Happy to share my medium post for follina vulnerability and BTLO challenge resolution. By reading my post you will find a detailed analysis for the CVE-2022–30190 follina vulnerability (definition, discovery timeline, technical analysis of the vunlerability, the available online analysis and the vulnerability remediations). also you will find a detailed explaination of the OOXML file specifications and links to platforms and POCs for testing in practice Follina vulnerability. after the theorical analysis you will find in the last part of the article the Follina BTLO challenge resolution. If you are a SOC analyst, incident investigator, blue team member, or a person who want to read and discover details for known vulnerabilities, this post is for you. #Follina Vulnerability #CVE-2022–30190 #Investigation #Vulnerability analysis #BTLO #Challenge resolution #mediumPost #SOC #BlueTeam
Benmansour Nejib’s Post
More Relevant Posts
-
Just Completed => Basic room: OpenVAS OpenVAS is a vulnerability scanner tool by Greenbone Vulnerability Management (GVM) Solution. Provide detailed report of scanning. I used https://lnkd.in/gjSscATD article to configure it and update the vulnerability database to the latest.
OpenVAS
tryhackme.com
To view or add a comment, sign in
-
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Wireshark. User interaction is required to exploit this vulnerability in that the target must open a specially crafted packet capture file. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2023-6175.
ZDI-24-355
zerodayinitiative.com
To view or add a comment, sign in
-
HOW I INVESTIGATED A MALICIOUS SCAN ACTIVITY In this BTLO lab, I was provided with a pcap file to analyze and determine if a scan activity on the network was malicious. For this investigation, I used Wireshark as the primary tool to analyze the data. 💚 check out step by step of my investigation on my medium page Link in the comment section
To view or add a comment, sign in
-
Site: tring.co.in Bug: IDOR( Insecure Direct Object Refrence) Severity: high Poc: https://lnkd.in/dRGN7gj7 Note: change the numeric value like 596523 to 596422 or any vale #bugBounty, #ASR827
To view or add a comment, sign in
-
The severity is increased for this new vulnerability affecting TRCore DVC (CVE-2024-11311) https://lnkd.in/dXRD8dZ3
To view or add a comment, sign in
-
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-24992.
ZDI-24-382
zerodayinitiative.com
To view or add a comment, sign in
-
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Ivanti Avalanche. Authentication is required to exploit this vulnerability. The ZDI has assigned a CVSS rating of 8.8. The following CVEs are assigned: CVE-2024-23534.
ZDI-24-379
zerodayinitiative.com
To view or add a comment, sign in
-
[CVE-2024-8575: HIGH] Critical buffer overflow vulnerability discovered in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220. Exploit allows remote attacks via the setWiFiScheduleCfg function in /cgi-bin/cstecgi.cgi. Disclosure made public after vendor ignored notifications. https://lnkd.in/eD8xK4W2
To view or add a comment, sign in
-
👀 How Secureworks Taegis XDR maps coverage and countermeasures to the tactics and techniques used by over 500 adversarial software types with XDR Adversary Software Coverage (ASC) tool.
Taegis XDR MITRE ATT&CK® Map
secureworks.com
To view or add a comment, sign in
-
Standard Penetration Test (SPT) https://lnkd.in/eCgXNDi7
To view or add a comment, sign in
Principal Engineer at National Agency of Cybersecurity - TunCERT
1moIntéressant