Log4J-Detect - Script To Detect The "Log4j" Java Library Vulnerability (CVE-2021-44228) For A List Of URLs With Multithreading

Simple Python 3 script to detect the "Log4j" Java library vulnerability CVE-2021-44228 for a list of URL with multithreading The script "log4j-detect.py" developed in Python 3 is responsible for detecting whether a list of URLs are vulnerable to CVE-2021-44228. To do so, it sends a GET request...

Exploit for Path Traversal in Citrix Xenmobile_Server

使用方法&免责声明 该脚本为Citrix XenMobile 目录遍历漏洞（CVE-2020-8209）批量检测脚本。 使用方法：Python CVE-2020-8209-Multiple.py url.txt 存在漏洞的地址输出在vul.txt中 影响版本： - RP2之前的Citrix XenMobile Server 10.12 - RP4之前的Citrix XenMobile Server 10.11 - RP6之前的Citrix XenMobile Server 10.10 - RP5之前的Citrix XenMobile Server 10.9...

DOUBLEPULSAR - Payload Execution and Neutralization Exploit

This Metasploit module executes a Metasploit payload against the Equation Group's DOUBLEPULSAR implant for SMB as popularly deployed by ETERNALBLUE. While this module primarily performs code execution against the implant, the "Neutralize implant" target allows you to disable the implant. This...

Security Bulletin: Speculative Store Bypass (SSB) vulnerability also known as SpectreNG or Variant 4 affects IBM Spectrum Protect Plus (CVE-2018-3639)

Summary IBM Spectrum Protect Plus may be affected by the Speculative Storage Bypass SSB vulnerability which is also known as SpetreNG or Variant 4. Vulnerability Details CVEID: CVE-2018-3639 DESCRIPTION: Multiple Intel CPU''s could allow a local attacker to obtain sensitive information, caused by...

Can a Vulnerability Scan break servers and services?

The most serious problem of Vulnerability Scanners is that they are too complex and unpredictable. Usually they don't affect the target hosts, but when they do, welcome to hell! And if you scan huge infrastructure, tens thousands hosts and more, it's not "if" the scanner will break the server it'...

ViArt Shop Detection

Detection of ViArt Shop. The script sends a connection request to the server and attempts to extract the version number from the reply. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

Google Sent Hacked Notification Messages to Millions of Webmasters

Google Sent Hacked Notification Messages to Millions of Webmasters Google's head of the webspam team, Matt Cutts, announced on Twitter that they have sent out new message notifications to 20,000 web sites that are hacked. Specifically, Google sent these messages to sites doing "weird redirects."...

Pro Chat Rooms Version Detection

This script detects the installed version of Pro Chat Rooms. SPDX-FileCopyrightText: 2009 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

LaBrea Tarpitted Host Detection

This script performs a Labrea tarpit scan, by sending a bogus ACK and ACK-windowprobe to a potential host. It also sends a TCP SYN to test for non-persisting labrea machines. This script was written by John [email protected] See the Nessus Scripts License for details include"compat.inc...