Aggregator

WPProbe is a fast and efficient WordPress plugin scanner that leverages REST API enumeration (?rest_route) to detect installed plugins without brute-force. Unlike traditional scanners that hammer websites with requests, WPProbe takes a smarter approach by querying the exposed REST API....

The post wpprobe: A fast WordPress plugin enumeration tool appeared first on Penetration Testing Tools.

Web Shell Analyzer Web shell analyzer is a cross-platform stand-alone binary built solely for the purpose of identifying, decoding, and tagging files that are suspected to be web shells. The web shell analyzer is...

The post Web Shell Analyzer: Web shell scanner and analyzer appeared first on Penetration Testing Tools.

Ghost Scheduled Task While using scheduled tasks as a means of persistence is not a novel approach, threat actors have employed various techniques to conceal their malicious tasks. A notable method involves removing the SD...

The post Ghost Scheduled Task: scheduled task for both persistence and lateral movement appeared first on Penetration Testing Tools.

当前，全球网络安全形势严峻，高级威胁（APT）、勒索软件攻击持续高发，攻击手段更加密集且复杂多变。与此同时，云 […]

Nagios Log Server 2024R1.3.1 - API Key Exposure

ABB Cylon FLXeon 9.3.4 - System Logs Information Disclosure

ABB Cylon FLXeon 9.3.4 - Default Credentials

ABB Cylon FLXeon 9.3.4 - Cross-Site Request Forgery

CMU CERT/CC VINCE 2.0.6 - Stored XSS

ABB Cylon Aspect 3.08.02 - PHP Session Fixation

Netman 204 - Remote command without authentication

ABB Cylon FLXeon 9.3.4 - WebSocket Command Spawning

WebFileSys 2.31.0 - Directory Path Traversal

ABB Cylon FLXeon 9.3.4 - Remote Code Execution (RCE)

GeoVision GV-ASManager 6.1.1.0 - CSRF

ABB Cylon FLXeon 9.3.4 - Remote Code Execution (Authenticated)

GeoVision GV-ASManager 6.1.0.0 - Broken Access Control

qBittorrent 5.0.1 - MITM RCE