Lucene search
K

812 matches found

ThreatPost
ThreatPost
added 2018/04/17 12:57 p.m.17 views

Automated Bots Growing Tool For Hackers

SAN FRANCISCO – The use of automated bots is becoming more prevalent for novice attackers as tools become more available, researchers found. A honeypot experiment, detailed by Cybereason at this year’s RSA Conference, showed the commoditization of using bots to perform low-level tasks. The honeyp...

0.8AI score
Exploits0
ThreatPost
ThreatPost
added 2018/03/27 3:7 p.m.7 views

GoScanSSH Malware Targets SSH Servers, But Avoids Military and .GOV Systems

Researchers have identified a new malware family, dubbed GoScanSSH, that targets public facing SSH servers, but avoids those linked to government and military IP addresses. The malware has been in the wild since June 2017 and exhibits a number of unique characteristics, such as being written in t...

1.2AI score
Exploits0References1
Prion
Prion
added 2018/03/27 9:29 a.m.21 views

Design/Logic Flaw

A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information to conduct additional reconnaissance attac...

5CVSS7.3AI score0.0091EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2018/03/27 9:0 a.m.12 views

CVE-2017-12310

A vulnerability in the auto discovery phase of Cisco Spark Hybrid Calendar Service could allow an unauthenticated, remote attacker to view sensitive information in the unencrypted headers of an HTTP method request. The attacker could use this information to conduct additional reconnaissance attac...

6.5AI score0.0091EPSS
Exploits0References1
Kitploit
Kitploit
added 2018/03/13 6:53 p.m.39 views

SpiderFoot 2.12 - Automates OSINT to find out everything possible about your target

SpiderFoot is a reconnaissance tool that automatically queries over 100 public data sources OSINT to gather intelligence on IP addresses, domain names, e-mail addresses, names and more. You simply specify the target you want to investigate, pick which modules to enable and then SpiderFoot will...

7AI score
Exploits0
Kitploit
Kitploit
added 2018/02/24 9:12 p.m.129 views

meg+ - Automated Reconnaissance Wrapper

This wrapper will automate numerous tasks and help you during your reconnaissance process. The script finds common issues, low hanging fruit, and assists you when approaching a target. meg+ also allows you to scan all your in-scope targets on HackerOne in one go — it simply retrieves them using a...

7.3AI score
Exploits0References5
Imperva Blog
Imperva Blog
added 2018/02/20 4:40 p.m.49 views

New Research: Crypto-mining Drives Almost 90% of All Remote Code Execution Attacks

It’s early in 2018 and we have already witnessed one of the top contenders in this year’s web application attacks. Continuing the trend from the last months of 2017, crypto-mining malware is quickly becoming attackers’ favorite modus operandi. In December 2017, 88 percent of all remote code...

8.1AI score
Exploits0
Kitploit
Kitploit
added 2018/02/11 1:12 p.m.30 views

ID-entify - Search for information related to a domain (Emails, Domains, Information on WEB technology, Type of Firewall, NS and MX records)

ID-entify is a tool that allows you to search for information in the passive way related to a domain. Developed By Carlos Ramírez López. SEARCH FOR INFORMATION RELATED TO A DOMAIN: Emails IP addresses Domains Information on WEB technology Type of Firewall NS and MX records Nmap to IP addresses an...

7AI score
Exploits0References1
NVD
NVD
added 2018/01/18 6:29 a.m.18 views

CVE-2018-0089

A vulnerability in the Policy and Charging Rules Function PCRF of the Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker would also have to have access ...

7.5CVSS7.4AI score0.0103EPSS
Exploits0References2
OSV
OSV
added 2018/01/18 6:29 a.m.3 views

CVE-2018-0089

A vulnerability in the Policy and Charging Rules Function PCRF of the Cisco Policy Suite CPS could allow an unauthenticated, remote attacker to access sensitive data. The attacker could use this information to conduct additional reconnaissance attacks. The attacker would also have to have access ...

7.5CVSS5.9AI score0.0103EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2018/01/18 6:29 a.m.2 views

CVE-2018-0111

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw i...

5.3CVSS5.8AI score0.01723EPSS
Exploits0References4
ATTACKERKB
ATTACKERKB
added 2018/01/18 6:29 a.m.1 views

CVE-2018-0109

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw i...

4CVSS5.8AI score0.01218EPSS
Exploits0References4
Cvelist
Cvelist
added 2018/01/18 6:0 a.m.20 views

CVE-2018-0108

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to collect customer files via an out-of-band XML External Entity XXE injection. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The...

5.8AI score0.01834EPSS
Exploits0References3
Cisco
Cisco
added 2018/01/17 4:0 p.m.42 views

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to obtain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw i...

5CVSS1.3AI score0.01218EPSS
Exploits0References1
Cisco
Cisco
added 2018/01/17 4:0 p.m.42 views

Cisco WebEx Meetings Server Information Disclosure Vulnerability

A vulnerability in Cisco WebEx Meetings Server could allow an unauthenticated, remote attacker to access sensitive data about the application. An attacker could exploit this vulnerability to gain information to conduct additional reconnaissance attacks. The vulnerability is due to a design flaw i...

5.3CVSS0.9AI score0.01723EPSS
Exploits0References1
Kitploit
Kitploit
added 2018/01/16 9:30 p.m.13 views

GTScan - The Nmap Scanner for Telco

The Nmap Scanner for Telco. With the current focus on telecom security, there used tools in day to day IT side penetration testing should be extended to telecom as well. From here came the motivation for an nmap-like scanner but for telco The current security interconnect security controls might...

6.9AI score
Exploits0References1
0day.today
0day.today
added 2018/01/15 12:0 a.m.69 views

Adminer v4.3.1 Server Side Request Forgery Exploit

Exploit for multiple platform in category web applications + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: apparition security Vendor: ==============...

7.1AI score
Exploits0
exploitpack
exploitpack
added 2018/01/15 12:0 a.m.42 views

Adminer 4.3.1 - Server-Side Request Forgery

Adminer 4.3.1 - Server-Side Request Forgery + Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: apparition security Vendor: ============== www.adminer.org Product...

0.6AI score
Exploits0
Exploit DB
Exploit DB
added 2018/01/15 12:0 a.m.60 views

Adminer 4.3.1 - Server-Side Request Forgery

Credits: John Page aka hyp3rlinx + Website: hyp3rlinx.altervista.org + Source: http://hyp3rlinx.altervista.org/advisories/ADMINER-UNAUTHENTICATED-SERVER-SIDE-REQUEST-FORGERY.txt + ISR: apparition security Vendor: ============== www.adminer.org Product: ================ Adminer = v4.3.1 Adminer...

7.4AI score
Exploits0
Kitploit
Kitploit
added 2018/01/11 1:7 p.m.51 views

Recon-ng - Full-Featured Web Reconnaissance Framework

Recon-ng is a full-featured Web Reconnaissance framework written in Python. Complete with independent modules, database interaction, built in convenience functions, interactive help, and command completion, Recon-ng provides a powerful environment in which open source web-based reconnaissance can...

7.5AI score
Exploits0References3
Rows per page
Query Builder