Esystematic Technologies

24/09/2025

Managing your business has never been this easy!
Whether you run a Restaurant, Shoe Shop, Pharmacy, Auto Parts Store, Clothing Store, or Mart – our E-Systematics POS software helps you:
✅ Speed up billing
✅ Track sales & stock
✅ Manage expenses
✅ Boost efficiency

💻 One solution for all types of businesses!

📞 Call Now: 0334-5266444

18/09/2023

Surf - Escalate Your SSRF Vulnerabilities On Modern Cloud Environments - https://esystematics.com/blog/?p=3672&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog

surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to each host, collecting all the hosts that did not respond, and then filtering them into a list of externally facing and internally facing hosts. You can then attempt these hosts wherever an SSRF vulnerability may be present. Due to most SSRF filters only focusing on internal or restricted IP ranges, you'll be pleasantly surprised when you get SSRF on an external IP that is not accessible via HTTP(s) from your machine. Often you will find that large companies with cloud environments will have external IPs for internal web apps. Traditional SSRF filters will not capture this unless these hosts are specifically added to a blacklist (which they

surf allows you to filter a list of hosts, returning a list of viable SSRF candidates. It does this by sending a HTTP request from your machine to each host, collecting all the hosts that did not respond, and then filtering them into a list of externally facing and internally facing hosts. You can t...

17/09/2023

Promptmap - Automatically Tests Prompt Injection Attacks On ChatGPT Instances - https://esystematics.com/blog/?p=3669&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to do unintended actions. promptmap is a tool that automatically tests prompt injection attacks on ChatGPT instances. It analyzes your ChatGPT rules to understand its context and purpose. This understanding is used to generate creative attack prompts tailored for the target. promptmap then run a ChatGPT instance with the system prompts provided by you and sends attack prompts to it. It can determine whether the prompt injection attack was successful by checking the answer coming from your ChatGPT instance. +-----------+ +-----------+

Prompt injection is a type of security vulnerability that can be exploited to control the behavior of a ChatGPT instance. By injecting malicious prompts into the system, an attacker can force the ChatGPT instance to do unintended actions. promptmap is a tool that automatically tests prompt injection...

16/09/2023

Mark Cuban’s MetaMask wallet drained nearly $900,000 in suspected phishing attack - https://esystematics.com/blog/?p=3667&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog




Dallas Mavericks owner and well-known investor Mark Cuban reportedly lost nearly $900,000 in a phishing attack targeting his MetaMask cryptocurrency wallet.

Dallas Mavericks owner and well-known investor Mark Cuban reportedly lost nearly $900,000 in a phishing attack targeting his MetaMask cryptocurrency wallet.

16/09/2023

ADCSKiller - An ADCS Exploitation Automation Tool Weaponizing Certipy And Coercer - https://esystematics.com/blog/?p=3665&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is currently in its first drafts and will undergo further refinements and additions in future updates for sure. Features Enumerate Domain Administrators via LDAP Enumerate Domaincontrollers via LDAP Enumerate Certificate Authorities via Certipy Exploitation of ESC1 Exploitation of ESC8 Installation Since this tool relies on Certipy and Coercer, both tools have to be installed first. git clone https://github.com/ly4k/Certipy && cd Certipy && python3 setup.py installgit clone

ADCSKiller is a Python-based tool designed to automate the process of discovering and exploiting Active Directory Certificate Services (ADCS) vulnerabilities. It leverages features of Certipy and Coercer to simplify the process of attacking ADCS infrastructure. Please note that the ADCSKiller is cur...

15/09/2023

New Scam Impersonates QuickBooks to Steal Credentials, Extract Money - https://esystematics.com/blog/?p=3657&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog




Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.

Establishing urgency through a false need to “upgrade” or lose services, this new attack takes advantage of the widespread use of the popular accounting app to attract victims.

15/09/2023

Z9 - PowerShell Script Analyzer - https://esystematics.com/blog/?p=3655&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog

Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install git clone https://github.com/Sh1n0g1/z9 How to use usage: z9.py [-h] [--output OUTPUT] [-s] [--no-viewer] [--utf8] inputpositional arguments: input Input file pathoptions: -h, --help show this help message and exit --output OUTPUT, -o OUTPUT Output file path -s, --static Enable Static Analysis mode --no-viewer Disable opening the JSON viewer in a web browser --utf8 Read scriptfile in utf-8 (deprecated) Analyze Event Logs (Recommended) python z9.py -o python z9.py -o --no-viewer Arguments Meaning input file XML file exported from eve

Abstract This tools detects the artifact of the PowerShell based malware from the eventlog of PowerShell logging. Online Demo Install git clone https://github.com/Sh1n0g1/z9 How to use usage: z9.py [-h] [--output OUTPUT] [-s] [--no-viewer] [--utf8] inputpositional arguments: input Input file pathopt...

14/09/2023

MGM Suffers Ransomware Attack that Started with a Simple Helpdesk Call - https://esystematics.com/blog/?p=3650&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog




As the aftermath unfolds, the details around the recent attack on MGM Resorts, providing crucial insight into the attacks impact, who’s responsible, and how it started.

As the aftermath unfolds, the details around the recent attack on MGM Resorts, providing crucial insight into the attacks impact, who’s responsible, and how it started.

14/09/2023

NucleiFuzzer - Powerful Automation Tool For Detecting XSS, SQLi, SSRF, Open-Redirect, Etc.. Vulnerabilities In Web Applications - https://esystematics.com/blog/?p=3646&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog

NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security professionals and web developers to detect and address security risks efficiently. Download NucleiFuzzer to protect your web applications from vulnerabilities and attacks. Note: Nuclei + Paramspider = NucleiFuzzer Tools included: ParamSpider git clone https://github.com/0xKayala/ParamSpider.git Nuclei git clone https://github.com/projectdiscovery/nuclei.git Templates: Fuzzing Templates git clone https://github.com/projectdiscovery/fuzzin

NucleiFuzzer is an automation tool that combines ParamSpider and Nuclei to enhance web application security testing. It uses ParamSpider to identify potential entry points and Nuclei's templates to scan for vulnerabilities. NucleiFuzzer streamlines the process, making it easier for security professi...

13/09/2023

Can You Guess Common Phishing Themes in Southeast Asia? - https://esystematics.com/blog/?p=3639&utm_source=SocialAutoPoster&utm_medium=Social&utm_campaign=Facebook
Esystematics Blog




Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.

Researchers at Cyfirma outline trends in phishing campaigns around the world, finding that Singapore is disproportionately targeted by phishing attacks.