Lucene search
K

685 matches found

Kitploit
Kitploit
added 2021/01/14 11:30 a.m.60 views

K55 - Linux X86_64 Process Injection Utility | Manipulate Processes With Customized Payloads

pronounced: "kay fifty-five" The K55 payload injection tool is used for injecting x8664 shellcode payloads into running processes. The utility was developed using modern C++11 techniques as well as some traditional C linux functions like ptrace. The shellcode spawned in the target process is 27...

7.7AI score
Exploits0References1
Hacker One
Hacker One
added 2021/01/10 8:50 a.m.5 views

Acronis: Local Privilege Escalation when updating Acronis True Image

Vulnerability description not provided...

7.1AI score
Exploits0
GithubExploit
GithubExploit
added 2021/01/09 7:11 a.m.51 views

Exploit for Path Traversal in Lanproxy_Project Lanproxy

Usage & Disclaimer lanproxy: Directory Traversal Vulnerabi...

7.5CVSS7.1AI score0.18982EPSS
Exploits5
Imperva Blog
Imperva Blog
added 2021/01/07 2:18 p.m.29 views

Prepare for more sophisticated security threats in 2021

As computing becomes more distributed to achieve greater optimization and efficiency, the threats posed by cyberattackers are destined to become increasingly more sophisticated. Here are some steps organizations should take in 2021 to mitigate such sophisticated security threats. Start with...

7AI score
Exploits0
GithubExploit
GithubExploit
added 2021/01/05 1:42 p.m.81 views

Exploit for Missing Authentication for Critical Function in Solarwinds Orion_Platform

Usage & Disclaimer This script is a batch detection script f...

9.8CVSS8AI score0.9198EPSS
Exploits3
Gitee
Gitee
added 2020/12/11 1:50 p.m.5 views

vulhub

It is an offensive tool for Docker environments. The repository contains a collection of vulnerable Docker environments, including CouchDB, FFmpeg, Git, InfluxDB, and Oracle Java. The environments are designed to be used for testing and training purposes, allowing users to practice exploiting...

6.9AI score
Exploits0
Gitee
Gitee
added 2020/11/26 10:12 a.m.5 views

vulhub

It is an offensive tool for web application security testing. The repository contains a collection of pre-built vulnerable docker environments, allowing users to test web application security without requiring prior knowledge of docker. The tool is designed to be easy to use, with a simple...

8AI score
Exploits0
Gitee
Gitee
added 2020/11/26 12:56 a.m.3 views

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary CVE ID present in the context is not explicitly stated, but the repository contains various vulnerable environments, including ones...

7.3AI score
Exploits0
HackRead
HackRead
added 2020/11/18 5:29 p.m.26 views

How to Optimize Your App Settings for Privacy

By Uzair Amir In order to protect users' privacy, developers must keep their apps' security in mind and put their apps through regression testing. This is a post from HackRead.com Read the original post: How to Optimize Your App Settings for Privacy...

3.1AI score
Exploits0
GithubExploit
GithubExploit
added 2020/11/17 7:20 a.m.96 views

Exploit for Path Traversal in Citrix Xenmobile_Server

Usage & Disclaimer This script is a batch detection tool for...

7.5CVSS7.3AI score0.48656EPSS
Exploits3
Hacker One
Hacker One
added 2020/11/14 5:39 p.m.186 views

Informatica: Blind SQL injection at tsftp.informatica.com

The parameter refreshtoken sent to the REST path /api/v1/token is vulnerable to blind SQL injection. Compare the response time of these 2 requests: $ time curl -X POST "https://tsftp.informatica.com/api/v1/token" -H "accept: application/json" -H "Content-Type: application/x-www-form-urlencoded" -...

0.4AI score
Exploits0
Gitee
Gitee
added 2020/11/05 4:41 p.m.4 views

SpringBootVulExploit

This repository contains a collection of Spring Boot vulnerability exploit checklists, which are used for authorized testing and security research purposes. The repository includes various exploits and techniques for exploiting Spring Boot applications, including: 1. Spring Boot Vulnerability...

7.2AI score
Exploits0
Kitploit
Kitploit
added 2020/10/31 8:30 p.m.55 views

APICheck - The DevSecOps Toolset For REST APIs

APICheck is a complete toolset designed and created for testing REST APIs. Why APICheck APICheck focuses not only in the security testing and hacking use cases. The goal of the project is to become a complete toolset for DevSecOps cycles. The tools are aimed to diverse users profiles: Developers...

7.3AI score
Exploits0References2
CNVD
CNVD
added 2020/10/21 12:0 a.m.8 views

Unspecified Vulnerability in HCL AppScan (CNVD-2021-13713)

HCL AppScan is a suite of dynamic analysis testing tools from HCL India. The tool is mainly used for web security testing. A security vulnerability exists in HCL AppScan Enterprise that stems from the use of broken or risky encryption algorithms to store REST API user details. No detailed...

5.3CVSS6.8AI score0.00542EPSS
Exploits0References1
CNVD
CNVD
added 2020/10/21 12:0 a.m.6 views

Unspecified Vulnerability in HCL AppScan

HCL AppScan is a suite of dynamic analysis testing tools from HCL India. The tool is mainly used for web security testing. A security vulnerability exists in HCL AppScan Enterprise, which stems from the lack of HTTP Strict-Transport-Security header in the Management section of the Enterprise...

7.5CVSS6.9AI score0.01071EPSS
Exploits0References1
Gitee
Gitee
added 2020/10/20 9:3 p.m.4 views

vulhub1

It is an offensive tool for web application exploitation. The primary vulnerability targeted is a Server-Side Template Injection SSTI in Flask, as evidenced by the presence of the flask/ssti directory. The tool is likely designed to exploit this vulnerability, allowing an attacker to inject...

7.4AI score
Exploits0
Gitee
Gitee
added 2020/10/04 9:56 p.m.6 views

Exploit for Deserialization of Untrusted Data in Redhat Jboss_Enterprise_Application_Platform

This is a PoC exploit for CVE-2017-12149, a remote code execution vulnerability in JBoss. The exploit is written in Python and uses the requests library to send a crafted request to the target JBoss server. The exploit payload is encoded in hexadecimal and is injected into the request as a crafte...

9.8CVSS8.1AI score0.90713EPSS
Exploits14
Gitee
Gitee
added 2020/10/01 2:55 p.m.3 views

Exploit for Exposure of Sensitive Information to an Unauthorized Actor in Gitlab

It is an open-source collection of pre-built vulnerable docker environments. The repository contains various vulnerable environments, each with its own set of vulnerabilities, allowing users to test and learn about different types of attacks. The environments are built using Docker and Docker...

9.8CVSS7AI score0.99686EPSS
Exploits45
GithubExploit
GithubExploit
added 2020/09/30 7:45 a.m.175 views

Exploit for CVE-2020-1472

ZeroLogon testing script A Python script that uses the Impack...

10CVSS8.3AI score0.99512EPSS
Exploits75
Hacker One
Hacker One
added 2020/09/18 12:53 p.m.102 views

Stripo Inc: weak password poilicy in signup password leak to account takeover

Summary: add summary of the vulnerability i create account with weak password Steps To Reproduce: add details for how we can reproduce the issue 1.i create account with weak password qwerty123 2- account create done without validation 3- it should have protected users from attack and have policy...

0.5AI score
Exploits0
Rows per page
Query Builder