Privilege Escalation

Pluggable Authentication Modules PAM is vulnerable to Privilege Escalation. A flaw was found in the way pamconsole set console device permissions. It was possible for various console devices to retain ownership of the console user after logging out, possibly leaking information to another local...

Richkit - Domain Enrichment Toolkit

Richkit is a python3 package that provides tools taking a domain name as input, and returns addtional information on that domain. It can be an analysis of the domain itself, looked up from data-bases, retrieved from other services, or some combination thereof. The purpose of richkit is to provide...

Design/Logic Flaw

An issue was discovered on Samsung mobile devices with M6.0 and N7.0 Exynos5433, Exynos7420, or Exynos7870 chipsets software. An attacker can bypass a ko aka Kernel Module signature by modifying the count of kernel modules. The Samsung ID is SVE-2016-7466 January 2017...

Command Injection

Overview install-package is a package that installs node modules from JavaScript. Affected versions of this package are vulnerable to Command Injection. The argument options can be controlled by users without any sanitization. PoC var root = require"install-package"; root"", "& touch Song"; Detai...

CVE-2019-3459

A flaw was found in the Linux kernel's implementation of Logical Link Control and Adaptation Protocol L2CAP, part of the Bluetooth stack. An attacker, within the range of standard Bluetooth transmissions, can create and send a specially crafted packet. The response to this specially crafted packe...

PSKernel-Primitives

This repository contains a collection of PowerShell primitives for fuzzing and exploitation. The primitives are designed to be used in a Windows environment and are intended for use in red teaming and penetration testing. The repository includes the following primitives: 1. Alloc-NullPage.ps1:...

metasploit-framework

This is the Metasploit Framework repository, a comprehensive collection of exploit modules and tools for penetration testing and vulnerability assessment. The framework is written in Ruby and provides a wide range of features for discovering and exploiting vulnerabilities in various systems and...

Monitoring ICS Cyber Operation Tools and Software Exploit Modules To Anticipate Future Threats

There has only been a small number of broadly documented cyber attacks targeting operational technologies OT / industrial control systems ICS over the last decade. While fewer attacks is clearly a good thing, the lack of an adequate sample size to determine risk thresholds can make it difficult f...

The vulnerability of the web page rendering modules in WebKitGTK and WPE WebKit, related to the use of memory after it is freed, allows attackers to execute arbitrary code.

The vulnerability of the Web page rendering modules in WebKitGTK and WPE WebKit relates to the use of memory after it is freed. Exploiting this vulnerability can allow a remote attacker to execute arbitrary code...

Exploit for CVE-2016-0728

This repository is an offensive tool for Linux kernel exploitation, specifically targeting the CVE-2016-0728 vulnerability. The vulnerability is a REFCOUNT overflow/Use-After-Free in keyrings, which allows for local root exploitation. The repository contains two exploit modules, expboost.c and...

TrickBot Now Exploits Infected PCs to Launch RDP Brute Force Attacks

A new module for TrickBot banking Trojan has recently been discovered in the wild that lets attackers leverage compromised systems to launch brute-force attacks against selected Windows systems running a Remote Desktop Protocol RDP connection exposed to the Internet. The module, dubbed...

[SECURITY] Fedora 32 Update: ansible-2.9.6-1.fc32

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

PYSEC-2020-10

A flaw was found in Ansible Engine when the module package or service is used and the parameter 'use' is not specified. If a previous task is executed with a malicious user, the module sent can be selected by the attacker using the ansible facts file. All versions in 2.7.x, 2.8.x and 2.9.x branch...

icsmaster

This is an offensive tool repository for industrial control system ICS security research. It contains a collection of resources, including papers, exploits, firmware, Nmap scripts, and tools, related to ICS security. The repository is organized into several categories, including a directory of...

Install Go tools from modules with brew-gomod

As of Go 1.14, modules are ready for production. Compared to GOPATH, they make it much easier to keep workspaces clean by managing dependencies out of sight, and by letting you clone projects anywhere. However, there is no good way to simply install a Go binary from source, yet. The core reason f...

[SECURITY] Fedora 30 Update: ansible-2.9.6-1.fc30

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

[SECURITY] Fedora 31 Update: ansible-2.9.6-1.fc31

Ansible is a radically simple model-driven configuration management, multi-node deployment, and remote task execution system. Ansible works over SSH and does not require any software or daemons to be installed on remote nodes. Extension modules can be written in any language and are transferred t...

CVE-2020-10540

Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules...

CVE-2020-10540

Untis WebUntis before 2020.9.6 allows CSRF for certain combinations of rights and modules...

CVE-2020-0859

An information vulnerability exists when Windows Modules Installer Service improperly discloses file information, aka 'Windows Modules Installer Service Information Disclosure Vulnerability'...