Lucene search
K

115 matches found

Kitploit
Kitploit
added 2021/09/19 8:30 p.m.26 views

InlineExecute-Assembly - A PoC Beacon Object File (BOF) That Allows Security Professionals To Perform In Process .NET Assembly Execution

InlineExecute-Assembly is a proof of concept Beacon Object File BOF that allows security professionals to perform in process .NET assembly execution as an alternative to Cobalt Strikes traditional fork and run execute-assembly module. InlineExecute-Assembly will execute any assembly with the entr...

7.8AI score
Exploits0References7
GithubExploit
GithubExploit
added 2021/03/05 8:22 a.m.41 views

Exploit for Server-Side Request Forgery in Microsoft

It is an offensive tool for Microsoft Exchange server vulnerabil...

9.8CVSS9.9AI score0.99999EPSS
Exploits66
CVE
CVE
added 2020/12/11 1:46 a.m.80 views

CVE-2020-25191

The CVE-2020-25191 entry documents an authentication-agnostic issue in the NI CompactRIO API entry-point: default incorrect permissions could allow a non-authenticated user to trigger a function that rebooted the device remotely on Driver versions prior to 20.5. Affected product: CompactRIO contr...

7.8CVSS7.5AI score0.01109EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2020/12/03 12:0 a.m.8 views

National Instruments Compactrio License Issue Vulnerability

National Instruments Compactrio is an embedded controller for industrial control from National Instruments. An authorization issue vulnerability exists in versions prior to CompactRIO Driver 20.5, which stems from an incorrect privilege setting service for a specific API entry point by default,...

7.8CVSS7.1AI score0.01109EPSS
Exploits0References3
Metasploit
Metasploit
added 2020/09/02 5:41 p.m.23 views

Windows Inject PE Files, Windows x86 Reverse Named Pipe (SMB) Stager

Inject a custom native PE file into the exploited process using a reflective PE loader. The reflective PE loader will execute the pre-mapped PE image starting from the address of entry after performing image base relocation and API address resolution. This module requires a PE file that contains...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2020/05/07 9:17 a.m.7 views

Exploit for CVE-2020-11651

It is an exploit module for Apache HTTP Server versions prior to...

9.8CVSS8.8AI score0.96405EPSS
Exploits25
Kitploit
Kitploit
added 2020/04/10 9:30 p.m.122 views

Lunar - A Lightweight Native DLL Mapping Library That Supports Mapping Directly From Memory

A lightweight native DLL mapping library that supports mapping directly from memory Features Imports and delay imports are resolved Relocations are performed Image sections are mapped with the correct page protection Exception handlers are initialised A security cookie is generated and initialise...

7.3AI score
Exploits0References1
GithubExploit
GithubExploit
added 2020/03/15 3:17 a.m.4 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft

It is an offensive tool for Windows. This repository contains a...

10CVSS9.7AI score0.9981EPSS
Exploits125
CNVD
CNVD
added 2020/02/05 12:0 a.m.2 views

IBM Security Directory Server Information Disclosure Vulnerability (CNVD-2020-04412)

IBM Security Directory Server is a suite of enterprise identity management software from IBM USA that uses the Lightweight Directory Access Protocol LDAP. The software provides a trusted identity data infrastructure for authentication. IBM Security Directory Server version 6.4.0 is deployed using...

5.3CVSS6.8AI score0.01067EPSS
Exploits0References1
Gitee
Gitee
added 2019/11/13 10:29 a.m.3 views

Exploit for Improper Restriction of Operations within the Bounds of a Memory Buffer in Tintin Tintin\+\+

PoC exploit for CVE-2008-0671. The target product/service is Windows SMB Server Message Block service. The vulnerability class/vector is RCE Remote Code Execution. The probable entry point is the NetAPI function in the Windows SMB service. Notable dependencies/tooling include Impacket and PyCrypt...

10CVSS8.2AI score0.15564EPSS
Exploits1
Kitploit
Kitploit
added 2019/11/07 8:43 p.m.147 views

Donut - Generates X86, X64, Or AMD64+x86 Position-Independent Shellcode That Loads .NET Assemblies, PE Files, And Other Windows Payloads From Memory

Donut generates x86 or x64 shellcode from VBScript, JScript, EXE, DLL including .NET Assemblies files. This shellcode can be injected into an arbitrary Windows processes for in-memory execution. Given a supported file type, parameters and an entry point where applicable such as Program.Main, it...

8AI score
Exploits0References6
Pen Test Partners Blog
Pen Test Partners Blog
added 2019/09/03 6:55 a.m.142 views

Pwning a Siemens Scalance ICS switch through ARM reversing

We’ve been working in industrial control systems security for a long time. Several of the team here used to work in OT control rooms or support SCADA environments. Whilst pen testing a ship control system, we noticed a heavy reliance on Siemens Scalance industrial ethernet switches, so bought a...

2.1CVSS6.2AI score0.00301EPSS
Exploits0
GithubExploit
GithubExploit
added 2019/05/15 8:4 p.m.5 views

Exploit for Use After Free in Microsoft

It is an exploit module for Windows Remote Desktop Service vul...

10CVSS7.2AI score0.99999EPSS
Exploits123
Malwarebytes
Malwarebytes
added 2018/08/30 3:41 p.m.55 views

Reversing malware in a custom format: Hidden Bee elements

Malware can be made of many components. Often, we encounter macros and scripts that work as malicious downloaders. Some functionalities can also be achieved by position-independent code—so-called shellcode. But when it comes to more complex elements or core modules, we almost take it for granted...

Exploits0
GithubExploit
GithubExploit
added 2016/11/02 2:5 a.m.134 views

Exploit for Race Condition in Oracle Mysql

It is an exploit module for Apache HTTP Server. The target pr...

7CVSS9.7AI score0.04313EPSS
Exploits18
Tenable Nessus
Tenable Nessus
added 2015/09/23 12:0 a.m.34 views

openSUSE Security Update : icedtea-web (openSUSE-2015-602)

The icedtea-web java plugin was updated to 1.6.1. Changes included : - Enabled Entry-Point attribute check - permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. - fixed DownloadService - comments in deployment.properties n...

6.8CVSS5.3AI score0.0344EPSS
Exploits0References7
OPENSUSE Linux
OPENSUSE Linux
added 2015/09/22 11:10 a.m.43 views

Security update for icedtea-web (important)

The icedtea-web java plugin was updated to 1.6.1. Changes included: Enabled Entry-Point attribute check permissions sandbox and signed app and unsigned app with permissions all-permissions now run in sandbox instead of not at all. fixed DownloadService comments in deployment.properties now should...

6.8CVSS9.5AI score0.0344EPSS
Exploits0References4
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.18 views

PHP-Nuke <= 8.0 XSS & HTML Code Injection in News Module

No description provided by source. Software Link: http://www.phpnuke.org/modules.php?name=Downloads&dop=viewdownload&cid=1 -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= note : This bug found by tampering passed data . coders don't sanitize and check user entry point for news rate...

7.1AI score
Exploits0
w3af
w3af
added 2013/06/10 11:2 p.m.9 views

import_results

This plugin serves as an entry point for the results of other tools that identify URLs. The plugin reads from different input files and directories and creates the fuzzable requests which are needed by the audit plugins. Two configurable parameter exist: inputcsv inputburp One or more of these ne...

Exploits0
securityvulns
securityvulns
added 2012/03/26 12:0 a.m.86 views

Cyberoam Unified Threat Management: Insecure Password Handling

Hi, Please find below the details of a vulnerability I discovered in Cyberoam UTM device. The Vendor was notified, however I did not receive any response from Vendor despite repeated email reminders. SECURITY ADVISORY: cyberoam-utm-insecure-password-handling Affected Software: Cyberoam CR50ia...

0.5AI score
Exploits0
Rows per page
Query Builder