Lucene search
K

67 matches found

Gitee
Gitee
added 2020/10/28 9:44 p.m.5 views

bettercap-proxy-modules

This is a collection of HTTP proxy modules for the BetterCap framework, a tool for performing network attacks and penetration testing. The modules are designed to be used with the BetterCap proxy server, which can be configured to intercept and modify HTTP traffic between a client and a server. T...

7AI score
Exploits0
vulnersOsv
vulnersOsv
added 2020/10/28 12:0 p.m.5 views

almond (=0.2.0), ascesis (=0.0.6) +86 more potentially affected by CVE-2020-36442 via beef (>=0.1.5 <=0.4.4)

beef CARGO version =0.1.5, =0.2.0, =0.1.0, =0.5.6, =0.1.0, =0.1.0, =0.5.4, =0.2.0, =0.2.0, =0.1.0, =0.1.2 and more Source cves: CVE-2020-36442 Source advisory: OSV:RUSTSEC-2020-0122...

8.1CVSS7.2AI score0.00766EPSS
Exploits0
Kitploit
Kitploit
added 2019/02/22 12:39 p.m.214 views

BeEF - The Browser Exploitation Framework Project

What is BeEF? BeEF is short for The BrowserExploitation Framework. It is a penetration testing tool that focuses on the web browser. Amid growing concerns about web-borne attacks against clients, including mobile clients, BeEF allows the professional penetration tester to assess the actual securi...

7.4AI score
Exploits0References7
Check Point Advisories
Check Point Advisories
added 2018/10/14 12:0 a.m.3 views

BeEF Browser Exploitation Framework Hooking Request

Browser Exploitation Framework BeEF operates by delivering malicious js payload to the victim's browser. Successful infection will allow the attacker host to take control of the victim's browser to lunch further attacks...

2.1AI score
Exploits0
Hacker One
Hacker One
added 2018/05/04 5:16 p.m.50 views

Zomato: XSS in "explore-keywords-dropdown" results.

It seems that people have exploited this vulnerability before on this website, however, it remains unpatched, so here I am reporting the vulnerability. A XSS vulnerability exists when a restaurant or dish is created with a malicious name. The title of the dish or restaurant is not properly filter...

0.3AI score
Exploits0
Kitploit
Kitploit
added 2018/01/29 12:57 p.m.92 views

Injectify - Perform Advanced MiTM Attacks On Websites With Ease

A modern BeEF inspired framework for the 21st century. Cross-platform clients = Web in-browser and Desktop Electron. Created from-scratch using pure NodeJS and Typescript. What can it do? Create a reverse Javascript shell between the victim and the attacker. Records keystrokes and logs them to a...

7.3AI score
Exploits0References5
ThreatPost
ThreatPost
added 2017/09/21 1:54 p.m.11 views

Iranian APT33 Targets U.S. Firms with Destructive Malware

The Iranian group known as APT33 is believed to be behind a cyberespionage campaign targeting aerospace, petrochemical and energy sector firms located in the United States, Saudi Arabia and South Korea. The group’s latest attack leverages a dropper called DropShot that is tied to the StoneDrill...

0.4AI score
Exploits0References3
Kitploit
Kitploit
added 2017/08/25 9:17 p.m.104 views

LANs.py - Inject Code, Jam Wifi, And Spy on Wifi Users

LANs.py Automatically find the most active WLAN users then spy on one of them and/or inject arbitrary HTML/JS into pages they visit. Individually poisons the ARP tables of the target box, the router and the DNS server if necessary. Does not poison anyone else on the network. Displays all most the...

7.2AI score
Exploits0References1
Kitploit
Kitploit
added 2017/07/28 3:7 p.m.15 views

Pythem - Penetration Testing Framework

pythem is a multi-purpose pentest framework written in Python. It has been developed to be used by security researchers and security professionals. The tool intended to be used only for acts within the law. I am not liable for any undue and unlawful act practiced by this tool, for more informatio...

7.5AI score
Exploits0References50
Schneier on Security
Schneier on Security
added 2017/05/26 9:12 p.m.22 views

Friday Squid Blogging: Squid and Chips

The excellent Montreal chef Marc-Olivier Frappier, of Joe Beef fame, has created a squid and chips dish for Brit & Chips restaurant. As usual, you can also use this squid post to talk about the security stories in the news that I haven't covered. Read my blog posting guidelines here...

6.9AI score
Exploits0
n0where
n0where
added 2017/02/07 6:12 a.m.20 views

Universal MITM Web Server: CopyCat

Universal MITM Web Server CopyCat is a Node.js based universal MITM web server. Used with DNS spoofing or another redirect attack, this server will act as a MITM for web traffic between the victim and a real server. Most often we see DNS spoofing used to redirect victims to an attackers server...

0.3AI score
Exploits0References1
n0where
n0where
added 2016/12/19 3:26 a.m.22 views

Automating Phishing Activities: PhishLulz

Automating Phishing Activities PhishLulz is a Ruby toolset aimed at automating Phishing activities When you start a phishing campaign, a dedicated Amazon EC2 Debian 7 instance is spawned. The VM comes with various open source tools that have been glued together. The two main components are:...

Exploits0References2
Kitploit
Kitploit
added 2016/12/09 2:55 p.m.18 views

PhishLulz - Ruby toolset aimed at automating Phishing activities

PhishLulz is a Ruby toolset aimed at automating Phishing activities. When you start a phishing campaign, a dedicated Amazon EC2 Debian 7 instance is spawned. The VM comes with various open source tools that have been glued together. The two main components are: PhishingFrenzy...

7.3AI score
Exploits0References4
Hacker One
Hacker One
added 2016/10/28 3:2 p.m.23 views

Revive Adserver: Reflected XSS on Zones > Invocation Code

"Cricetinae" : This report is similar to my earlier report: 170156. Short Description The Close text parameter in Inventory Zone Invocation Code is vulnerable to Cross-Site Scripting vulnerability. Steps to Reproduce 1. Logon or Work as an agent. 2. Navigate to Inventory Zones Invocation Code...

5.5AI score
Exploits0
Kitploit
Kitploit
added 2016/08/29 7:30 p.m.135 views

WiFi-Pumpkin v0.8.1 - Framework for Rogue Wi-Fi Access Point Attack

Framework for Rogue Wi-Fi Access Point Attack Description WiFi-Pumpkin is a open source security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 3.0.1/2.0.5 Python 2.7 git clone...

7.2AI score
Exploits0References8
0day.today
0day.today
added 2016/08/05 12:0 a.m.34 views

ntop / nbox 2.3 <= 2.5 - Multiple Vulnerabilities

Exploit for linux platform in category remote exploits E-DB Note: Source http://carnal0wnage.attackresearch.com/2016/08/got-any-rces.html The issues were found originally in nbox 2.3 and confirmed in nbox 2.5 To make things easier, I created a Vagrantfile with provisioning so you can have your ow...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2016/08/05 12:0 a.m.26 views

ntop 2.5 Cross Site Request Forgery / Command Execution

To make things easier, I created a Vagrantfile with provisioning so you can have your own nbox appliance and test my findings or give it a shot. There is more stuff to be found, trust me : https://github.com/javuto/nbox-pwnage Replace NTOP-BOX with the IP address of your appliance presuming that...

0.3AI score
Exploits0
Exploit DB
Exploit DB
added 2016/08/05 12:0 a.m.23 views

ntop/nbox 2.3 &lt; 2.5 - Multiple Vulnerabilities

E-DB Note: Source http://carnal0wnage.attackresearch.com/2016/08/got-any-rces.html The issues were found originally in nbox 2.3 and confirmed in nbox 2.5 To make things easier, I created a Vagrantfile with provisioning so you can have your own nbox appliance and test my findings or give it a shot...

7.4AI score
Exploits0
ThreatPost
ThreatPost
added 2016/05/23 5:33 p.m.17 views

Unraveling Turla APT Attack Against Swiss Defense Firm

Ever since hackers targeted Swiss defense contractor RUAG, government officials have been tight lipped about the breach. But on Monday Switzerland’s CERT Computer Emergency Readiness Team spilled the beans on the attack against the firm and the how perpetrators pulled it off. While Monday’s repor...

7.1AI score
Exploits0References4
Kitploit
Kitploit
added 2016/05/16 11:30 p.m.85 views

WiFi-Pumpkin v0.7.5 - Framework for Rogue Wi-Fi Access Point Attack

WiFi-Pumpkin is a security tool that provides the Rogue access point to Man-In-The-Middle and network attacks. Installation Kali 2.0/WifiSlax 4.11.1/Parrot 2.0.5 Python 2.7 git clone https://github.com/P0cL4bs/WiFi-Pumpkin.git cd WiFi-Pumpkin chmod +x installer.sh ./installer.sh --install refer t...

7.1AI score
Exploits0References7
Rows per page
Query Builder