268 matches found
XSS Payload Management Framework: Sleepy Puppy
Sleepy Puppy is a cross-site scripting XSS payload management framework which simplifies the ability to capture, manage, and track XSS propagation over long periods of time. Why Should I use Sleepy Puppy? Often when testing for client side injections HTML/JS/etc. security engineers are looking fo...
WAIDPS - Wireless Auditing, Intrusion Detection & Prevention System
WAIDPS is an open source wireless swissknife written in Python and work on Linux environment. This is a multipurpose tools designed for audit penetration testing networks, detect wireless intrusion WEP/WPA/WPS attacks and also intrusion prevention stopping station from associating to access point...
Exploit for Out-of-bounds Read in Openssl
Heartbleed PoC =========== A sample example of the Heartbleed...
Dshell – Network Forensic Analysis Framework
Dshell An extensible network forensic analysis framework. Enables rapid development of plugins to support the dissection of network packet captures. Key features: Robust stream reassembly IPv4 and IPv6 support Custom output handlers Chainable decoders Prerequisites Linux developed on Ubuntu 12.04...
firefox security and bug fix update
31.4.0-1.0.1 - Add firefox-oracle-default-prefs.js and firefox-oracle-default-bookmarks.html and remove the corresponding Red Hat files 31.4.0-1 - Update to 31.4.0 ESR 31.3.0-9 - Fixed problems with dictionaries mozbz1097550 - Fixed rhbz1164855 - firefox.desktop is missing x-scheme-handler MimeTy...
OpenGraphiti: Data Visualization Engine
OpenGraphiti is a free and open source 3D data visualization engine for data scientists to visualize semantic networks and to work with them. It offers an easy-to-use API with several associated libraries to create custom-made datasets. It leverages the power of GPUs to process and explore the da...
Microsoft-Office-2007-and-2010---OLE-Arbitrary-Command-Execution
CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web - http://www.aslitsecurity.com/ Blog - http://www.aslitsecurity.blogspot.com/ Tested on win7 - office 2007 and 2010...
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - (.wax) Buffer Overflow/DoS EIP Overwrite
No description provided by source. EDB Note: DoS - b0f isn't working. Title : Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 .wax Buffer Overflow Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Date : 28.10.2014 Python : V 2.7 Thks :...
MS Office 2007 and 2010 - OLE Arbitrary Command Execution
No description provided by source. Full exploit: http://www.exploit-db.com/sploits/35216.rar CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web -...
Microsoft Office 2007/2010 - OLE Arbitrary Command Execution
Full exploit: https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/35216.rar CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking Trainings - http://training.aslitsecurity.com Web -...
Microsoft Office 20072010 - OLE Arbitrary Command Execution
Microsoft Office 20072010 - OLE Arbitrary Command Execution Full exploit: https://github.com/offensive-security/exploitdb-bin-sploits/raw/master/bin-sploits/35216.rar CVE-2014-6352 OLE Remote Code Execution Author Abhishek Lyall - abhilyallatgmaildotcom, infoataslitsecuritydotcom Advanced Hacking...
MS Office 2007 and 2010 - OLE Arbitrary Command Execution Exploit
Microsoft Office 2007 and 2010 OLE arbitrary command execution exploit. This exploit will not give a UAC warning. No .inf file is required in this exploit. The size of the executable payload should be less than 400kb. Python 2.7 is required. Full exploit: http://www.exploit-db.com/sploits/35216.r...
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 - '.wax' File Buffer Overflow (Denial of Service) (PoC) EIP Overwrite
EDB Note: DoS - b0f isn't working. Title : Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 .wax Buffer Overflow Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Date : 28.10.2014 Python : V 2.7 Thks : exploit-db.com, packetstormsecurity.com,...
Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 (.wax) Buffer Overflow
Title : Mini-stream RM-MP3 Converter 3.1.2.1.2010.03.30 .wax Buffer Overflow Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Date : 28.10.2014 Python : V 2.7 Thks : exploit-db.com, packetstormsecurity.com, securityfocus.com, sebug.net and others m...
Python Integer Overflow Vulnerability 01 (Oct 2014) - Mac OS X
Python is prone to an integer overflow vulnerability. SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:python:python"; ifdescripti...
Onlineon E-Ticaret - Database Disclosure
Onlineon E-Ticaret - Database Disclosure !/usr/bin/env python -- coding:cp1254 -- Title : Onlineon E-Ticaret Database Disclosure Exploit .py dork : inurl:"default.asp?git=sepet" Author : ZoRLu / [email protected] / [email protected] Home : http://milw00rm.com / its online Download :...
CVE-2014-4616
Array index error in the scanstring function in the json module in Python 2.7 through 3.5 and simplejson before 2.6.1 allows context-dependent attackers to read arbitrary process memory via a negative index value in the idx argument to the rawdecode function...
CVE-2013-7040
Python 2.7 before 3.4 only uses the last eight bits of the prefix to randomize hash values, which causes it to compute hash values without restricting the ability to trigger hash collisions predictably and makes it easier for context-dependent attackers to cause a denial of service CPU consumptio...
USN-1983-1: Python 2.7 vulnerabilities
Florian Weimer discovered that Python incorrectly handled matching multiple wildcards in ssl certificate hostnames. An attacker could exploit this to cause Python to consume resources, resulting in a denial of service. This issue only affected Ubuntu 13.04. CVE-2013-2099 Ryan Sleevi discovered th...
[ollydbg-binary-execution-visualizer] New Tool for Visualizing Binaries With Ollydbg and Graphvis
Sometimes crackme’s or something you might be reversing will constantly bug you due to the excessive usage of f7 & f8. It will be quiet neat if you can see how the application is executing visually and set your break points accordingly. Requirements: o Ollyscript plugin o Bunch of your favorite...