Aggregator

OSINT Toolkit OSINT Toolkit is a full-stack web application designed to assist security analysts in their work. It combines various functions and services into a single tool, making it easier for analysts to identify...

The post OSINT Toolkit: full stack web application built for security analysts appeared first on Penetration Testing Tools.

PySQLRecon PySQLRecon is a Python port of the awesome SQLRecon project by @sanjivkawa. See the commands section for a list of capabilities. Commands All of the main modules from SQLRecon have equivalent commands. Commands noted with [PRIV] require elevated...

The post PySQLRecon: Offensive MSSQL toolkit written in Python appeared first on Penetration Testing Tools.

Introducing the ROP ROCKET This new, advanced ROP framework made its debut at DEF CON 31 with some unprecedented capabilities. ROCKET generates several types of chains, and it provides new patterns or techniques. Please...

The post ROP ROCKET: an advanced code-reuse attack framework appeared first on Penetration Testing Tools.

To make it brief I was doxxed and I don’t know how I didn’t click any links or give out an

A vulnerability has been found in DirPHP 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file index.php. The manipulation of the argument phpfile leads to path traversal. This vulnerability is known as CVE-2014-5115. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in Qbik WinGate Proxy 3.0/4.0.1. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to memory corruption. The identification of this vulnerability is CVE-1999-0441. The attack may be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in UltimateKode Neo Billing up to 3.5. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2020-23518. The attack may be launched remotely. Furthermore, there is an exploit available.

环境异常 当前环境异常，完成验证后即可继续访问。 去验证

#勒索病毒 #D0glun #Ransomware D0glun勒索病毒攻击

#恶意软件分析 #银狐 #工具 银狐最新恶意软件进程监控

3CX供应链攻击技术之微软数字签名被滥用技术分析

A vulnerability classified as problematic was found in ZDaemon up to 1.08.07. This vulnerability affects unknown code. The manipulation leads to improper input validation. This vulnerability was named CVE-2008-3314. The attack can be initiated remotely. Furthermore, there is an exploit available.

主站 分类 漏洞 工具 极客

A vulnerability classified as problematic was found in Mephistoles httpd 0.6 Final/0.6 P1/0.6 P2. Affected by this vulnerability is an unknown functionality. The manipulation leads to basic cross site scripting. This vulnerability is known as CVE-2004-2096. The attack can be launched remotely. Furthermore, there is an exploit available.

A vulnerability was found in XMB Forum 1.6/1.8/1.11. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file member.php. The manipulation of the argument member leads to basic cross site scripting. This vulnerability is known as CVE-2003-0375. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Windows LPE (@MrAle_98), CLR OPSEC (@passthehashbrwn), WinRM BOFs (@falconf

A vulnerability classified as critical was found in Linux Kernel 1.3.0/2.0. Affected by this vulnerability is an unknown functionality of the component ICMP Packet Handler. The manipulation as part of Long Packet leads to denial of service. This vulnerability is known as CVE-1999-0128. The attack can be launched remotely. Furthermore, there is an exploit available. Due to its background and reception, this vulnerability has an historic impact. It is recommended to upgrade the affected component.