Donot Analysis

💳 Purchase Required

You need to purchase an additional CTI license to see detailed indicators.

IOB - Indicator of Behavior (1000)

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Lang

en940
zh22
fr10
es8
ru6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Country

us154
cn30
gb10
ch6
br6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Actors

Donot13
Cobalt Strike8
Sliver4
IcedID3
Mirai3

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Activities

Interest

Timeline

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Type

Not Defined272
Content Management System28
Multimedia Processing Software24
WordPress Plugin18
Router Operating System10

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vendor

Not Defined162
SourceCodester46
Microsoft12
D-Link10
Thomson8

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Product

FFmpeg24
Thomson TCW7108
Microsoft Windows8
Elefant CMS6
V-Zug Combi-Steam MSLQ6

The data in this chart does not reflect real data. It is dummy data, distorted and not usable in any way. You need an additional purchase to unlock this view to get access to more details of real data.

Vulnerabilities

#VulnerabilityBaseTemp0dayTodayExpRemEPSSCTICVE
1My Link Trader out.php sql injection6.35.7$0-$5k$0-$5kProof-of-ConceptNot Defined0.000000.08
2FLDS redir.php sql injection7.37.3$0-$5k$0-$5kHighUnavailable0.002030.13CVE-2008-5928
3LogicBoard CMS away.php redirect6.36.1$0-$5k$0-$5kNot DefinedUnavailable0.000003.83
4hymeleaf-spring5 Template injection6.36.3$0-$5k$0-$5kNot DefinedNot Defined0.049280.04CVE-2021-43466
5Pro2col Stingray FTS cross site scripting5.55.3$5k-$25k$0-$5kNot DefinedOfficial Fix0.000870.09CVE-2008-10001
6FFmpeg cmv_process_header memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.09CVE-2014-125021
7FFmpeg oggparsevorbis.c vorbis_header memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.00CVE-2014-125008
8FFmpeg lag_decode_frame memory corruption7.36.4$0-$5k$0-$5kUnprovenOfficial Fix0.000580.04CVE-2014-125024
9FFmpeg utils.c ff_init_buffer_info memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.04CVE-2014-125016
10FFmpeg read_var_block_data memory corruption7.36.4$0-$5k$0-$5kUnprovenOfficial Fix0.000580.21CVE-2014-125015
11TikiWiki tiki-register.php input validation7.36.6$0-$5k$0-$5kProof-of-ConceptOfficial Fix0.0107510.00CVE-2006-6168
12PHP Link Directory Administration Page index.html cross site scripting4.34.3$0-$5k$0-$5kNot DefinedNot Defined0.003740.51CVE-2007-0529
13Tiki Admin Password tiki-login.php improper authentication8.07.7$0-$5k$0-$5kNot DefinedOfficial Fix0.009362.82CVE-2020-15906
14Dreambox DM500 Web Server input validation7.56.8$25k-$100k$0-$5kProof-of-ConceptWorkaround0.025060.00CVE-2008-3936
15FFmpeg decode_update_thread_context memory corruption7.36.4$0-$5k$0-$5kUnprovenOfficial Fix0.000580.09CVE-2014-125020
16FFmpeg msrle.c msrle_decode_frame memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.09CVE-2014-125013
17FFmpeg decode_pulses memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.09CVE-2014-125025
18FFmpeg jpeg2000dec.c get_siz memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.04CVE-2014-125003
19FFmpeg decode_slice_header memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.12CVE-2014-125018
20FFmpeg Truemotion1 truemotion1_decode_header memory corruption5.34.6$0-$5k$0-$5kUnprovenOfficial Fix0.000550.20CVE-2014-125023

Campaigns (2)

These are the campaigns that can be associated with the actor:

IOC - Indicator of Compromise (51)

These indicators of compromise highlight associated network ressources which are known to be part of research and attack activities.

IDIP addressHostnameActorCampaignsIdentifiedTypeConfidence
15.135.19.26Donot06/01/2021verifiedHigh
25.135.199.0Donot06/01/2021verifiedHigh
337.48.122.145DonotGedit01/19/2022verifiedHigh
437.120.140.211Donot06/01/2021verifiedHigh
537.120.198.208DonotDarkMusical01/19/2022verifiedHigh
637.139.3.130Donot06/01/2021verifiedHigh
737.139.28.208Donot06/01/2021verifiedHigh
845.33.29.133li1046-133.members.linode.comDonot06/01/2021verifiedHigh
945.61.137.7Donot06/01/2022verifiedHigh
1046.101.204.168Donot06/01/2021verifiedHigh
1146.105.40.12ip12.ip-46-105-40.euDonot06/01/2021verifiedHigh
12XX.XX.XX.XXxxxx.xx-xx-xx-xx.xxXxxxx10/18/2022verifiedHigh
13XX.XX.XX.XXXxxxxx.xx-xx-xx-xx.xxXxxxxXxxxxxxxxxx01/19/2022verifiedHigh
14XX.XX.XX.XXXxx.xx.xx.xxx.xxxxx.xxxXxxxx06/01/2021verifiedMedium
15XX.XX.XXX.XXxx-xx-xxx-xx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxx06/01/2021verifiedHigh
16XX.XXX.XXX.XXxxxxx.xxxxxx.xxxXxxxx06/01/2021verifiedHigh
17XX.XXX.X.XXXxxxxXxxxx01/19/2022verifiedHigh
18XX.XXX.X.XXXXxxxx06/01/2021verifiedHigh
19XX.XXX.XX.XXXxxxxx-xxxx.xxXxxxx06/01/2021verifiedHigh
20XX.XX.XXX.XXXxxxx06/01/2021verifiedHigh
21XX.XX.XX.XXXXxxxx06/01/2021verifiedHigh
22XXX.XXX.XXX.XXXXxxxx06/01/2021verifiedHigh
23XXX.XXX.XXX.XXXxxx.xxx.xxx.xxx.xxxxx.xxxXxxxx06/01/2021verifiedMedium
24XXX.XXX.XXX.XXxxx-xxx-xx.xxxxxxx.xxxXxxxx06/01/2021verifiedHigh
25XXX.XXX.XXX.XXXXxxxx06/01/2021verifiedHigh
26XXX.XX.XX.XXXxxxx06/01/2021verifiedHigh
27XXX.XX.XX.XXXxxxx06/01/2021verifiedHigh
28XXX.XX.XX.XXXXxxxx06/01/2021verifiedHigh
29XXX.XX.XXX.XXXXxxxx06/01/2021verifiedHigh
30XXX.XXX.XXX.XXXXxxxx06/01/2021verifiedHigh
31XXX.XXX.XX.XXXxxx-xx-xxx-xxx.xxxxxx.xxxx.xxXxxxx06/01/2021verifiedHigh
32XXX.XX.XXX.XXXXxxxx06/01/2021verifiedHigh
33XXX.XXX.XXX.XXXxxxx06/01/2021verifiedHigh
34XXX.XX.XXX.XXXxxxx06/01/2021verifiedHigh
35XXX.XXX.XXX.XXXXxxxx06/01/2021verifiedHigh
36XXX.XXX.XX.XXXxxxx03/23/2022verifiedHigh
37XXX.XXX.XX.XXXxxx-xxx-xx-xxx.xx.xxxxxxxxxxxxxxxxx.xxxXxxxx06/01/2021verifiedHigh
38XXX.XX.XXX.XXXxxxx06/01/2021verifiedHigh
39XXX.XX.XXX.XXXXxxxx06/01/2021verifiedHigh
40XXX.XX.XXX.XXXXxxxx06/01/2021verifiedHigh
41XXX.XX.XXX.XXXxxxx06/01/2021verifiedHigh
42XXX.XX.XXX.XXXXxxxx06/01/2021verifiedHigh
43XXX.XX.XXX.XXxxxxx.xxx.xxxxxxxxxx.xxxXxxxx06/01/2021verifiedHigh
44XXX.XX.XXX.XXxxxxxx.xxxxxxx.xxxXxxxx06/01/2021verifiedHigh
45XXX.XX.XXX.XXXxxxxxxxx-xxxx.xxxx-xxx.xxxXxxxx06/01/2021verifiedHigh
46XXX.XXX.XXX.XXXXxxxx08/20/2023verifiedHigh
47XXX.XX.XX.XXXxxxx06/01/2021verifiedHigh
48XXX.XXX.XXX.XXxxxxx.xxxXxxxx06/01/2021verifiedHigh
49XXX.XXX.XXX.XXXXxxxx06/01/2021verifiedHigh
50XXX.XXX.XX.XXXxxxx06/01/2021verifiedHigh
51XXX.XXX.XXX.XXXXxxxx06/01/2021verifiedHigh

TTP - Tactics, Techniques, Procedures (23)

Tactics, techniques, and procedures summarize the suspected MITRE ATT&CK techniques used. This data is unique as it uses our predictive model for actor profiling.

IDTechniqueClassVulnerabilitiesAccess VectorTypeConfidence
1T1006CAPEC-126CWE-22, CWE-24, CWE-425Path TraversalpredictiveHigh
2T1040CAPEC-102CWE-319Authentication Bypass by Capture-replaypredictiveHigh
3T1055CAPEC-10CWE-74Improper Neutralization of Data within XPath ExpressionspredictiveHigh
4T1059CAPEC-242CWE-94Argument InjectionpredictiveHigh
5T1059.007CAPEC-209CWE-79, CWE-80Cross Site ScriptingpredictiveHigh
6TXXXXCAPEC-122CWE-XXX, CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxx Xxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
7TXXXX.XXXCAPEC-191CWE-XXXXxxx-xxxxx XxxxxxxxxxxpredictiveHigh
8TXXXXCAPEC-136CWE-XX, CWE-XXXxxxxxx Xxxxx Xx Xxxxxxxxxx Xxxxxxxxxx XxxxxxxxxpredictiveHigh
9TXXXX.XXXCAPEC-178CWE-XXXXxxx XxxxxxxxpredictiveHigh
10TXXXXCAPEC-CWE-XXX7xx Xxxxxxxx XxxxxxxxpredictiveHigh
11TXXXXCAPEC-CWE-XXXXxxxxxxxxx XxxxxxpredictiveHigh
12TXXXXCAPEC-108CWE-XXXxx XxxxxxxxxpredictiveHigh
13TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxx XxxxxxxxxxxxxpredictiveHigh
14TXXXXCAPEC-50CWE-XXX, CWE-XXXXxxxxxxxxxx XxxxxxxxxxpredictiveHigh
15TXXXXCAPEC-38CWE-XXXXxxxxxxxx Xxxxxx XxxxpredictiveHigh
16TXXXX.XXXCAPEC-CWE-XXXXxxxxxxx Xxxxxx XxxxpredictiveHigh
17TXXXX.XXXCAPEC-459CWE-XXXXxxxxxxx Xxxxxxxxxxx XxxxxxxxxxpredictiveHigh
18TXXXX.XXXCAPEC-133CWE-XXXXxxxxxxxpredictiveHigh
19TXXXXCAPEC-116CWE-XXXXxxxxxxxxx Xx Xxxxxxx Xxxxx Xxxxxxx Xxxxxxxxx XxxxxxxxxxxpredictiveHigh
20TXXXX.XXXCAPEC-CWE-XXXxxxxxxxxxxxxpredictiveHigh
21TXXXXCAPEC-157CWE-XXX, CWE-XXX, CWE-XXXXxxxxxxxxxxxx XxxxxxpredictiveHigh
22TXXXX.XXXCAPEC-112CWE-XXX, CWE-XXXXxx Xxxxxxxxxx XxxxxpredictiveHigh
23TXXXX.XXXCAPEC-1CWE-XXXXxxxxxxxxx Xxxxxxxxxxxxxx Xx Xxxxxxxx Xxxx XxxxxxxxxpredictiveHigh

IOA - Indicator of Attack (379)

These indicators of attack list the potential fragments used for technical activities like reconnaissance, exploitation, privilege escalation, and exfiltration. This data is unique as it uses our predictive model for actor profiling.

IDClassIndicatorTypeConfidence
1File/about.phppredictiveMedium
2File/adminpredictiveLow
3File/admin/?page=inmates/view_inmatepredictiveHigh
4File/admin/?page=system_infopredictiveHigh
5File/admin/?page=system_info/contact_infopredictiveHigh
6File/admin/add_exercises.phppredictiveHigh
7File/admin/conferences/get-all-status/predictiveHigh
8File/admin/conferences/list/predictiveHigh
9File/admin/countrymanagement.phppredictiveHigh
10File/admin/edit.phppredictiveHigh
11File/admin/general/change-langpredictiveHigh
12File/admin/group/list/predictiveHigh
13File/admin/lab.phppredictiveHigh
14File/admin/new-contentpredictiveHigh
15File/Admin/News.phppredictiveHigh
16File/admin/renewaldue.phppredictiveHigh
17File/admin/sign/outpredictiveHigh
18File/admin/usermanagement.phppredictiveHigh
19File/adminPage/conf/saveCmdpredictiveHigh
20File/admin_route/inc_service_credits.phppredictiveHigh
21File/aqpg/users/login.phppredictiveHigh
22File/artist-display.phppredictiveHigh
23File/backups/predictiveMedium
24File/bcms/admin/?page=user/listpredictiveHigh
25File/cardo/apipredictiveMedium
26File/catcompany.phppredictiveHigh
27File/CCMAdmin/serverlist.asppredictiveHigh
28File/cgi-bin/cstecgi.cgipredictiveHigh
29File/cgi-bin/editBookmarkpredictiveHigh
30File/cgi-bin/system_mgr.cgipredictiveHigh
31File/cgi-bin/touchlist_sync.cgipredictiveHigh
32File/cgi-bin/wlogin.cgipredictiveHigh
33File/cimompredictiveLow
34File/ci_spms/admin/categorypredictiveHigh
35File/classes/Users.php?f=savepredictiveHigh
36File/cwms/admin/?page=articles/view_article/predictiveHigh
37File/cwms/classes/Master.php?f=save_contactpredictiveHigh
38File/dashboard/add-blog.phppredictiveHigh
39File/dashboard/add-portfolio.phppredictiveHigh
40File/dashboard/settingspredictiveHigh
41File/downloadmaster/dm_apply.cgi?action_mode=initial&download_type=General&special_cgi=get_languagepredictiveHigh
42File/envpredictiveLow
43File/film-rating.phppredictiveHigh
44File/forum/away.phppredictiveHigh
45File/xxxxx/xxxxxxxx-xxxxxxx.xxxpredictiveHigh
46File/xxxxxx/xxxx_xxxxxxx_xxxx_xxxpredictiveHigh
47File/xxxxxx/xxxxxxpredictiveHigh
48File/xxxxxx/xxxxxxpredictiveHigh
49File/xxxxxx/xxxxxxxxxxxxpredictiveHigh
50File/xxxxxx/xxxxxxpredictiveHigh
51File/xxxxxx/xxxxxxxxxx.xxxpredictiveHigh
52File/xxxxxx/xxxxxxxxxxxxxxxxxpredictiveHigh
53File/xxxxxx/xxxxxxxxxxxxxxxxxxpredictiveHigh
54File/xxxxxx/xxxxxpredictiveHigh
55File/xxxxxxxxxxxxxxx/xxxxx.xxxpredictiveHigh
56File/x/predictiveLow
57File/xxxxx/xxx/xxxxxx.xxxpredictiveHigh
58File/xxxxx.xxxpredictiveMedium
59File/xxxxx.xxxpredictiveMedium
60File/xxx/xxxxxxxx.xxxpredictiveHigh
61File/xxxxx.xxxpredictiveMedium
62File/xxxx.xxxpredictiveMedium
63File/xxxx_xxxxx.xxx?xxxx=x&xxxxxxxxxxx=xx-xxxxx&xxx=/xxxxxxxxxxxxxx/xxxx.xxxpredictiveHigh
64File/xxxxxx-xxxxxxxxx.xxxpredictiveHigh
65File/xxxxxxxxxx/xxx/xxx_xxxxxxxxxx/xxxxxx_xxxxxx_xxxxxpredictiveHigh
66File/xxxxxxxxx.xxxpredictiveHigh
67File/xxxx/xxx/xxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
68File/xxxx/xxxxx.xxxpredictiveHigh
69File/xxxxxxxxxxxxx.xxxxpredictiveHigh
70File/xxxxx.xxxpredictiveMedium
71File/xxxxx/xxxxx/xxxxx.xxxpredictiveHigh
72File/xxxxx/xxxxx/xxxxx.xxx?xxxx_xxxxxxxxxpredictiveHigh
73File/xxxxx/xxxxx/xxxxx.xxxpredictiveHigh
74File/xxxxxxx.xxxpredictiveMedium
75File/xxx/xxxxxxxxxx.xxxpredictiveHigh
76File/xxx_xxxxxx/xxxxxxxxxxxxx.xxxpredictiveHigh
77File/xxx_xxxxxx/xxxxxxxxxxxx.xxxpredictiveHigh
78File/xxx.xxxpredictiveMedium
79File/xxxxx/xxxxx_xxxxx.xxxpredictiveHigh
80File/xxx/xxxx.xxxpredictiveHigh
81File/xxxxxxx.xxxpredictiveMedium
82File/xxxx/xxxxx/xxxxxx/xxxxxx_xxxxx.xxxpredictiveHigh
83File/xxxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
84File/xx/x/predictiveLow
85File/xxxx-xxxxxx-xxxxxx/xxxxxx_xxxxxxxx.xxxpredictiveHigh
86File/xxxxxxxx.xxxpredictiveHigh
87File/xxx_xxxxxxxxxxx_xxxxxx/xxxxxxxxxxx/xxx_xxxxx.xxxpredictiveHigh
88File/xxxx/xxxxx/predictiveMedium
89File/xxxx/xxxxxxx/xxxxx.xxx?x=xxxx_xxxxpredictiveHigh
90File/xxxxxpredictiveLow
91File/xxxxxxx/xxxxx/xxxxxxpredictiveHigh
92File/xxxxxxxxx/xxxxx.xxxpredictiveHigh
93File/xxxxxxxxxxxxxxx/xxxxx/xxxxxxxxxxxxxxx.xxxpredictiveHigh
94File/xxxxx.xxxpredictiveMedium
95File/xxxxxxxxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
96File/xxxx/xxxxxxxxxx.xxxpredictiveHigh
97File/xxxxxxx/xxxx.xxxpredictiveHigh
98File/xxxxx-xxx/xxxxx.xxxpredictiveHigh
99File/xxx/xxxx/_xxxxxxxx/xxxxxxxxxxxxx.xxx.xxxpredictiveHigh
100File/xxxx/?xxxx=xxxxxxx_xxpredictiveHigh
101File/xxxx/?xxxx=xxxxxx_xxxxxxxpredictiveHigh
102File/xxxx/xxxxx/?xxxx=xxxxpredictiveHigh
103File/xxxxxxx/?/xxxxx/xxxx/xxxpredictiveHigh
104File/xx/?xxxxx_xx=x&xxxxx_xx_xxxxxx=xxxxxxx&x=xxxxxxxx&xxxxx=x&xxxxx_xxxxx=x&xxxxxx=xxxxxxxxxx&xx=xpredictiveHigh
105File/xxx/xxxxx/xxxxxx_xxxx/xxxx_xxxxxxxx?xxxx=xxxxxxxxxpredictiveHigh
106Filexxxxxx-xxxxxxx.xxxpredictiveHigh
107Filexxxxxxx.xxxpredictiveMedium
108Filexxx_xxxx_xxxxxxxx.xxxpredictiveHigh
109Filexxxxx/?xxxx=xxxxxxxxpredictiveHigh
110Filexxxxx/xxx/xxxxxxxxxxxxpredictiveHigh
111Filexxxxx/xxxxxxxxxxx/xxxxxx_xxxxxxxxxx.xxxpredictiveHigh
112Filexxxxx/xxxxx.xxxpredictiveHigh
113Filexxxxx/xxxxxx-xxxxxx.xxxpredictiveHigh
114Filexxxxx_xxxxx.xxxpredictiveHigh
115Filexxxxx_xxxxxxxxx.xxpredictiveHigh
116Filexxxxx.xxxpredictiveMedium
117Filexxx_xxxxx.xxxpredictiveHigh
118Filexxxxxxxx.xxxpredictiveMedium
119Filexxxxxxxxxx.xxxpredictiveHigh
120Filexxxxxxx.xxpredictiveMedium
121Filexxxxxxx_xxx/xxxxxx_xxxxxx.xxxpredictiveHigh
122Filexxxxxxxxx.xpredictiveMedium
123Filex:\xxxxxxx xxxxx\xxxxxxxxx xxx xxxxxx\xxxxxxxxx.xxxpredictiveHigh
124Filexxx-xxx/xxx/xxxxxxxx_xxx.xxxpredictiveHigh
125Filexxxxxxxxx.xxxpredictiveHigh
126Filexxxxxxxxxx_xxxxx.xxxpredictiveHigh
127Filexxxxx.xxxpredictiveMedium
128Filexxxxxxxx_xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
129Filexxxxxxxxxx.xxxpredictiveHigh
130Filexxxxxxxxx.xxpredictiveMedium
131Filexxxxxx_xxxxx.xxxpredictiveHigh
132Filexxx_xxxxxx_xxxx_xxxxxx.xpredictiveHigh
133Filexxxxxxxxxxxxx.xxxpredictiveHigh
134Filexxxxxxxxxxxxxx.xxxpredictiveHigh
135Filexxxxxxxx.xxxpredictiveMedium
136Filexxxx_xxx_xxxx.xxxpredictiveHigh
137Filexxxx_xxxx_xxx.xxxpredictiveHigh
138Filexxxxx.xxxpredictiveMedium
139Filexxxx.xxxpredictiveMedium
140Filexxxx.xxxpredictiveMedium
141Filexxxxxxxx.xpredictiveMedium
142Filexxxxxx/xxxxxx/xx/xxx_xxxxxx_xxxx_xxx.xxxpredictiveHigh
143Filexxxx.xxxpredictiveMedium
144Filexxxxxxxx-xxxxx-xxxxxxxx.xpredictiveHigh
145Filexxxxxxxxxx/xxxxxxxxxx/xxxxxxxx/xxxxxxxxxxxxxxxxxxx.xxxpredictiveHigh
146Filexxx/xxxxxx.xxxpredictiveHigh
147Filexxxxx.xxxxpredictiveMedium
148Filexxxxx.xxxpredictiveMedium
149Filexxxxx.xxx/xxxxxxxxxx/xxx_xxxxxxxxpredictiveHigh
150Filexxxx_xxxx.xxxpredictiveHigh
151Filexxxxxxx/xxxxxxxx.xxxpredictiveHigh
152Filexxxxxxx.xxxxx/xxx_xxxxxx.xxxpredictiveHigh
153Filexxx.xxxpredictiveLow
154Filexxxxxx\xxxxxxxxx\xxxxxx\xxxxxxx\xxxxxxxxxpredictiveHigh
155Filexxxxxxxxxx/xxxx.xpredictiveHigh
156Filexxxxxxxxxx/xxxxxxxx.xpredictiveHigh
157Filexxxxxxxxxx/xxxxxx.xpredictiveHigh
158Filexxxxxxxxxx/xxx.xpredictiveHigh
159Filexxxxxxxxxx/xxxx.xpredictiveHigh
160Filexxxxxxxxxx/xxxxxxxx_xxxxxxxx.xpredictiveHigh
161Filexxxxxxxxxx/xxxxxxxxxxx.xpredictiveHigh
162Filexxxxxxxxxx/xxxxxxxxxxxxx.xpredictiveHigh
163Filexxxxxxxxxx/xxxxx.xpredictiveHigh
164Filexxxxxxxxxx/xxxx.xpredictiveHigh
165Filexxxxxxxxxx/xxxx.xpredictiveHigh
166Filexxxxxxxxxxx/xxxxxxxxxxxxxx.xpredictiveHigh
167Filexxx.xxxpredictiveLow
168Filexxxxx.xxxpredictiveMedium
169Filexxxxxx.xxxpredictiveMedium
170Filexx/xxxx.xxxpredictiveMedium
171Filexxx.xxxpredictiveLow
172Filexxxxxx.xxxpredictiveMedium
173Filex=xxxxxxxpredictiveMedium
174Filexxxx/xxxxxx/xxxxxx/xxxxxxxxpredictiveHigh
175Filexxxx.xxxxpredictiveMedium
176Filexxxxxxxxx.xxxxpredictiveHigh
177Filexxxxx.xxxpredictiveMedium
178Filexxxxx.xxxpredictiveMedium
179Filexxxxxxxx.xxxpredictiveMedium
180Filexxxxxxxxxx.xxxpredictiveHigh
181Filexxxxxxxx.xxxpredictiveMedium
182Filexxxxxxxx.xxx?xxxx=xxxxxxxxxxxpredictiveHigh
183Filexxxxxxxxxx.xxxpredictiveHigh
184Filexxxxxx.xxxpredictiveMedium
185Filexxxxxxx.xxxpredictiveMedium
186Filexx_xxx.xxpredictiveMedium
187Filexxxxx.xxxpredictiveMedium
188Filexxxxxxxxxxxxxxx.xxxpredictiveHigh
189Filexxxx-xxxxxxxx.xxxpredictiveHigh
190Filexxxxxxxx-xxxxxxxxxxx.xxxpredictiveHigh
191Filexxxxxxx/xxxxxxxx.xxxpredictiveHigh
192Filexxxxxxx.xxpredictiveMedium
193Filexxxx-xxxxx.xxxpredictiveHigh
194Filexxxx-xxxxxxxx.xxxpredictiveHigh
195Filexxxxxxxxxx.xxxpredictiveHigh
196Filexxxxxx_xxxxxxxx_xxxx.xxxpredictiveHigh
197Filexxxx/xxx-xxx.xxxpredictiveHigh
198Filexxx.xxxpredictiveLow
199Filexxxxxxx/xxxxxxxxxxxxxxxxx.xxxpredictiveHigh
200Filexxxxxxx/xxxxxxx.xxxpredictiveHigh
201Filexxxxx.xpredictiveLow
202Filexxxx/xxxxxxxx.xxxpredictiveHigh
203Filexxxxxxx/xxxxx/xxxxx.xxxxpredictiveHigh
204Filexx-xxxxx/xxxxx.xxxpredictiveHigh
205Filexx-xxxx.xxxpredictiveMedium
206File_xxxxxxxx/xxxxxxxxx/xxxxxx.xxxpredictiveHigh
207File~/xxxxxx-xxxx.xxxpredictiveHigh
208File~/xxxxxxxx-xxxxxxxx.xxxpredictiveHigh
209Library/_xxx_xxx/xxxxx.xxxpredictiveHigh
210Libraryxxxxxx.xxxpredictiveMedium
211Libraryxxxxxxxxxxx.xxxpredictiveHigh
212Libraryxxxxx.xxxpredictiveMedium
213Libraryxxxxxxx/xxx/xxxxxxxxx/xxxxx_xxxxxxx.xxxpredictiveHigh
214Libraryxxxxxxxxxxx.xxxpredictiveHigh
215Libraryxxxxxx/x/xxxxxxxxpredictiveHigh
216Argument--xx xxxpredictiveMedium
217Argument?xxxx_xxxx=xxxxxxx.xxx/xxxx=xxxxxx/xxx=xxx+/xxx/.xxxxxxxx/xxxxxxx=//xxxxxxxxxxxxxx.xxx=xpredictiveHigh
218Argumentxx/xxpredictiveLow
219ArgumentxxxpredictiveLow
220ArgumentxxxxxpredictiveLow
221Argumentxxxxx_xxxxx/xxxxx_xxxxpredictiveHigh
222Argumentxxxxx_xxxxpredictiveMedium
223ArgumentxxpredictiveLow
224Argumentxxxxxxxxx xxxxxxpredictiveHigh
225ArgumentxxxxxxpredictiveLow
226ArgumentxxxxxxxxpredictiveMedium
227ArgumentxxxxxxxxxxxxxxxxxxxxxxxpredictiveHigh
228ArgumentxxxxxxxxpredictiveMedium
229Argumentxxxx_xxpredictiveLow
230Argumentxxxx_xxpredictiveLow
231ArgumentxxxxxxxxxxpredictiveMedium
232Argumentxxxxxxx_xxxxx_xxpredictiveHigh
233ArgumentxxxxxpredictiveLow
234Argumentxxxxxxxxxxx/xxxxx/xxxxxxxxxxxxxx/xxxxxxxxxxxxpredictiveHigh
235ArgumentxxxxxxpredictiveLow
236ArgumentxxxxxxxpredictiveLow
237Argumentxxxx/xxxxpredictiveMedium
238Argumentxxxxxxxx_xxxx_xxxxxx/xxxxxxx_xxxxxx/xxxxxxx_xxxxxx_xxxxxx/xxxxxxx_xxxx_xxxxxxpredictiveHigh
239ArgumentxxxxpredictiveLow
240ArgumentxxxxxpredictiveLow
241ArgumentxxxxxxxxxxxxpredictiveMedium
242Argumentxxx_xxxxxxxxxxxxxxxxpredictiveHigh
243ArgumentxxxxxxxxxxxpredictiveMedium
244ArgumentxxxxpredictiveLow
245ArgumentxxxxxxxxpredictiveMedium
246ArgumentxxxpredictiveLow
247ArgumentxxxxxxpredictiveLow
248ArgumentxxxxxxxxpredictiveMedium
249Argumentxxxxxxxx_xxpredictiveMedium
250Argumentxxxxxx/xxxxxxpredictiveHigh
251Argumentxxxx_xxxxpredictiveMedium
252ArgumentxxxpredictiveLow
253ArgumentxxxxxpredictiveLow
254Argumentxxxxx/xxxxxxxxpredictiveHigh
255Argumentxxxxxxxxxxxx/xxxxxxxxxxxxxxpredictiveHigh
256ArgumentxxxxxpredictiveLow
257ArgumentxxxxxxxxpredictiveMedium
258ArgumentxxxxpredictiveLow
259Argumentxxxx_xxxpredictiveMedium
260ArgumentxxxxpredictiveLow
261Argumentxxxx_xxxxxxpredictiveMedium
262Argumentxxxxx xxxx/xxxx xxxxpredictiveHigh
263Argumentxxxxx xxxx/xxxxxx xxxx/xxxx xxxxpredictiveHigh
264Argumentxxxxx_xxxxpredictiveMedium
265Argumentxxxxx_xxxx/xxxxxx_xxxx/xxxxxxxpredictiveHigh
266Argumentxxxx/xxpredictiveLow
267ArgumentxxxxpredictiveLow
268Argumentxxxxx_xxpredictiveMedium
269Argumentxxxxxxxxxxxxx/xxxxxxxpredictiveHigh
270ArgumentxxxpredictiveLow
271ArgumentxxpredictiveLow
272ArgumentxxpredictiveLow
273ArgumentxxxxxxxxxpredictiveMedium
274Argumentxx_xxxxxxxxpredictiveMedium
275Argumentxx_xxxxxxxxxpredictiveMedium
276ArgumentxxxxxpredictiveLow
277ArgumentxxpredictiveLow
278Argumentxxxxxxxx[xx]predictiveMedium
279Argumentxxxx[]predictiveLow
280Argumentxxxxxxxx_xxxpredictiveMedium
281ArgumentxxxxpredictiveLow
282ArgumentxxxxxpredictiveLow
283Argumentxxxxx_xxpredictiveMedium
284ArgumentxxxxpredictiveLow
285ArgumentxxxxxxxpredictiveLow
286Argumentxxxxxxxxx_xxxxxxxx_xxxxpredictiveHigh
287ArgumentxxxxpredictiveLow
288ArgumentxxxxpredictiveLow
289ArgumentxxxxxxxxxpredictiveMedium
290Argumentxxxxx_xx/xxxxxpredictiveHigh
291ArgumentxxxxpredictiveLow
292ArgumentxxxxxxxxpredictiveMedium
293ArgumentxxxxxxxpredictiveLow
294ArgumentxxxxxxxxxxxxxpredictiveHigh
295Argumentxxxx-xxxxxxxpredictiveMedium
296ArgumentxxxxxxxxxxxpredictiveMedium
297ArgumentxxxxxxxxxxxpredictiveMedium
298Argumentxxxxxxxx_xxxpredictiveMedium
299ArgumentxxxxxxxxxxpredictiveMedium
300Argumentxxxxxxxx_xxxpredictiveMedium
301ArgumentxxxpredictiveLow
302ArgumentxxxxxxxxpredictiveMedium
303Argumentxxxxxx/xxxxxx_xxxxxxpredictiveHigh
304ArgumentxxxxxxxpredictiveLow
305ArgumentxxxxxxxpredictiveLow
306ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
307ArgumentxxxpredictiveLow
308ArgumentxxxxxpredictiveLow
309ArgumentxxxxxxpredictiveLow
310ArgumentxxxxxpredictiveLow
311ArgumentxxxxpredictiveLow
312ArgumentxxxxpredictiveLow
313ArgumentxxxxxxxxxxxxxxxxxxxxpredictiveHigh
314Argumentxxxxxxx/xxxxxxxx/xxxxxxxxxxxpredictiveHigh
315Argumentxxx_xxxxpredictiveMedium
316Argumentxxx_xxxxxpredictiveMedium
317ArgumentxxxxxxpredictiveLow
318ArgumentxxxxxxxxxpredictiveMedium
319Argumentxxxxx_xxxpredictiveMedium
320ArgumentxxxxxpredictiveLow
321ArgumentxxxpredictiveLow
322Argumentxxxxxxxxxxx/xxxxxxxxxxx/xxxxxxxxxxxpredictiveHigh
323ArgumentxxxxxxxxpredictiveMedium
324ArgumentxxxxxpredictiveLow
325ArgumentxxxxxpredictiveLow
326ArgumentxxxxxpredictiveLow
327ArgumentxxxxxpredictiveLow
328Argumentxxxxxx_xxxpredictiveMedium
329ArgumentxxxpredictiveLow
330ArgumentxxxxxxxxpredictiveMedium
331ArgumentxxxxxxxxpredictiveMedium
332Argumentxxxxxxxx/xxxxpredictiveHigh
333Argumentxxxxxxxx/xxxxxxxxpredictiveHigh
334Argumentxxxxxxxx/xxxxxxpredictiveHigh
335Argumentxxxx_xxxxxpredictiveMedium
336Argumentxxxx_xxxxxpredictiveMedium
337Argumentxxxxxxx_xxxxpredictiveMedium
338ArgumentxxxxpredictiveLow
339Argumentxxx_xxxxxpredictiveMedium
340Argumentx-xxxxxxxxx-xxxpredictiveHigh
341Argument_xpredictiveLow
342Input Value"><xxxxxx>xxxxx("xxx")</xxxxxx>predictiveHigh
343Input Value"><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
344Input Value%xx%xx%xxxxx%xxxxx=x%xxxxxxxxx=xxxxx(x)%xxpredictiveHigh
345Input Value' xxx (xxxxxx * xxxx(xxxxxx(xxxxx(xx)))xxx) xxx 'xxx' = 'xxxpredictiveHigh
346Input Value'||(xxxxxx xxxxxxxxxx xxxxx xxxx=xxxx xxx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x))||'predictiveHigh
347Input Value'||x=x#predictiveLow
348Input Value-x%xxxxxxx%xxxxx%xxxxxxxx%xxx,x,x,x,xxxxxxxx()predictiveHigh
349Input Value-xxxx%xx%xxxxxxx%xxxxx%xxxxxxxx%xxxxxx,xxxxxxxx(),xxxx(),xxxx,xxxx,xxxx,xxxx--%xx-predictiveHigh
350Input Value/'-xxxxx(xxxxxxxx.xxxxxx)-'x/x/x/predictiveHigh
351Input Valuex%xx%xxxxx%xxx=x%xxxxxxx%xxxxxxxx%xxx,xxxx(),x,x,x,x,x,x,x,x,xxxxxxxx(),x,x,x,x,x,x,x,x,x,x,x,x,x--+predictiveHigh
352Input Valuex' xxxxx xxx xxxxxx xxxx,xxxx,xxxx,xxxx,xxxx,xxxxxx(xxxxxxxxxxxx,xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx,xxxxxxxxxxxx),xxxx,xxxx,xxxx,xxxx#predictiveHigh
353Input Valuex\"><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
354Input Valuex' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
355Input Valuexxx@xx.xxx' xx (xxxxxx xxxx xxxx(xxxxxx xxxxx(*),xxxxxx(xxxxxxxxxxxx,(xxxxxx (xxx(xxxx=xxxx,x))),xxxxxxxxxxxx,xxxxx(xxxx(x)*x))x xxxx xxxxxxxxxxx_xxxxxx.xxxxxxx xxxxx xx x)x)-- xxxxpredictiveHigh
356Input Valuexxxx%xx%xxxxx%xx(xxxxxx%xxxxxx%xxxxxx%xx(xxxxxx(xxxxx(x)))xxxx)%xxxxx%xx%xxxxxx%xx=%xxxxxxpredictiveHigh
357Input Valuexxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' xxx xxxx=xxxx xxx 'xxxx'='xxxxpredictiveHigh
358Input ValuexxxxxxxxpredictiveMedium
359Input ValuexxxxxxxxxxxxxxxxpredictiveHigh
360Input Value</xx><xxx xxx="" xxxxxxx="xxxxx(x)"><xx>xpredictiveHigh
361Input Value</xxxxx><xxx xxx=xx xxxxxxx=xxxxx(x)>predictiveHigh
362Input Value</xxxxx><xxxxxx>xxxxx(xxxxxxxx)</xxxxxx>predictiveHigh
363Input Value<?xxx xxxxxxx();?>predictiveHigh
364Input Value<xxx%xxxxx='xxxx://xxx.xxxx.xx/xxxx.xxx'%xxxxxxx='xxxxxx:%xxxxx%xxxxxxx%xxxxxxx;'>predictiveHigh
365Input Value<xxx xxx="" xxxxxxx="xxxxx(x)">predictiveHigh
366Input Value<xxxxxx>xxxxx(x);</xxxxxx>predictiveHigh
367Input Value<xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
368Input Value><xxxxxx>xxxxx(x)</xxxxxx>predictiveHigh
369Input Valuexxxxx%'/**/xxx/**/(xxxxxx/**/xxxx/**/xxxx/**/(xxxxxx(xxxxx(x)))xxxx)/**/xxx/**/'xxxx%'='xxxxpredictiveHigh
370Input Valuexxxxx%'/**/xxx/**/(xxxxxx/**/xxxx/**/xxxx/**/(xxxxxx(xxxxx(x)))xxxx)/**/xxx/**/'xxxx%'='xxxxpredictiveHigh
371Input Valuexxx%xx(xxxxxx*xxxx(xxxxxx(xxxxx(x)))x)predictiveHigh
372Input Valuexxx "><xxx xxx="" xxxxxxx="xxxxx(xxxxxxxx.xxxxxx)">predictiveHigh
373Input Valuexxxx</xxxxx><xxxxxx>xxxxx("xxxx")</xxxxxx><xxxxx>predictiveHigh
374Input Valuexxxxxxx -xxxpredictiveMedium
375Input ValuexxxxxxxxpredictiveMedium
376Network Portxxx/xxxxpredictiveMedium
377Network Portxxx/xxxxxpredictiveMedium
378Network Portxxx/xxxxxpredictiveMedium
379Network Portxxx xxxxxx xxxxpredictiveHigh

References (7)

The following list contains external sources which discuss the actor and the associated activities:

PreviousOverviewNext

Interested in the pricing of exploits?

See the underground prices here!