Huawei EulerOS: Security Advisory for samba (EulerOS-SA-2019-2116)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP8 : samba (EulerOS-SA-2019-2116)

According to the versions of the samba packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in samba versions 4.9.x up to 4.9.13, samba 4.10.x up to 4.10.8 and samba 4.11.x up to 4.11.0rc3, when certain parameters were s...

CloudBees Jenkins Fabric Beta Publisher Plugin Trust Management Issue Vulnerability

CloudBees Jenkins Hudson Labs is a set of Java-based continuous integration tools from CloudBees. The product is mainly used to monitor the continuous software version release/testing projects and some timed tasks . Fabric Beta Publisher Plugin is used in one of the Android application publishing...

Hacktronian - All In One Hacking Tool For Linux & Android

Pentesing Tools That All Hacker Needs. HACKTRONIAN Menu : Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation Install The HACKTRONIAN Information Gathering: Nmap Setoolkit Port Scanning Host To IP wordpre...

Commando VM - The First of Its Kind Windows Offensive Distribution

Welcome to CommandoVM - a fully customized, Windows-based security distribution for penetration testing and red teaming. Installation Install Script Requirements Windows 7 Service Pack 1 or Windows 10 60 GB Hard Drive 2 GB RAM Instructions 1. Create and configure a new Windows Virtual Machine...

Infected WordPress Sites Are Attacking Other WordPress Sites

WordPress sites are being targeted in a series of attacks tied to a 20,000 botnet-strong army of infected WordPress websites. Behind the WordPress-on-WordPress assault is a widespread brute-force password attack leveraged through a Russian proxy provider and targeting a developer application...

Spotify Phishers Hijack Music Fans' Accounts

A phishing campaign with a clever Spotify lure has been spotted trying to harvest user credentials for the popular streaming service. Researchers at AppRiver detected the offensive earlier this month, in a campaign looking to compromise Spotify customers using bogus – but convincing – emails with...

Improper access control

A vulnerability in the Gleez CMS 1.2.0 login page could allow an unauthenticated, remote attacker to perform multiple user enumerations, which can further help an attacker to perform login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-si...

SNMPwn - An SNMPv3 User Enumerator and Attack tool

SNMPwn is an SNMPv3 user enumerator and attack tool. It is a legitimate security tool designed to be used by security professionals and penetration testers against hosts you have permission to test. It takes advantage of the fact that SNMPv3 systems will respond with "Unknown user name" when an...

Fsociety Hacking Tools Pack

Fsociety Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation INSTALL & UPDATE Information Gathering : Nmap Setoolkit Port Scanning Host To IP wordpress user CMS scanner XSStracer Dork – Google Dorks...

Fsociety Hacking Tools Pack - A Penetration Testing Framework

A Penetration Testing Framework , you will have evry script that a hacker needs Menu Information Gathering Password Attacks Wireless Testing Exploitation Tools Sniffing & Spoofing Web Hacking Private Web Hacking Post Exploitation INSTALL & UPDATE InformationGathering : Nmap Setoolkit Port Scannin...

Default credentials

A vulnerability in the Guest Portal login page of Cisco Identity Services Engine ISE could allow an unauthenticated, remote attacker to perform multiple login attempts in excess of the configured login attempt limit. The vulnerability is due to insufficient server-side login attempt limit...

CVE-2017-12316

CVE-2017-12316 relates to Cisco Identity Services Engine (ISE) Guest Portal. The issue is insufficient server-side enforcement of login attempt limits on the Guest Portal login page, enabling unauthenticated, remote attackers to perform multiple login attempts and potentially conduct brute-force ...

CVE-2017-7551

389-ds-base version before 1.3.5.19 and 1.3.6.7 are vulnerable to password brute-force attacks during account lockout due to different return codes returned on password attempts...

BLACKBOx - A Penetration Testing Framework

Password Attacks: MD5 CRACKER SHA1 CRACKER SHA224 CRACKER SHA256 CRACKER SHA384 CRACKER SHA512 CRACKER MSSQL2000 CRACKER MSSQL2005 CRACKER MYSQL323 CRACKER MYSQL41 CRACKER ORACLE11 CRACKER Web Hacking : Wordpress Bruteforce – Bruteforce wordpress panel FTP Bruteforce – Bruteforcing FTP LOGIN SSH...

PenBox v2.2 - A Penetration Testing Framework (The Hacker's Repo)

A Penetration Testing Framework , The Hacker’s Repo our hope is in the last version we will have evry script that a hacker needs. Information Gathering : nmap Setoolkit Port Scanning Host To IP wordpress user enumeration CMS scanner XSStracer - checks remote web servers for Clickjacking,...

Juniper Networks Junos OS OpenSSH Restriction Bypass Vulnerability

Junos OS is prone to a restriction bypass vulnerability in OpenSSH. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/o:juniper:junos...

Western Digital Self-Encrypting Drives Vulnerable

Some consumer-grade, self-encrypting external hard drives are littered with security vulnerabilities that render their encryption an afterthought. An academic paper published in late September took apart a number of drives manufactured by Western Digital that suffer from flaws that are trivial to...

Ubuntu 14.04 LTS : OpenSSH vulnerabilities (USN-2710-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2710-1 advisory. Moritz Jodeit discovered that OpenSSH incorrectly handled usernames when using PAM authentication. If an additional vulnerability were discovered in the...

PentestBox - Portable Penetration Testing Distribution for Windows Environments

PentestBox is not like other Penetration Testing Distributions which runs on virtual machines. It is created because more than 50% of penetration testing distributions users uses windows. So it provides an efficient platform for Penetration Testing on windows platform. Check out demo video: Easy ...