CVE-2023-3519

Indicator of Compromise Scanner for CVE-2023-3519 This repository contains a utility for detecting compromises of Citrix ADC Appliances related to CVE-2023-3519 The utility, and its resources, encode indicators of compromise collected during Mandiant investigations To learn more, please read the blog announcing this tool's release In summary the utility will: do a best

Citrix Scanner for CVE-2023-3519

cve-2023-3519-citrix-scanner This script is a basic Citrix Scanner for CVE-2023-3519 We try to identify vulnerable Citrix Gateways/ADCs by looking at the HTTP headers How it works During our analysis of this vulnerability, we and our friends at CERT-Verbund noticed, that our patched systems had the same HTTP header Last-Modified timestamp Note that reverse proxies and heavil

Python Script to quickly check if a host is running NetScaler Gateway and/or AAA

CitriDish This script is designed to help in identifying potential assets running NetScaler Gateway or AAA In some cases, hosts may have both enabled I've added in the DTCERT's list of patched last-modified headers as a marker for potentially vulnerable assets Please note that modified pages and proxies may interfere with this method Please ensure that you manuall

securityxplodedcom/memory-execution-of-executablephp wwwelasticco/blog/process-ghosting-a-new-executable-image-tampering-attack ponderthebitscom/2018/02/windows-rdp-related-event-logs-identification-tracking-and-investigation/ j00ruvexilliumorg/syscalls/nt/64/ blogcompass-securitycom/2022/11/relaying-to-ad-certificate-services-ov

nse script to identify server vulnerable to CVE-2023-3519

CVE-2023-3519 Citrix Vulnerability NSE Script for Nmap This Nmap NSE script checks for the CVE-2023-3519 vulnerability in Citrix Gateway and Citrix AAA Installation To use this script, you will need to have Nmap installed You can download Nmap from here Copy the cve-2023-3519-checkernse file to your Nmap scripts directory This is typically /usr/share/nmap/scripts/ on a Uni

Accurately fingerprint and detect vulnerable (and patched!) versions of Netscaler / Citrix ADC to CVE-2023-3519

CVE-2023-3519 Inspector The cve_2023_3519_inspectorpy is a Python-based vulnerability scanner for detecting the CVE-2023-3519 vulnerability in Citrix Gateways It performs a passive analysis and fingerprinting of target websites to assess their vulnerability based on a series of checks Recent Updates Added functionality to parse the /vpn/pluginlistxml file to determine mor

CVE-2023-3519 vuln for nuclei scanner

CVE-2023-3519 This Nuclei template checks for the presence of the CVE-2023-3519 vulnerability in a target web server Vulnerability CVE-2023-3519 is a vulnerability that allows unauthenticated remote code execution in the Citrix Application Delivery Controller (ADC) and Gateway appliances An attacker can exploit this vulnerability by sending a specially crafted request to the

CVE-2023-3519

CVE-2023-3519 identify NetScaler (Citrix ADC) servers vulnerable to CVE-2023-3519 Ported to python from githubcom/mr-r3b00t/CVE-2023-3519 Not tested use at your own risk

RCE exploit for CVE-2023-3519

Citrix ADC RCE CVE-2023-3519 This exploit uses addresses and shellcode for Citrix VPX 131-4847 For the full writeup, click here Usage NASM is required to build the shellcode $ sudo apt install nasm The included shellcode will download and run a shell script from a remote http(s) server The script takes 3 arguments: the target host,

Script for checking CVE-2023-3519 for Backdoors

cve-2023-3519-citrix-scanner This script is a basic Citrix Scanner for CVE-2023-3519 We try to identify vulnerable Citrix Gateways/ADCs by looking at the HTTP headers How it works During our analysis of this vulnerability, we and our friends at CERT-Verbund noticed, that our patched systems had the same HTTP header Last-Modified timestamp Note that reverse proxies and heavil

CVE-2023-3519 Because you can run powershell on ur mum's PC without having to install NMAP or PYTHON or tell anyone you run ARCH! ;) x

Citrix ADC RCE CVE-2023-3519 This exploit uses addresses and shellcode for Citrix VPX 131-4847 For the full writeup, click here Usage NASM is required to build the shellcode $ sudo apt install nasm The included shellcode will download and run a shell script from a remote http(s) server The script takes 3 arguments: the target host,

NetScaler (Citrix ADC) CVE-2023-3519 Scanner

CVE-2023-3519 NetScaler (Citrix ADC) CVE-2023-3519 Scanner A simple scanner to find netscalers and look at the las modified date on the HTTP header response this project is a scanner made by me in C# using the source-code of mrr3b00t in powershell

Stack-Overflow on Citrix

Exploit Repository Stack-Overflow on Citrix CVE-2023-3519 Video Demonstration PoC: pocmp4 Disclaimer This code is intended solely for educational purposes and ethical use in understanding security vulnerabilities Any misuse or unauthorized access is strictly prohibited

Awesome Stars A curated list of my GitHub stars! Generated by starred Contents Arduino Assembly C C# C++ CSS Clojure D Dockerfile Eagle Emacs Lisp G-code GAP Go HTML Java JavaScript Jinja Jupyter Notebook Logos Lua Makefile Nix Objective-C Others PHP Pascal Perl PowerShell Python QML Ruby Rust SCSS Shell Smarty Swift TeX TypeScript Vala Verilog Vim Script Vue Arduino sor