Dr0p1t Framework 1.3 - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? In short dropper is type of trojans that downloads other malwares and Dr0p1t gives you the chance to create a stealthy dropper that bypass most AVs and have a lot of tricks! Features Generated executable properties: The executable size is smaller compar...

Introducing Linux Support for FakeNet-NG: FLARE’s Next Generation Dynamic Network Analysis Tool

Introduction In 2016, FLARE introduced FakeNet-NG, an open-source network analysis tool written in Python. FakeNet-NG allows security analysts to observe and interact with network applications using standard or custom protocols on a single Windows host, which is especially useful for malware...

openSUSE Security Update : lynis (openSUSE-2017-705)

This update for lynis fixes the following issues : Lynis 2.5.1 : - Improved detection of SSL certificate files - Minor changes to improve logging and results - Firewall tests: Determine if CSF is in testing mode The Update also includes changes from Lynis 2.5.0 : - CVE-2017-8108: symlink attack m...

Dr0p1t-Framework - A Framework That Creates An Advanced FUD Dropper With Some Tricks

Have you ever heard about trojan droppers ? you can read about them from here . Dr0p1t let you create dropper like any tool but this time FUD with some tricks ; Features Works with Windows and Linux Adding malware after downloading it to startup Adding malware after downloading it to task schedul...

One Click Symbolic Execution: Ponce

Ponce pronounced ‘poN θe pon-they is an IDA Pro plugin that provides users the ability to perform taint analysis and symbolic execution over binaries in an easy and intuitive fashion. With Ponce you are one click away from getting all the power from cutting edge symbolic execution. Entirely writt...

WAS - Automatic USB Drive Malware Scanning Tool For The Security-Minded Person

Author: Fabio Baroni http://www.pentest.guru/ @Fabiothebest89 How many times have you plugged in a USB drive and double clicked on a file without scanning for malware? I guess, MANY. Wait A Sec! Even if you are a security guy, you'll often be in a hurry or absent minded and you trust your USB dri...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information

The Linux-support-2.6.26-1 package from the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-support-2.6.18-5 operating system package from the Debian GNU/Linux distribution may lead to breaches of the confidentiality, integrity, and accessibility of protected information...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The Linux-support-2.6.18-6 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities of the Debian GNU/Linux operating system that allow a remote attacker to compromise the accessibility of protected information

The Linux-support-2.6.26-2 package from the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to a violation of the accessibility of protected information. These vulnerabilities can be exploited remotely...

Vulnerabilities in the Debian GNU/Linux operating system that allow a malicious individual to compromise the confidentiality, integrity, and accessibility of protected information

The multiple vulnerabilities in the linux-support-2.6.24-etchnhalf.1 operating system package from the Debian GNU/Linux ecosystem can lead to breaches of the confidentiality, integrity, and accessibility of protected information...

Google Plans to End Chrome for 32-bit Linux, Releases Chrome 47

Google announced this week it will end Chrome support for older, 32-bit Linux distributions early next year and will maintain the browser on more popular distributions of the software. Specifically Google plans to stop pushing updates and security fixes to those running Chrome on 32-bit Linux,...

Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality of protected information

The Linux-support-2.6.18-4 package of the Debian GNU/Linux operating system has multiple vulnerabilities. Exploitation of these vulnerabilities may lead to breaches of the confidentiality of protected information. These vulnerabilities can be exploited remotely...

Release Notes for Veeam Backup & Replication 8.0 Patch 1

More Recent Version Available Please find the latest version of Veeam Backup & Replication here: Veeam Downloads - Latest Version Challenge Release Notes for Veeam Backup & Replication 8.0 Update 1 Cause Please confirm you are running version 8.0.0.807, 8.0.0.817 or 8.0.0.831 prior to installing...

[Skipfish] Web Application Security Scanner

Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active but hopefully non-disruptive...

[Tundeep v0.2a] Layer 2 VPN/Injection tool

Tundeep is a layer 2 VPN/injection tool that resides almost entirely in user space on the victim aside from the pcap requirement. This can be handled via a silent install however. The tool will build on Linux and Windows victims. Windows compilation is achieved using Cygwin. The attacker must be ...

Redline: Answering Your Questions

Those of you who attended the "Tools of Engagement: Redline™ - We've Got the Tool, If You've Got the Time" webinar last month by David Ross and myself will recall that we ran short on time while answering all of your questions. The webinar covered the latest updates to Redline, Mandiant's free to...

The Social-Engineer Toolkit v1.5 Released

The Social-Engineer Toolkit v1.5 Released The Social Engineering Toolkit SET is a python-driven suite of custom tools which solely focuses on attacking the human element of penetration testing. It's main purpose is to augment and simulate social-engineering attacks and allow the tester to...

[SECURITY] [DSA 2264-1] linux-2.6 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2264-1 [email protected] http://www.debian.org/security/ dann frazier June 18, 2011 http://www.debian.org/security/faq -...

Firesheep – Social Network Session Stealing/Hijacking Tool

A huge wave has been made by this tool in the mainstream media this week as it makes session stealing/hijacking a click and go procedure. It was released at Toorcon 12 and is simply a Firefox Add-on. Stealing sessions/passwords and so on is something we've been able to do for a LONG time using...