It’s Not the Trump Sex Tape, It’s a RAT

As outgoing President Donald Trump continues to dominate headlines, cybercriminals have decided to horn in on the much-gossiped-about — and yet to materialize — Trump sex tape as a lure for malware delivery. A campaign has been uncovered that labels a malware downloader with the filename...

h1-ctf: Hackyholidays [ h1-ctf] writeup [mission:- stop the grinch ]

Hello Team Description In the continuous series of 12 days, twelve flags were hidden inside Hackyholidays site - hackyholidays.h1ctf.com in which once we get all the flags, grinch can be stopped. This write-up will describe solving all the 12 days challenges. Step To Reproduce + It all started wh...

Apache Shiro v1.2.4 Cookie RememberME Deserial RCE

This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Apache Shiro v1.2.4. Note that other versions of Apache Shiro may also be exploitable if the encryption key used by Shiro to encrypt rememberMe cookies is known. This module requires Metasploit:...

SpotAuditor 3.6.7 Denial Of Service

Exploit Title: SpotAuditor v3.6.7 - Denial of Service PoC Discovery by: Rafael Pedrero Discovery Date: 2019-01-30 Vendor Homepage: http://www.nsauditor.com/order.html Software Link : http://www.nsauditor.com/order.html Tested Version: v3.6.7 Tested on: Windows XP SP3 Vulnerability Type: Denial of...

Careem - Car Booking App - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Careem - Car Booking App published at the 'play' market has multiple vulnerabilities...

Python Keylogger: Radium

Python Keylogger With Multiple Features Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Keyloggi...

Cameras Estonia - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Cameras Estonia published at the 'play' market has multiple vulnerabilities...

Kids Cute Dogs Jigsaw Puzzles - Base64 encoded String, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Kids Cute Dogs Jigsaw Puzzles published at the 'play' market has multiple vulnerabilities...

Coloring pages: Model dress up - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Coloring pages: Model dress up published at the 'play' market has multiple vulnerabilities...

Kids Animal Scratch & Color - Base64 encoded String, Customized SSL, Exported ContentProvider vulnerabilities

HackApp vulnerability scanner discovered that application Kids Animal Scratch & Color published at the 'play' market has multiple vulnerabilities...

Animal match for kids toddlers - Base64 encoded String, Exported ContentProvider, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Animal match for kids toddlers published at the 'play' market has multiple vulnerabilities...

12 Labours of Hercules - Base64 encoded String, Customized SSL vulnerabilities

HackApp vulnerability scanner discovered that application 12 Labours of Hercules published at the 'play' market has multiple vulnerabilities...

Clash of Battleships - Deutsch - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Clash of Battleships - Deutsch published at the 'play' market has multiple vulnerabilities...

Big Win NHL Hockey - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Big Win NHL Hockey published at the 'play' market has multiple vulnerabilities...

DogHotel Lite - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application DogHotel Lite published at the 'play' market has multiple vulnerabilities...

Crusaders Quest - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Crusaders Quest published at the 'play' market has multiple vulnerabilities...

Monster Truck Destruction™ - Base64 encoded String, Dangerous filesystem permissions, WebView code execution vulnerabilities

HackApp vulnerability scanner discovered that application Monster Truck Destruction™ published at the 'play' market has multiple vulnerabilities...

Roulette for Tango - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Roulette for Tango published at the 'play' market has multiple vulnerabilities...

Dice 3D - Base64 encoded String, Corrupted files, Dynamic Code Loading vulnerabilities

HackApp vulnerability scanner discovered that application Dice 3D published at the 'play' market has multiple vulnerabilities...

Bingo - Pharaoh's Secret - Base64 encoded String, Customized SSL, Dangerous filesystem permissions vulnerabilities

HackApp vulnerability scanner discovered that application Bingo - Pharaoh's Secret published at the 'play' market has multiple vulnerabilities...