CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

n0where•added 2018/02/03 8:26 p.m.•45 views

Find Vulnerable Settings in AD Group Policy: Grouper

Grouper is a slightly wobbly PowerShell module designed for pentesters and redteamers although probably also useful for sysadmins which sifts through the usually very noisy XML output from the Get-GPOReport cmdlet part of Microsoft’s Group Policy module and identifies all the settings defined in...

6.8AI score

Exploit DB•added 2018/02/01 12:0 a.m.•183 views

BMC Server Automation RSCD Agent - NSH Remote Command Execution (Metasploit)

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'BMC Server Automation RSCD Agent NSH Remote ' \ 'Command Execution', 'Description' = %q This module exploits a weak access control check in the B...

7.7AI score

OpenVAS•added 2018/01/31 12:0 a.m.•19 views

PowerShell Detection (Linux/Unix SSH Login)

SSH login-based detection of PowerShell. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.812746";...

7AI score

OpenVAS•added 2018/01/30 12:0 a.m.•31 views

Microsoft PowerShell Core DoS And Security Feature Bypass Vulnerabilities - Linux

This host is missing an important security update for PowerShell Core according to Microsoft security update January 2018. SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

7.5CVSS8.1AI score0.34677EPSS

OpenVAS•added 2018/01/30 12:0 a.m.•23 views

PowerShell Core Detection (Windows SMB Login)

Detects the installed version of PowerShell Core. The script logs in via smb, searches for SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

OpenVAS•added 2018/01/30 12:0 a.m.•40 views

Microsoft PowerShell Core DoS And Security Feature Bypass Vulnerabilities - Mac OS X

7.5CVSS8.1AI score0.34677EPSS

VulnCheck KEV•added 2018/01/30 12:0 a.m.•0 views

VulnCheck KEV: CVE-2018-20753

Kaseya VSA RMM allows unprivileged remote attackers to execute PowerShell payloads on all managed devices...

9.8CVSS7.4AI score0.47933EPSS

Exploits1References1

OpenVAS•added 2018/01/30 12:0 a.m.•12 views

PowerShell Core Detection (Mac OS X SSH Login)

Detects the installed version of PowerShell on Mac OS X. The script logs in via ssh, searches for folder SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier:...

Microsoft Malware Protection•added 2018/01/24 2:0 p.m.•36 views

Now you see me: Exposing fileless malware

Attackers are determined to circumvent security defenses using increasingly sophisticated techniques. Fileless malware boosts the stealth and effectiveness of an attack, and two of last years major ransomware outbreaks Petya and WannaCry used fileless techniques as part of their kill chains. The...

Kitploit•added 2018/01/21 9:11 p.m.•22 views

Ketshash - A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs

A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs. The tool was published as part of the "Pass-The-Hash detection" research - more details on "Pass-The-Hash detection" are in the blog post:...

7AI score

Exploits0References2

The Hacker News•added 2018/01/17 7:25 a.m.•2123 views

Hackers Exploiting Three Microsoft Office Flaws to Spread Zyklon Malware

Security researchers have spotted a new malware campaign in the wild that spreads an advanced botnet malware by leveraging at least three recently disclosed vulnerabilities in Microsoft Office. Dubbed Zyklon, the fully-featured malware has resurfaced after almost two years and primarily found...

9.3CVSS8.9AI score0.94354EPSS

Exploits47

Kitploit•added 2018/01/14 12:41 p.m.•92 views

DNSExfiltrator - Data exfiltration over DNS request covert channel

DNSExfiltrator allows for transfering exfiltrate a file over a DNS request covert channel. This is basically a data leak testing tool allowing to exfiltrate data over a covert channel. DNSExfiltrator has two sides: 1. The server side , coming as a single python script dnsexfiltrator.py, which act...