded from Brut Security

⚡S3Scan - A powerful S3 bucket security scanner designed for penetration testing and bug bounty hunting. This tool automatically detects misconfigurations and security vulnerabilities in AWS S3 buckets.

✅https://github.com/KingOfBugbounty/s3tk

98 views06:56

SecList for CyberStudents

Forwarded from KazHackStan

🔴 Red Team – team1337

team1337 — команда, представляющая киберсообщество, объединённое общим интересом к информационной безопасности и наступательным практикам.

Для участников команды важны не только соревнования, но и вклад в развитие комьюнити: обмен знаниями, совместные проекты и повышение уровня экспертизы в сфере кибербезопасности.

📅 17–19 сентября
📍 Алматы | Sadu Arena

#KazHackStan #CyberKumbez #RedTeam

🔥5

78 views08:11

SecList for CyberStudents

https://www.straiker.ai/blog/cyberspike-villager-cobalt-strike-ai-native-successor

www.straiker.ai

Cyberspike Villager – Cobalt Strike’s AI-native Successor | Straiker

Straiker uncovers Villager, a Chinese-based pentesting framework that acts as an AI-powered framework in the style of Cobalt Strike, automating hacking and lowering the barrier for global attackers.

98 views08:30

SecList for CyberStudents

https://github.com/cc1a2b/JShunter

GitHub

GitHub - cc1a2b/JShunter: jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This…

jshunter is a command-line tool designed for analyzing JavaScript files and extracting endpoints. This tool specializes in identifying sensitive data, such as API endpoints and potential security v...

125 views12:13

SecList for CyberStudents

Forwarded from Kiberxavfsizlik markazi

#css2025 #cknews #blueteam

🟦

🦁

Cyberkent 3.0: “Blue team” saralash bosqichi yakunlandi!

81 ta jamoa o’rtasida bo‘lib o‘tgan bellashuvda final yo'llanmasini qo'lga kiritganlar quyidagicha:

1️⃣

ShadowGuard
2️⃣ shaptoli
3️⃣ CyberShadow
4️⃣ Depth Divers
5️⃣ CyberFort Alliiance
6️⃣ AntiAttack
7️⃣ LegionSec
8️⃣ T3amC0m
9️⃣ IYB
1️⃣0️⃣ BeSecure

Mazkur jamoalarni tabriklaymiz!

📈Saralashdan o’tgan jamoalar joriy yilning 7-8 oktabr kunlari bo’lib o’tadigan "CYBERKENT 3.0" Blue team finalida o'zaro kuch sinashadi.

🌐

Website | 📝Telegram | 🌐Facebook |

📹

Youtube

Please open Telegram to view this post

VIEW IN TELEGRAM

82 views13:37

SecList for CyberStudents

Kiberxavfsizlik markazi

#css2025 #cknews #blueteam 🟦

🟦

🦁Cyberkent 3.0: “Blue team” saralash bosqichi yakunlandi! 81 ta jamoa o’rtasida bo‘lib o‘tgan bellashuvda final yo'llanmasini qo'lga kiritganlar quyidagicha: 1️⃣ ShadowGuard 2️⃣ shaptoli 3️⃣ CyberShadow 4️⃣ Depth Divers…

Team shaptoli🔥 We did it thanks for team members. Inshaallah, we will take first place in the final.

👏4🔥2

122 views13:40

SecList for CyberStudents

Forwarded from Proxy Bar

CVE-2025-24813
*
Tomcat RCE - POC exploit

98 views04:56

SecList for CyberStudents

Forwarded from KazHackStan

Сегодня арена кипела от напряжения! 🔥

Завершился первый день битвы, и команды показали, на что они способны в условиях реального кибер-боя.

🏆 Топ-5 команд дня:

1️⃣ FR13NDS TEAM - 11 500
2️⃣ DD0ST4R - 8 100
3️⃣ Em1x - 6 750
4️⃣ SPACE - 6 580
5️⃣ team1337 - 6 537

Red vs Blue продолжается.
Завтра ставки ещё выше, а битва за лидерство только накаляется! ⚡️⚡️⚡️

🔥5

121 views14:45

SecList for CyberStudents

image_2025-09-18_22-38-00.png

391.8 KB

image_2025-09-18_22-38-00.png

138.4 KB

https://wordlists-cdn.assetnote.io/data/automated/

#Wordlist #fuzz #API

124 viewsedited 17:38

About

Blog

Apps

Platform