CVE-2019-0007

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

Design/Logic Flaw

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

CVE-2019-0007

CVE-2019-0007 affects Juniper Networks Junos OS on the vMX Series, with affected releases: 15.1 versions prior to 15.1F5. The root cause is a predictable IP ID sequence number used by the device, enabling a family of attacks that rely on that predictability to compromise the system and clients pa...

CVE-2019-0007 Junos OS: vMX series: Predictable IP ID sequence numbers vulnerability

The vMX Series software uses a predictable IP ID Sequence Number. This leaves the system as well as clients connecting through the device susceptible to a family of attacks which rely on the use of predictable IP ID sequence numbers as their base method of attack. This issue was found during...

SiteBroker - A Cross-Platform Python Based Utility For Information Gathering And Penetration Testing Automation!

A cross-platform python based utility for information gathering and penetration automation! Output Sitebroker's Full Output Requirements Python 2.7. Python pip Python module requests Python module colorama Python module dnspython Python module lxml Python module bs4 Install modules pip install -r...

FAST or Burp or both?

By @aLLy , Wallarm Research Hello guys, time to talk details about Wallarm FAST Framework for Application Security Testing. It’s a new automatic web vulnerability scanning and fuzzing detection tool by Wallarm Inc. It is well suited for security researchers in enterprise Red Teams as well as for...

More on Threat Hunting

Earlier this week hellor00t asked via Twitter: Where would you place your security researchers/hunt team? I replied: For me, "hunt" is just a form of detection. I don't see the need to build a "hunt" team. IR teams detect intruders using two major modes: matching and hunting. Junior people spend...

Pacu - The AWS Exploitation Framework, Designed For Testing The Security Of Amazon Web Services Environments

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

vulhub

It is an offensive tool for Web Application. The repository contains a collection of pre-built vulnerable docker environments, including a web application vulnerable to various attacks. The tool is designed to help developers and security researchers test and demonstrate the effectiveness of web...

The AWS Exploitation Framework: Pacu

Pacu is an open source AWS exploitation framework, designed for offensive security testing against cloud environments. Created and maintained by Rhino Security Labs, Pacu allows penetration testers to exploit configuration flaws within an AWS account, using modules to easily expand its...

Jelastic 5.4 - host SQL Injection

Jelastic 5.4 - host SQL Injection Exploit Title: Jelastic 5.4 - 'host' SQL injection Google Dork: N/A Date: date Exploit Author: Procode701 Vendor Homepage: https://jelastic.com/ Software Link: https://jelastic.com/ Version: 5.4 Tested on: Kali Linux CVE : N/A POC: The application...

Here Comes Wallarm

Today we are happy to announce the closing of $8 Million Series A financing. After talking with many venture firms in California, we decided to partner up with Toba Capital, a firm with an excellent understanding of the enterprise market and previous successful investments in security, such as...

WPScan v3.3.1 - Black Box WordPress Vulnerability Scanner

WPScan is a free, for non-commercial use, black box WordPress vulnerability scanner written for security professionals and blog maintainers to test the security of their sites. INSTALL Prerequisites: Ruby = 2.2.2 - Recommended: 2.3.3 Curl = 7.21 - Recommended: latest - FYI the 7.29 has a segfault...

Pumping the Brakes on Artificial Intelligence

While the push-pull between defenders and attackers using artificial intelligence continues, there’s another security dimension to machine intelligence that should be of concern. Just as the rise of IoT devices has created an inadvertent new threat surface ripe for introducing vulnerabilities, so...

H2 Database 1.4.196 - Remote Code Execution

Exploit Title: H2 Database 1.4.196 - Remote Code Execution Google Dork: N/A Date: 2018-09-24 Exploit Author: h4ckNinja Vendor Homepage: https://www.h2database.com/ Software Link: http://www.h2database.com/h2-2018-03-18.zip Version: 1.4.196 and 1.4.197 Tested on: macOS/Linux CVE: N/A This takes...

BOHEMIA INTERACTIVE a.s.: Clickjacking at ylands.com

Hi team, While performing security testing of your website i have found the vulnerability called Clickjacking. Many URLS are in scope and vulnerable to Clickjacking. What is Clickjacking ? Clickjacking User Interface redress attack, UI redress attack, UI redressing is a malicious technique of...

Exploit for CVE-2018-11776

struts-pwn - CVE-2018-11776 Exploit ============ An explo...

Introducing a Burp Extension for Integration with Qualys Web Application Scanning

Qualys offers a wide array of security and compliance solutions for your organization. All capabilities are delivered from Qualys Cloud Platform. Visit Qualys Cloud Platform Apps to learn more. But let's narrow the discussion to web application security. To have a complete webappsec program, it's...

GoldenEye v1.2.0 - Layer 7 (KeepAlive+NoCache) DoS Test Tool

GoldenEye is an python app for SECURITY TESTING PURPOSES ONLY! GoldenEye is a HTTP DoS Test Tool. Attack Vector exploited: HTTP Keep Alive + NoCache Usage USAGE: ./goldeneye.py OPTIONS OPTIONS: Flag Description Default -u, --useragents File with user-agents to use default: randomly generated -w,...

Cr3dOv3r v0.4 - Know The Dangers Of Credential Reuse Attacks

Your best friend in credential reuse attacks. You give Cr3dOv3r an email then it does two simple useful jobs with it: Search for public leaks for the email and returns the result with the most useful details about the leak Using haveibeenpwned API and tries to get the plain text passwords from...