CVE-2016-10680

adamvr-geoip-lite is a light weight native JavaScript implementation of GeoIP API from MaxMind adamvr-geoip-lite downloads geoip resources over HTTP, which leaves it vulnerable to MITM attacks. This impacts the integrity and availability of this geoip data that may alter the decisions made by an...

CVE-2016-10568

geoip-lite-country is a stripped down version of geoip-lite, supporting only country lookup. geoip-lite-country before 1.1.4 downloads data resources over HTTP, which leaves it vulnerable to MITM attacks...

CVE-2016-10568

CVE-2016-10568 affects geoip-lite-country (pre-1.1.4). The library downloads data resources over HTTP, creating vulnerability to man-in-the-middle attacks. Impact ranges from data modification/read to potential code execution depending on the data/resource behavior, per multiple sources. Mitigati...

CVE-2016-10680

CVE-2016-10680 affects adamvr-geoip-lite, a lightweight native JavaScript GeoIP API. The underlying issue is that geoip resources are downloaded over HTTP, making them susceptible to MITM modification or reading. This can compromise the integrity and availability of geolocation data used by an ap...

Remote Authentication GeoFeasibility Tool - GeoLogonalyzer

Users have long needed to access important resources such as virtual private networks VPNs, web applications, and mail servers from anywhere in the world at any time. While the ability to access resources from anywhere is imperative for employees, threat actors often leverage stolen credentials t...

Remote Authentication GeoFeasibility Tool - GeoLogonalyzer

Users have long needed to access important resources such as virtual private networks VPNs, web applications, and mail servers from anywhere in the world at any time. While the ability to access resources from anywhere is imperative for employees, threat actors often leverage stolen credentials t...

Moloch - An Open Source, Large Scale, Full Packet Capturing, Indexing, And Database System

Moloch is an open source, large scale, full packet capturing, indexing, and database system. Moloch augments your current security infrastructure to store and index network traffic in standard PCAP format, providing fast, indexed access. An intuitive and simple web interface is provided for PCAP...

[SECURITY] Fedora 27 Update: suricata-4.0.4-1.fc27

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Crips - IP Tools To quickly get information about IP Address's, Web Pages and DNS records

This Tools is a collection of online IP Tools that can be used to quickly get information about IP Address's, Web Pages and DNS records. Menu Whois lookup Traceroute DNS Lookup Reverse DNS Lookup GeoIP Lookup Port Scan Reverse IP Lookup INSTALL & UPDATE Exit Whois lookup Determine the registered...

Tilt - Terminal Ip Lookup Tool

Tilt: Terminal ip lookup tool, is an easy and simple open source tool implemented in Python for ip/host passive reconnaissance. It's very handy for first reconnaissance approach and for host data retrieval. Features Host to IP conversion IP to Host conversion DNS to IPs GeoIP Translation Extensiv...

Web-based OSINT and Active Reconnaissance Suite: D0xk1t

Active reconnaissance, information gathering and OSINT built in a portable web application. D0xk1t is an open-source , self-hosted and easy to use OSINT and active reconnaissance web application for penetration testers. Based off of the prior command-line script, D0xk1t is now fully capable of...

Visualize network Topologies From pcap Files: PcapViz

PcapViz visualizes network topologies and provides graph statistics based on pcap files. It should be possible to determine key topological nodes or data exfiltration attempts more easily. Features Draw network topologies Layer 2 and communication graphs Layer 3 and 4 Network topologies contain...

PcapViz - Visualize Network Topologies and Collect Graph Statistics Based on PCAP Files

PcapViz visualizes network topologies and provides graph statistics based on pcap files. It should be possible to determine key topological nodes or data exfiltration attempts more easily. Features Draw network topologies Layer 2 and communication graphs Layer 3 and 4 Network topologies contain...

Pythem - Penetration Testing Framework

pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more informatio...

Domain Name Permutation Engine: dnstwist

Domain Name Permutation Engine Domain name permutation engine for detecting typo squatting, phishing and corporate espionage See what sort of trouble users can get in trying to type your domain name. Find similar-looking domains that adversaries can use to attack you. Can detect typosquatters,...

openSUSE Security Update : deluge (openSUSE-2017-656)

This update for deluge fixes two security issues : - CVE-2017-9031: A remote attacker may have used a directory traversal vulnerability in the web interface bsc1039815 - CVE-2017-7178: A remote attacher could have exploited a CSRF vulnerability to trick a logged-in user to perform actions in the...

Fedora 24 : deluge (2017-ce66f11df1)

Core 2889: Fixed 'Too many files open' errors. 2861: Added support for python-geoip for use with libtorrent 1.1. 2149: Fixed a single proxy entry being overwritten resulting in no proxy set. UI Added trackerstatus translation to UIs. GtkUI 2901: Strip whitespace from infohash before checks. Add...

[SECURITY] Fedora 25 Update: suricata-3.2.1-1.fc25

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

[SECURITY] Fedora 24 Update: suricata-3.2.1-1.fc24

The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine. This engine is not intended to just replace or emulate the existing tools in the industry, but will bring new ideas and technologies to the field. This new Engine supports Multi-threading, Automatic...

Man In The Middle (MitM)

adamvr-geoip-lite is vulnerable to man-in-the-middle MitM attacks via downloading geoip resources over HTTP. This impacts the integrity and availability of this geoip data that may alter the decisions made by an application using this data...