415 matches found
Mondoo - Cloud-Native Security And Vulnerability Risk Management
Quick Start Install mondoo: Workstation export MONDOOREGISTRATIONTOKEN='changeme' curl -sSL http://mondoo.io/download.sh | bash Service export MONDOOREGISTRATIONTOKEN='changeme' curl -sSL http://mondoo.io/install.sh | bash For other installation methods, have a look at our documentation. Run a...
Trying DetectionLab
Many security professionals run personal labs. Trying to create an environment that includes fairly modern Windows systems can be a challenge. In the age of "infrastructure as code," there should be a simpler way to deploy systems in a repeatable, virtualized way -- right? Enter DetectionLab, a...
Malboxes - Builds Malware Analysis Windows VMs So That You Don'T Have To
Builds malware analysis Windows virtual machines so that you don’t have to. Requirements Python 3.3+ packer: https://www.packer.io/docs/install/index.html vagrant: https://www.vagrantup.com/downloads.html VirtualBox or an vSphere / ESXi server Minimum specs for the build machine At least 5 GB of...
Packabit project: building Nmap deb packages for Ubuntu
During the long New Year holidays 30 dec - 8 jan I started a new project: Vagrant-based Linux package builder called Packabit. I thought it might be nice to have scripts that will automatically build a Linux packages from sources and will NOT litter main system with unnecessary packages. Somethin...
Deploying VirtualBox virtual machines with Vagrant
I often use virtual machines for various tasks: from building software packages to testing software products or PoCs for vulnerabilities. Creating a virtual machine in Oracle VirtualBox is a time-consuming and annoying process: set parameters of VM, attach iso, make dozens of clicks in OS...
Web Testing Framework Samurai
The Samurai Web Testing Framework is a virtual machine, supported on VirtualBox and VMWare, that has been pre-configured to function as a web pen-testing environment. The VM contains the best of the open source and free tools that focus on testing and attacking websites. In developing this...
DARKSURGEON - A Windows Packer Project To Empower Incident Response, Digital Forensics, Malware Analysis, And Network Defense
DARKSURGEON is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. DARKSURGEON has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...
Windows Packer Project for Defenders: DARKSURGEON
Darksurgeon is a Windows packer project to empower incident response, digital forensics, malware analysis, and network defense. Darksurgeon has three stated goals: Accelerate incident response, digital forensics, malware analysis, and network defense with a preconfigured Windows 10 environment...
Metta - An Information Security Preparedness Tool To Do Adversarial Simulation
Metta is an information security preparedness tool. This project uses Redis/Celery, python, and vagrant with virtualbox to do adversarial simulation. This allows you to test mostly your host based instrumentation but may also allow you to test any network based detection and controls depending on...
Hashicorp vagrant-vmware-fusion local elevation of privilege vulnerability
Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. vagrant update is one of the update processes. A security vulnerability exists in the vagrant update process in Hashicorp vagrant-vmware-fusion...
Hashicorp vagrant-vmware-fusion elevation of privilege vulnerability
Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. A security vulnerability exists in Hashicorp vagrant-vmware-fusion versions 4.0.25 through 5.0.4. An attacker can exploit the vulnerability to...
Hashicorp vagrant-vmware-fusion local elevation of privilege vulnerability (CNVD-2018-09642)
Hashicorp vagrant-vmware-fusion is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. A security vulnerability exists in Hashicorp vagrant-vmware-fusion version 5.0.4. A local attacker could exploit the vulnerability to gain root...
CVE-2017-16839
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed...
Design/Logic Flaw
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...
CVE-2017-16512
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...
CVE-2017-16512
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available...
CVE-2017-16873
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges...
CVE-2017-16873
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges...
Denial of service
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed...
CVE-2017-16839
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed...