0
0
1
0
#OpenDir
Latest posts tagged with #OpenDir on Bluesky
Trending
Posts tagged #OpenDir
1
0
1
0
0
1
1
0
🚨 #React2Shell #Exploit (CVE-2025–55182)
Found #OpenDir!
☢️Big names like Porsche,Starbucks, OpenAI,SoundCloud on the list!
154.61.77.105 🇮🇳
🎯21 Fintech companies🏦
🎯14 Food & Beverage🍲
Report
theravenfile.com/2025/12/12/r...
#CyberSecurity #Infosec #OSINT #DarkWeb #DeepWeb #Malware #Cryptomining
0
0
0
0
#malware #opendir #xloader (small one works, big one not so much) at:
https://royfils\\.com/encrypt/
2cd9b8fb88e7cbbc5c049441fb61e0aea7be23dc7aa2c109c13abefe7a2ac943
4733feaca04e871d4e0bb052f2437a2f46f10852602ea4f8b2f0170f4838dd87
0
0
0
0
0
0
1
0
Back in the rest of the #opendir, uploads/ is used by app.py, I don't see where downloads_cache is used, but similar agent-[0-9]+ structure. The SANS PDF "All-books-in-oneSANSSEC670RedTeamingTools-DevelopingCustomToolsforWindows.pdf" may be the inspiration behind app.py/agent.go
1
0
0
0
Interesting #OpenDir on #QuasarRat C2 server 185.208.159[.]161:8000 . The open web directory includes source code for a backdoor + misc development artifacts.
https://platform.censys.io/hosts/185.208.159.161
https://search.censys.io/hosts/185.208.159.161
#malware #thread 🧵
1
0
5
0
0
0
0
0
#opendir 🇨🇳
1.94.184[.]17:8000
Huawei Cloud AS55990
.jsp Godzilla Web Shell
6d403c3fc246d6d493a6f4acc18c1c292f710db6ad9c3ea2ff065595c5ad3c5b
/poc.xml contents
wqtzskzmtp[.]zaza[.]eu[.]org
101.33.34[.]170
Tencent AS132203
7
1
1
0
#malware #opendir ultimately #venomrat + #hvnc:
https://carltonsfile\\.com/mor1/ -> https://paste\\.ee/d/c7nSA2yM/0
c2: 109.248.144.175:4449
4541fd01a19f1e484f24eff86f42ac36ea9b30686fd405ca0a50f3e517657a61
0
0
0
0
1
0
2
0
0
2
0
0
Unknown stealer botnet C2 targeting LATAM, having #opendir
👉https://urlhaus.abuse.ch/host/almeida.clientepj.com/
1
1
0
0
#apt #pk linux malware targeting Indian Government
"Help Manual for NIC & GOV Email ID Creation.pdf.desktop"
#opendir dropping poseidon c2 146.190.248.108
ef2056a6724ad654e3c36234863ab34b9e0e6fa3e6f31340682c37dc2c5cb32e
decoy:
1
2
0
0
If you're not blocking trycloudflare\\.com at the perimeter, now's the time: #opendir 's:
em-ash-announcements-alpha.trycloudflare\\.com/1DSAHJKSA/ ->
https://did-efficiency-than-lenses.trycloudflare\\.com ->
reached-theoretical-regular-impact\\.trycloudflare.com
0
1
1
0
If you're not blocking trycloudflare\.com at the perimeter, now's the time: #opendir 's:
https:// em-ash-announcements-alpha.trycloudflare\.com/1DSAHJKSA/ ->
https:// did-efficiency-than-lenses.trycloudflare\.com ->
https:// reached-theoretical-regular-impact\.trycloudflare.com
2
1
1
0
same #apt group. empty #opendir on base domain
508.rar
dd9c12a4ef99f2f032f9099a4560f1072e053d18169cd672448270321a9b98bc
Letter Forward to Cabinet Division.pdf .exe
fc0c2e389eb3be3f041f84e1a89ba93d40374109cd20a2395b68f8c698c788a0
connect.cloudeexplorer[.]com:8443
1
0
1
0
Login portal from a phishing kit, code indicates possible PayPal phishing
Recently deployed #Phishing kit on mapusdl[.]wpenginepowered[.]com. Looks like it's still being tested by the villain. #phishkit #opendir #phishingkit #ThreatIntel #OSINT
0
0
1
0
#opendir with lots of PowerShell fun (spreading #FormBook it seems) ⤵️
urlhaus.abuse.ch/host/87.120....
2
1
0
0
There's something about signing your name like this that screams BEC #dailyphish #lnk
cpa[.]zip -> lnk -> ... #opendir so just grab yourselves from 38.255.44[.]11
1
0
0
0
0
0
0
0
#webshell #opendir #netsupport #rat at:
appointedtimeagriculture\\.com/wp-includes/blocks/post-...
GatewayAddress=95.179.158.213:443
RADIUSSecret=dgAAAPpMkI7ke494fKEQRUoablcA
0
0
0
0
#webshell #opendir #netsupport #rat at:
https:// appointedtimeagriculture\.com/wp-includes/blocks/post-content/
GatewayAddress=95.179.158.213:443
RADIUSSecret=dgAAAPpMkI7ke494fKEQRUoablcA
0
0
0
0
image
💡No #opendir? Why don't you check for .DS_Store files listing the structure ?
Our scans found 11,856,006 IPs and DNS exposing the file.
Link: leakix.net/search
Ref: https://0day.work/parsing-the-ds_store-file-format/
0
0
0
0
#opendir at:
https:// superior-somalia-bs-leisure.trycloudflare\\.com ->
http:// jsnybsafva\\.biz:8030
0
0
1
0
#opendir at:
https:// superior-somalia-bs-leisure.trycloudflare\.com ->
http:// jsnybsafva\.biz:8030
4
1
1
0
Customized proposal (2).rar
rar -> LNK+PS, pulling down 20MB+ next stages, with an #opendir
14aa9c1113184d439d6f65c6c55c1bfa3654c113f7ed164d92f0b439e2134342
3
0
0
0