Exploit for Improper Encoding or Escaping of Output in F5 Nginx

This is an open-source collection of vulnerable web applications and environments for security testing and education. The repository is maintained by phith0n and is available on GitHub. It contains a variety of vulnerable applications, including web servers, databases, and other systems, to help...

CVE-2021-37705 Improper Authorization and Origin Validation Error in OneFuzz

OneFuzz is an open source self-hosted Fuzzing-As-A-Service platform. Starting with OneFuzz 2.12.0 or greater, an incomplete authorization check allows an authenticated user from any Azure Active Directory tenant to make authorized API calls to a vulnerable OneFuzz instance. To be vulnerable, a...

jwtXploiter - A Tool To Test Security Of Json Web Token

A tool to test security of JSON Web Tokens. Test a JWT against all known CVEs; Tamper with the token payload: changes claims and subclaims values. Exploit known vulnerable header claims kid, jku, x5u Verify a token Retrieve the public key of your target's ssl connection and try to use it in a key...

Reforming the UK’s Computer Misuse Act

The UK Home Office recently ran a Call for Information to investigate the Computer Misuse Act 1990 CMA. The CMA is the UK’s anti-hacking law, and as Rapid7 is active in the UK and highly engaged in public policy efforts to advance security, we provided feedback on the issues we see with the...

Fuzz Off: How to Shake Up Code to Get It Right – Podcast

LAS VEGAS – In 2014, two teams of security researchers independently started fuzz testing OpenSSL. Within days, the advanced black-box software technique led to an exploitable vulnerability in OpenSSL: namely, the Heartbleed vulnerability. What is fuzzing? That’s what the FuzzCon event is all...

marshalsec

This is a Java-based tool for exploiting Java object deserialization vulnerabilities, specifically targeting BlazeDS AMF Action Message Format versions 0, 3, and X. The tool, named "marshalsec," is designed to test and demonstrate the exploitation of these vulnerabilities, which can lead to remot...

Ipa-Medit - Memory Search And Patch Tool For Resigned Ipa Without Jailbreak

Ipa-medit is a memory search and patch tool for resigned ipa without jailbreak. It was created for mobile game security testing. Motivation Memory modification is the easiest way to cheat in games, it is one of the items to be checked in the security test. There are also cheat tools that can be...

Getting Started with Security Testing: A Practical Guide for Startups

A common misconception among startup founders is that cybercriminals won't waste time on them, because they're not big or well known enough yet. But just because you are small doesn't mean you're not in the firing line. The size of a startup does not exempt it from cyber-attacks – that's because...

Security Bulletin: SQL injection from various input fields may affect Datacap Navigator

Summary In Security testing found that SQL injection from various input fields may affect Datacap Navigator. Vulnerability Details CVEID: CVE-2020-4902 DESCRIPTION: IBM Datacap Taskmaster Capture is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which...

Rapid7 Joins Statement On DMCA Lawsuits Against Security Tools

Rapid7 has joined a statement from members of the cybersecurity community cautioning against using Section 1201 of the Digital Millennium Copyright Act DMCA to suppress beneficial security tools. In the past, Rapid7 has written extensively about DMCA Sec. 1201’s impact on performing independent...

What is DevSecOps❓ Defining, How it work, Advantages, Types

DevSecOps, an overall new term in the application security AppSec space, is associated with presenting security before in the thing improvement life cycle SDLC by fostering the nearby coordinated effort among movement and activities packs in the DevOps headway to join security bundles too. It...

Nebula - Cloud C2 Framework, Which At The Moment Offers Reconnaissance, Enumeration, Exploitation, Post Exploitation On AWS

Nebula is a Cloud and hopefully DevOps Penetration Testing framework. It is build with modules for each provider and each functionality. As of April 2021, it only covers AWS, but is currently an ongoing project and hopefully will continue to grow to test GCP, Azure, Kubernetes, Docker, or...

BlueCloud - Cyber Range including Velociraptor + HELK system with a Windows VM for security testing and R&D

Cyber Range deployment of HELK and Velociraptor! Automated terraform deployment of one system running HELK + Velociraptor server with one registered Windows endpoint in Azure or AWS. A collection of Terraform and Ansible scripts that automatically and quickly deploys a small HELK + Velociraptor R...

How purple teams can embrace hacker culture to improve security

The security community is continuously changing, growing, and learning from each other to better position the world against cyber threats. In the latest Voice of the Community blog series post, Microsoft Product Marketing Manager Natalia Godyla talks with Matthew Hickey, co-founder, CEO, and writ...

Rapid7 Named a Visionary in 2021 Gartner Magic Quadrant for Application Security Testing

Rapid7 is excited to share that we have been recognized as a Visionary in the 2021 Gartner Magic Quadrant for Application Security Testing AST We are so excited to share the news that Rapid7 has been recognized as a Visionary in the 2021 Gartner Magic Quadrant for Application Security Testing.Thi...

Creating coefficiency: DevOps, Security, and Compliance

Secure IaC Infrastructure-as-code IaC is a powerful partnership accelerator. As businesses and organizations scale into the cloud to realize its full production-enablement potential, security often struggles to keep up. The ultimate goal on the security horizon is, of course, to prevent risks and...

Pega Infinity patches authentication vulnerability

Security researchers came across a Pega Infinity vulnerability through participation in Apple’s bug bounty program, after focusing on vendors that supplied technology to Apple. By using Burp Suite—an integrated platform for performing security testing of web applications—the security researchers...

4 things you should know about testing AV software with VirusTotal’s free online multiscanner

As COVID-19 soldiers on, small and medium-size businesses now feel as ripe for malware attacks as deep-pocketed multinationals. SMBs see that, along with remote work, our pandemic has also brought troubling new holes to their security. This means cybercriminals—equal opportunity charlatans that...

BSA-2021-1487

Security Advisory ID : BSA-2021-1487 Component : Libarchive Revision : 1.0 libarchive 3.3.2 suffers from an out-of-bounds read within lhareaddatanone in archivereadsupportformatlha.c when extracting a specially crafted lha archive, related to lhacrc16. Affected Products Brocade SANnav versions...

BSA-2020-1166

Security Advisory ID : BSA-2020-1166 Component : OpenSSL Revision : 1.0 The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERALNAMEcmp which compares different instances of a...