[SubFl0w] New Tool

-


Hi guys,

What is the tool do?

We write a new Tool this tool you gives it a subdomains list and the tool check all of the lists and if it notices that the subdomain may be vulnerable with subdomain takeover it will tell you about it.

Requirements

  • Python2.7 / 3.7
  • requests lib [pip install requests]
  • colorama lib [pip install colorama]

Now to Download

you can download it from here: Tool






Comments

Post a Comment

Popular posts from this blog

Rooting with chwoot: Deep Dive into CVE-2025-32463

-
Image
Discovered in Sudo version 1.9.15 and fixed in 1.9.17p1, CVE-2025-32463 is a logic vulnerability that allows an attacker to load arbitrary `.so` libraries via a controlled `nsswitch.conf` path, leveraging unsafe pivot root logic. This blog walks through the vulnerability analysis, control flow trace, and source code references. Ref: Vulnerability Advisory Exploit :  Maybe it will not work with you if this happens, try to write your own vulnerable directory, and try the exploit after understanding it.
Read more

[PWN] LA CTF 2025 - gamedev heap challenge

-
Image
     ( بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ ) (إن أحسنت فمن الله، وإن أسأت فمن نفسي والشيطان) Hey guys, now we have a challenge from LA CTF 2025 it was an easy but hard -I made a mistake :(-, let's start. Reverse (code review) in the reverse process, we can notice the following the binary uses a struct called "Level" there is a heap overflow. no free in the challenge custom list (next-ptr) is used functions in the binary "init" creates a chunk to store the next addresses and this is the "start" variable "explore" function is used to move from level to level. "create" creates a new chunk with size "0x60" "test" to read from the chunk "edit" modify the chunk "vulnerable to overflow" "reset" is used to reset the "curr" pointer which points to the currently used level. "remember this" what I got from using the binary to point to a level you have to create a level ...
Read more

[Debug/Exploit CVE-2022-24355] TP-Link TL-WR940N Stack-based Buffer Overflow

-
Image
( بِسْمِ اللَّـهِ الرَّحْمَـٰنِ الرَّحِيمِ ) (إن أحسنت فمن الله، وإن أسأت فمن نفسي والشيطان) We will try to debug and exploit CVE-2022-24355, i wanna thank my friend Sameh ( s4muii ) for his help through this exploit. It was a little bit hard because this is my first time with MIPS. The Exploit on  GitHub . About the Bug TP-Link TL-WR940N router's firmware before v5_211111 is vulnerable to Stack Overflow, the vulnerability in "httpd" binary in function "httpRpmFs" and we can know that from ZDI report (https://www.zerodayinitiative.com/advisories/ZDI-22-265/) we will try to reproduce this finding in firmware "v4_160617" which will be emulated in our device because we do not have the router itself.
Read more