JCS - Joomla Vulnerability Component Scanner

JCS Joomla Component Scanner made for penetration testing purpose on Joomla CMS JCS can help you with the latest component vulnerabilities and exploits. The database can update from several resources and a Crawler has been implemented to find components and component's link. This version supports...

PenCrawLer - An Advanced Web Crawler And DirBuster

An Advanced Web Crawler and DirBuster PeNCrawLer is an advanced webcrawler and dirbuster designed to using in penetration testing based on Windows Os. Web Crawler Features: Follow Redirects Rendering Javascript Extract links from custom HTML-Elements Extract links with Regex-Pattern Black-List...

Denial Of Service (DoS) Through Uninitialized Memory Leak

http-proxy-agent is susceptible to denial of service DoS. auth parameters are passed to the buffer constructor without proper sanitization, leading to DoS via uninitialized memory leak...

Update rollup 8.0.11049.0 for Microsoft Monitoring Agent (KB4015075)

Update rollup 8.0.11049.0 for Microsoft Monitoring Agent KB4015075 Summary This article describes the issues that are fixed in update rollup 8.0.11049.0 for the Microsoft Monitoring Agent. It also contains installation instructions for the update rollup. Fixes that are included in this update...

Node.js third-party modules: `http-proxy-agent` passes unsanitized options to Buffer(arg), resulting in DoS and uninitialized memory leak

I would like to report a Buffer allocation vulnerability in http-proxy-agent. In setups where auth argument is user-controlled, it allows to: cause Denial of Service by trivially consuming all the available CPU resources extract uninitialized memory chunks from the server on Node.js This module...

CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

Design/Logic Flaw

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

CVE-2017-9271

The commandline package update tool zypper writes HTTP proxy credentials into its logfile, allowing local attackers to gain access to proxies used...

HTTP Proxy header vulnerability

Bugfixes Mitigate HTTPoxy vulnerability 23...

HTTP Proxy header vulnerability

Bugfixes Mitigate HTTPoxy vulnerability 23...

CVE-2018-1000024

The Squid Software Foundation Squid HTTP Caching Proxy version 3.0 to 3.5.27, 4.0 to 4.0.22 contains a Incorrect Pointer Handling vulnerability in ESI Response Processing that can result in Denial of Service for all clients using the proxy.. This attack appear to be exploitable via Remote server...

Twisted: sets environmental variable based on user supplied Proxy request header

It was discovered that python-twisted-web used the value of the Proxy header from HTTP requests to initialize the HTTPPROXY environment variable for CGI scripts, which in turn was incorrectly used by certain HTTP client implementations to configure the proxy for outgoing HTTP requests. A remote...

dirsearch v0.3.8 - Brute Force Directories and Files in Websites

dirsearch is a simple command line tool designed to brute force directories and files in websites. Operating Systems supported Windows XP/7/8/10 GNU/Linux MacOSX Features Multithreaded Keep alive connections Support for multiple extensions -e|--extensions asp,php Reporting plain text, JSON...

net-Shield - An Easy and Simple Anti-DDoS solution for VPS, Dedicated Servers and IoT devices

An Easy and Simple Anti-DDoS solution for VPS,Dedicated Servers and IoT devices based on iptables. Requirements Linux System with python, iptables Nginx Will be installed automatically by install.sh Quickstart Running as a standalone software No install.sh required via DryRun option -dry to only...

HouseProxy - HTTP proxy focused on block phishing URL's

Protect your parents from phishing, HTTP proxy focused on block phishing URL's Install git clone https://github.com/mthbernardes/HouseProxy.git cd HouseProxy/ pip install -r requeriments.txt Config Edit etc/HouseProxy.conf to change de default user and password Create a entry in your DNS to...

Nikto v2.1.6 - Web Server Scanner

Nikto is an Open Source GPL web server scanner which performs comprehensive tests against web servers for multiple items, including over 6700 potentially dangerous files/programs, checks for outdated versions of over 1250 servers, and version specific problems on over 270 servers. It also checks...

DSSS - Damn Small SQLi Scanner

Damn SmallSQLi Scanner DSSS is a fully functional SQL injection vulnerability scanner supporting GET and POST parameters written in under 100 lines of code. As of optional settings it supports HTTP proxy together with HTTP header values User-Agent, Referer and Cookie. Sample runs $ python dsss.py...

Palo Alto DNS Proxy Arbitrary Code Execution Vulnerability

Palo Alto Networks PAN-OS is a suite of operating systems developed by Palo Alto Networks for its firewall appliances.DNS Proxy is one of the DNS proxies capable of resolving remote hosts using external scripts via http proxy requests. An arbitrary code execution vulnerability exists in DNS Proxy...