Python Keylogger: Radium

Python Keylogger With Multiple Features Keystroke logging, often referred to as keylogging or keyboard capturing, is the action of recording logging the keys struck on a keyboard, typically covertly, so that the person using the keyboard is unaware that their actions are being monitored. Keyloggi...

Multi Gigabit Packet Capturing: PFQ

PFQ is a functional networking framework designed for the Linux operating system that allows efficient packets capture/transmission 10G and beyond, in-kernel functional processing and packets steering across sockets/end-points. PFQ is highly optimized for multi-core architecture, as well as for...

Wireless Network Security Auditing Bash Script: airgeddon

airgeddon is a living project growing day by day. This is the list of features so far: Interface mode switcher Monitor-Managed keeping selection even on interface name changing DoS over wireless networks using different methods. “DoS Pursuit mode” available to avoid AP channel hopping available...

Linux-Kernel-2.6.34-rc3

The kernel allows processes to access the internal .reiserfspriv directory at the top of a reiserfs filesystem which is used to store xattrs. Permissions are not enforced in that tree, so unprivileged users can view and potentially modify the xattrs on arbitrary files. import os, sys SHELL = 'int...

Authentication flaw

The Clientless SSL VPN portal customization framework in Cisco ASA Software 8.2 before 8.25.51, 8.3 before 8.32.42, 8.4 before 8.47.23, 8.6 before 8.61.14, 9.0 before 9.04.24, 9.1 before 9.15.12, and 9.2 before 9.22.4 does not properly implement authentication, which allows remote attackers to...

Cyber Espionage Group Ported Windows Malware to Mac

Till now we have seen a series of different malware targeting Windows operating system and not Mac, thanks to Apple in way it safeguard its devices’ security. But with time, cyber criminals and malware authors have found ways to exploit Mac as well. GROUP BEHIND THE MAC VERSION OF BACKDOOR...

OpenSSH rootkit backdoor tool with ssh sniffer

This is a private version of OpenSSH backdoor rootkit tool wih ssh sniffer. If u want to have a hidden acces to a unix server on ssh conexion you can us this tool safetly. Also this rootkit can catch all ssh conexiones from the server where install this tool. If a email protected or email protect...

[SECURITY] Fedora 20 Update: perl-Capture-Tiny-0.24-1.fc20

Capture::Tiny provides a simple, portable way to capture anything sent to STDOUT or STDERR, regardless of whether it comes from Perl, from XS code or from an external program. Optionally, output can be teed so that it is captured while being passed through to the original handles. Yes, it even...

[sniffMyPackets v1.0] A Maltego Set of Transforms for pcap analysis

sniffMyPackets is a set of Maltego transforms written using the Canari framework that allow for the analysis of pcap files. Currently there are over 60 transforms that cover things such as: extracting TCP/UDP streams rewriting IP src/dst addresses for pcap replay SHA1 & MD5 hashing Rebuilding of...

WPAD Listener

Added: 09/30/2013 Background The LLMNR Local Link Multicast Name Resolution protocol is used to answer wpad requests sent by Microsoft Windows. A rogue WPAD server delivers a wpad.dat file to poisoned hosts forcing them to proxy web requests through the SAINT server. In addition, browsers are...

Cisco SocialMiner Sensitive Information GET Request Vulnerability

A vulnerability in some of the gadgets of Cisco SocialMiner could allow an unauthenticated, remote attacker to collect sensitive information. The vulnerability is due to sensitive information being transmitted within a gadget's GET request. An attacker could exploit this vulnerability by capturin...

[SECURITY] Fedora 18 Update: kreversi-4.10.4-1.fc18

Kreversi is a simple one player strategy game played against the computer. The playing field is an 8 by 8 square board divided into 64 squares. The game pieces used are two sided stones, where each side has its own, distinctive color. If a piece is captured by an opposing player, that piece is...

Network Traffic Interception: Intercepter-NG

With great power comes great responsibility. New release for Intercepter-NG have been announced, this tool can be used for MITM attack on network during penetration test. the tool is very solid in sniffing passwords ,encrypted traffic , pictures transmitted over messengers and more. Intercepter i...

Windows Gather Screen Spy

This module will incrementally take desktop screenshots from the host. This allows for screen spying which can be useful to determine if there is an active user on a machine, or to record the screen for later data extraction. Note: As of March, 2014, the VIEWCMD option has been removed in favor o...

ActFax Server FTP - (Authenticated) Remote Buffer Overflow

!/usr/bin/python ----------------------------------------------------------------------------------- Exploit Title: ActFax Server FTP Remote BOF post auth Author: b33f - Ruben Boonen Software Link: http://www.actfax.com/download/actfaxsetupen.exe Tested on: Windows XP PRO SP3 version 2002 - VMwar...

CollabNet ScrumWorks Basic Server transmits credential information in plaintext

Overview Communication between the Collabnet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client transmits credential information in plaintext. Description The communication between the CollabNet ScrumWorks Basic Server and CollabNet ScrumWorks Desktop Client is transmitting credentia...

Mozilla Foundation Security Advisory 2008-02

Mozilla Foundation Security Advisory 2008-02 Title: Multiple file input focus stealing vulnerabilities Impact: Moderate Announced: February 7, 2008 Reporter: hong, Gregory Fleischer Products: Firefox, SeaMonkey Fixed in: Firefox 2.0.0.12 SeaMonkey 1.1.8 Description Security researchers hong and...

Ethernet Device Drivers Frame Padding Info Leakage Expl (Etherleak)

Exploit for multiple platform in category remote exploits ====================================================================== Ethernet Device Drivers Frame Padding Info Leakage Exploit Etherleak ====================================================================== !/usr/bin/perl -w etherleak,...

CVE-2006-6953

CVE-2006-6953 affects the GlobeTrotter Mobility Manager. The vulnerability arises from the virtual keyboard: when a key is pressed, its color changes, enabling local attackers to capture arbitrary keystrokes (e.g., passwords) via shoulder surfing or periodic screenshots. Exploitation is local and...

[Full-disclosure] User privilege escalation exploit.

Vendor: CyberSource Version: Business Center, Essentials/Small Business, https://businesscenter.cybersource.com/ Severity: Vulnerability allows malicious employees or comprimised accounts to steal money. Vendor Status: Notified, expects to fix issue some time in 2006. Overview: Business Center is...