Offensive Security Testing Using Cloud Tools

When performing offensive security testing, assessors sometimes run into issues where their source IP address gets blacklisted. For example, we might be performing a web application test and, due to the many suspicious queries being performed, our IP address is suddenly blocked. While on the...

vulhub

It is an offensive tool for web application security training. The repository contains a collection of pre-built vulnerable docker environments, allowing users to practice web application security testing without requiring prior knowledge of docker. The tool is designed to be easy to use, with a...

Exploit for CVE-2020-1938

Ghostcat exp for CNVD-2020-10487CVE-2020-1938 tomcat ajp协议任意属性设置导致的文件读取和文件执行。 漏洞分析 代码仅供安全测试，请勿用于非法用途,造成的后果使用者负责与本人无关！！！ python3 ajpShooter.py -h /\ / \ | | | //\ | | ' \ \ | ' \ / \ / | / \ '| / | | | | \ \ | | | | | || / | / // | ./ /| ||/ / \|| |/|| 00theway,just for test usage:...

WordPress Email Subscribers & Newsletters 4.2.2 Plugin - (hash) SQL Injection (Unauthenticated)

Exploit for php platform in category web applications Exploit Title: WordPress Plugin Email Subscribers & Newsletters 4.2.2 - 'hash' SQL Injection Unauthenticated Google Dork: "Stable tag" inurl:wp-content/plugins/email-subscribers/readme.txt Exploit Author: email protectedESEC Vendor Homepage:...

vulhub

This is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for testing and training purposes. The primary CVE ID is not specified, but it includes various vulnerable environments based on Docker-Compose. The target product/service or framework is not...

Unspecified Vulnerability in HCL AppScan Enterprise advisory API

HCL AppScan Enterprise is a suite of dynamic analysis and testing tools from HCL India, which is primarily used for web security testing. A security vulnerability exists in the Advisory API documentation in HCL AppScan Enterprise 10.0.0 and earlier versions. The vulnerability can be exploited by ...

HCL AppScan Cross-Site Scripting Vulnerability

HCL AppScan is a suite of dynamic analysis testing tools from HCL India, which is primarily used for web security testing. A cross-site scripting vulnerability exists in HCL AppScan Enterprise Edition version 10.0.0 and earlier. The vulnerability stems from the lack of proper validation of...

Add Ergonomic Security to Your CI/CD Pipeline

Wikipedia defines ergonomics as “the application of psychological and physiological principles to the engineering and design of products, processes, and systems. The goal … is to reduce human error, increase productivity, and enhance safety and comfort with a specific focus on the interaction...

InQL - A Burp Extension For GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. InQL Stand-Alone CLI Running inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata...

PRET

The repository michaelxiaxc/PRET is a Printer Exploitation Toolkit that allows users to test the security of their printers. The tool connects to a device via network or USB and exploits the features of a given printer language, currently supporting PostScript, PJL, and PCL. The main idea of PRET...

Jaeles v0.9 - The Swiss Army Knife For Automated Web Application Testing

Jaeles is a powerful, flexible and easily extensible framework written in Go for building your own Web Application Scanner. Installation Download precompiled version here. If you have a Go environment, make sure you have Go = 1.13 with Go Modules enable and run the following command. GO111MODULE=...

vulhub

This repository is an open-source collection of vulnerable web applications and environments for security testing and education, maintained by vulhub. It is a defensive blue-team research and threat mitigation tool. The repository contains a variety of vulnerable web applications and environments...

Cloud Lookup (and Bypass)

This module can be useful if you need to test the security of your server and your website behind a solution Cloud based. By discovering the origin IP address of the targeted host. More precisely, this module uses multiple data sources in order ViewDNS.info, DNS enumeration and Censys to collect...

S3Reverse - The Format Of Various S3 Buckets Is Convert In One Format

The format of various s3 buckets is convert in one format. for bugbounty and security testing. Install $ go get -u github.com/hahwul/s3reverse Usage Input options Basic Usage 8""""8 eeee 8"""8 8"""" 88 8 8"""" 8"""8 8""""8 8"""" 8 8 8 8 8 88 8 8 8 8 8 8 8eeeee 8 8eee8e 8eeee 88 e8 8eeee 8eee8e...

Lollipopz - Data Exfiltration Utility For Testing Detection Capabilities

Data exfiltration utility used for testing detection capabilities of security products. Obviously for legal purposes only. Exfiltration How-To /etc/shadow - HTTP GET requests Server ./lollipopz-cli.py -m lollipopz.methods.http.paramcipher.GETServer -lp 80 -o output.log Client $ ./lollipopz-cli.py...

Unspecified Vulnerability in HCL Technologies AppScan Standard Edition

HCL Technologies AppScan Standard Edition is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. HCL Technologies AppScan Standard Edition suffers from an unspecified vulnerability that stems from an incorrect account lockout...

HCL Technologies AppScan Standard Edition XXE Vulnerability

HCL Technologies AppScan Standard Edition is a suite of dynamic analysis testing tools from HCL Technologies, India, which is primarily used for web security testing. HCL Technologies AppScan Standard Edition suffers from an XXE vulnerability. An attacker can exploit this vulnerability to disclos...

vulhub

This repository is an open-source collection of pre-built vulnerable docker environments. It is an offensive tool for web application security testing. The primary vulnerability class/vector targeted by this repository is Server-Side Template Injection SSTI, specifically in Flask applications. Th...

XSS-LOADER - XSS Payload Generator / XSS Scanner / XSS Dork Finder

All in one tools for XSS PAYLOAD GENERATOR -XSS SCANNER-XSS DORK FINDER Written by Hulya Karabag Instagram: Hulya Karabag Screenshots !https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiYc0ykLdiofQcYKiTnhngvBcuOZsgiRAE-IGKdEx2Bi5o8Ca2ymOKEzKKa528oN9OuQRTbNhfk9CwWasvo5bW9b-GPwWiqjWP4g8R...

CMSmap

It is an offensive tool for web application security testing. The primary CVE ID is not present in the provided context, but the tool is designed to automate the process of detecting security flaws in popular Content Management Systems CMSs such as WordPress, Joomla, Drupal, and Moodle. The tool,...